Thank You for responding.
ComboFix 08-02.03.1 - Owner 2008-02-02 22:32:53.1 - NTFSx86
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Owner\Start Menu\Programs\Internet Speed Monitor
C:\Documents and Settings\Owner\Start Menu\Programs\Internet Speed Monitor\Check Now.lnk
C:\Documents and Settings\Owner\Start Menu\Programs\Internet Speed Monitor\Uninstall.lnk
C:\install.exe
C:\Program Files\akl
C:\Program Files\akl\akl.dll
C:\Program Files\akl\akl.exe
C:\Program Files\akl\curlog.htm
C:\Program Files\akl\keylog.txt
C:\Program Files\akl\readme.txt
C:\Program Files\akl\uninstall.exe
C:\Program Files\akl\unsetup.dat
C:\Program Files\akl\unsetup.exe
C:\Program Files\amsys
C:\Program Files\amsys\awmsg.dat
C:\Program Files\amsys\mfc42.dll
C:\Program Files\amsys\msvcrt.dll
C:\Program Files\amsys\unins000.dat
C:\Program Files\amsys\unis000.exe
C:\Program Files\amsys\winam.dat
C:\Program Files\e-zshopper
C:\Program Files\e-zshopper\BarLcher.dll
C:\Program Files\ISM
C:\Program Files\ISM\ism.exe
C:\Program Files\ISM\Uninstall.exe
C:\Program Files\p2pnetworks
C:\Program Files\p2pnetworks\amp2pl.exe
C:\WINDOWS\absolute key logger.lnk
C:\WINDOWS\aconti.exe
C:\WINDOWS\aconti.log
C:\WINDOWS\acontidialer.txt
C:\WINDOWS\adbar.dll
C:\WINDOWS\cbinst$.exe
C:\WINDOWS\daxtime.dll
C:\WINDOWS\default.htm
C:\WINDOWS\dp0.dll
C:\WINDOWS\eventlowg.dll
C:\WINDOWS\fhfmm-Uninstaller.exe
C:\WINDOWS\fhfmm.exe
C:\WINDOWS\hotporn.exe
C:\WINDOWS\ie_32.exe
C:\WINDOWS\jd2002.dll
C:\WINDOWS\kkcomp$.exe
C:\WINDOWS\kkcomp.dll
C:\WINDOWS\kkcomp.exe
C:\WINDOWS\liqad$.exe
C:\WINDOWS\liqad.dll
C:\WINDOWS\liqad.exe
C:\WINDOWS\liqui-Uninstaller.exe
C:\WINDOWS\liqui.dll
C:\WINDOWS\liqui.exe
C:\WINDOWS\ngd.dll
C:\WINDOWS\spredirect.dll
C:\WINDOWS\system32\acespy
C:\WINDOWS\system32\acespy\__acelog.ndx
C:\WINDOWS\system32\acespy\systune.exe
C:\WINDOWS\system32\smbols~1
C:\WINDOWS\xadbrk.dll
C:\WINDOWS\xadbrk.exe
C:\WINDOWS\xadbrk_.exe
C:\WINDOWS\xxxvideo.exe
.
((((((((((((((((((((((((( Files Created from 2008-01-03 to 2008-02-03 )))))))))))))))))))))))))))))))
.
2008-02-01 01:10 . 2008-02-01 01:10 <DIR> d-------- C:\Program Files\Alwil Software
2008-02-01 01:10 . 2007-12-04 08:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-01 01:10 . 2007-12-04 07:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-01 01:10 . 2007-12-04 09:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-01 01:10 . 2007-12-04 09:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-01 01:10 . 2007-12-04 09:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-01 01:10 . 2007-12-04 09:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-01 01:10 . 2007-12-04 09:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-01-30 08:33 . 2008-01-30 08:33 2,396 --a------ C:\WINDOWS\system32\tmp.reg
2008-01-30 08:30 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-01-30 08:30 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-01-30 08:30 . 2008-01-27 14:37 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-01-30 08:30 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-01-30 08:30 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-01-30 08:18 . 2008-01-30 08:18 <DIR> d-------- C:\Program Files\Sun
2008-01-30 08:18 . 2007-12-14 01:59 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-01-30 03:15 . 2008-01-30 03:15 270,698 --a------ C:\WINDOWS\system32\L50EC.tmp
2008-01-30 03:15 . 2008-01-30 03:15 181,965 --a------ C:\WINDOWS\system32\L3F58.tmp
2008-01-30 00:23 . 2008-01-30 00:23 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Ipswitch
2008-01-30 00:23 . 2008-01-30 00:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ipswitch
2008-01-30 00:23 . 2005-02-28 12:37 606,293 --a------ C:\WINDOWS\system32\wbocx.ocx
2008-01-30 00:23 . 2005-02-28 12:37 50,688 --a------ C:\WINDOWS\system32\wbhelp2.dll
2008-01-30 00:22 . 2008-01-30 00:22 <DIR> d-------- C:\Program Files\Ipswitch
2008-01-30 00:22 . 2008-01-30 00:22 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\InstallShield
2008-01-29 08:14 . 2008-01-29 08:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-29 08:09 . 2008-01-30 22:54 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-01-29 08:09 . 2008-01-30 22:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-29 07:30 . 2008-01-29 07:30 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Ipswitch
2008-01-29 00:10 . 2008-01-31 08:50 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\AVG7
2008-01-28 08:38 . 2008-01-28 08:38 <DIR> d-------- C:\Program Files\Trend Micro
2008-01-27 23:33 . 2004-08-27 04:54 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-01-27 23:33 . 2008-01-27 23:33 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2008-01-27 23:33 . 2004-11-01 20:32 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\SampleView
2008-01-27 23:33 . 2004-11-01 20:33 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\McAfee
2008-01-27 22:13 . 2008-01-27 22:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-01-27 22:12 . 2008-01-31 07:37 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-01-27 22:12 . 2008-01-27 22:12 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2008-01-27 22:11 . 2008-01-29 08:13 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-27 10:22 . 2008-01-27 10:22 89,617 --a------ C:\winpzbe.exe
2008-01-27 10:22 . 2008-01-27 10:22 89,617 --a------ C:\WINDOWS\system32\mhgyttttttttt2332.exe
2008-01-27 07:59 . 2008-01-27 07:59 47,113 --a------ C:\ebay1.nso
2008-01-27 07:59 . 2008-01-27 07:59 7,499 --a------ C:\ebay1.gif
2008-01-27 07:56 . 2008-01-27 07:56 833,574 --a------ C:\ebay.bmp
2008-01-22 01:16 . 2008-01-22 01:17 <DIR> d-------- C:\KEP2
2008-01-22 01:13 . 2006-05-10 01:35 <DIR> d-------- C:\KEproject2
2008-01-19 00:51 . 2008-01-19 01:50 <DIR> d-------- C:\Program Files\Orwell
2008-01-19 00:51 . 2008-01-19 00:51 <DIR> d-------- C:\Program Files\Common Files\Thraex Software
2008-01-19 00:51 . 2008-01-19 00:51 93,808 --a------ C:\WINDOWS\Orwell Uninstaller.exe
2008-01-18 23:59 . 2008-01-18 23:59 499,542 --a------ C:\bizloanheader.nso
2008-01-18 23:59 . 2008-01-18 23:59 14,661 --a------ C:\bizloanheader.jpg
2008-01-18 22:43 . 2008-01-18 22:48 86,516 --a------ C:\payday header11.nso
2008-01-18 22:43 . 2008-01-18 22:48 43,830 --a------ C:\payday header11.gif
2008-01-15 00:22 . 2008-02-02 08:58 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\AVG7
2008-01-15 00:14 . 2008-01-15 00:14 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-01-15 00:13 . 2008-01-15 00:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-15 00:13 . 2008-01-15 00:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-01-12 09:33 . 2008-01-12 09:33 0 --a------ C:\Documents and Settings\Owner\Application Data\wklnhst.dat
2008-01-12 02:52 . 2008-01-12 02:52 18,932 --a------ C:\teletrak.kep
2008-01-12 02:45 . 2008-01-12 02:45 18,932 --a------ C:\tt.kep
2008-01-12 00:26 . 2008-01-12 00:26 4 --a------ C:\results.bin
2008-01-11 00:27 . 2008-01-12 00:42 <DIR> d-------- C:\Program Files\Keyword Elite
2008-01-07 01:07 . 2008-01-08 00:17 20,022 --a------ C:\BREED2.bmp
2008-01-07 01:06 . 2008-01-07 01:06 53,046 --a------ C:\BREED.bmp
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-02 01:07 --------- d-----w C:\Program Files\Macro Express3
2008-01-30 13:18 --------- d-----w C:\Program Files\Java
2008-01-30 05:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-29 15:30 --------- d-----w C:\Documents and Settings\Owner\Application Data\U3
2008-01-29 13:15 --------- d-----w C:\Program Files\Lavasoft
2008-01-29 13:15 --------- d-----w C:\Documents and Settings\Owner\Application Data\Lavasoft
2008-01-25 06:03 --------- d-----w C:\Documents and Settings\Owner\Application Data\AdobeUM
2007-12-11 04:03 --------- d-----w C:\Program Files\Snarfware
2007-08-18 04:40 1,372,160 ----a-w C:\Documents and Settings\Owner\craigslist.exe
2007-05-03 04:55 32,768 ----a-w C:\Documents and Settings\Owner\craigslist.XmlSerializers.dll
2006-07-10 17:21 131,072 ----a-w C:\Documents and Settings\Owner\Interop.SHDocVw.dll
2006-05-18 01:15 8,007,680 ----a-w C:\Documents and Settings\Owner\Microsoft.mshtml.dll
2005-12-12 07:19 45,056 ----a-w C:\Documents and Settings\Owner\AxInterop.SHDocVw.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2005-06-14 10:05 6856704]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24 1694208]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06 1318912]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 22:42 32768]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2002-09-13 15:42 212992]
"Motive SmartBridge"="C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe" [2005-04-13 19:51 385024]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-08-20 18:51 118784]
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-09-13 21:36 50688]
"MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 11:05 212992]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 17:29 303104]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 03:42 144784]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 08:00 79224]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-15 00:14 219136]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Macro Express 3.lnk - C:\Program Files\Macro Express3\MacExp.exe [2007-06-26 09:10:53 3160064]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnmmkh]
nnnmmkh.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk
backup=C:\WINDOWS\pss\America Online 9.0 Tray Icon.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BigFix.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BigFix.lnk
backup=C:\WINDOWS\pss\BigFix.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\A Verizon App]
--a------ 2005-05-23 13:20 50744 C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
--a------ 2008-01-15 08:48 579072 C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 14:00 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
C:\Program Files\Free Download Manager\fdm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
C:\Program Files\Common Files\AOL\1134273021\ee\AOLHostManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
--a------ 2004-08-20 18:55 155648 C:\WINDOWS\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MarketerSOSoftwareUpdate]
--a------ 2007-08-03 15:31 233472 C:\WINDOWS\system32\MarketerSOSoftwareUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAV CfgWiz]
C:\Program Files\Norton AntiVirus\CfgWiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snarfer]
--a------ 2007-12-10 23:03 217856 C:\Program Files\Snarfware\Snarfer\snarfer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]
C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunKistEM]
--a------ 2004-10-18 17:05 135168 C:\Program Files\Digital Media Reader\shwiconem.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\_AntiSpyware]
C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MDM"=2 (0x2)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{05d550c9-1231-11db-999e-00038a000015}]
\Shell\AutoRun\command - J:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6fa0e433-f69a-11da-9999-00038a000015}]
\Shell\AutoRun\command - J:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd0c32f1-2c6c-11d9-bf13-806d6172696f}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480
*Newly Created Service* - AAVMKER4
*Newly Created Service* - ASWMON2
*Newly Created Service* - ASWRDR
*Newly Created Service* - ASWTDI
*Newly Created Service* - ASWUPDSV
*Newly Created Service* - AVAST!_ANTIVIRUS
*Newly Created Service* - AVAST!_MAIL_SCANNER
*Newly Created Service* - AVAST!_WEB_SCANNER
.
Contents of the 'Scheduled Tasks' folder
"2008-02-02 14:14:00 C:\WINDOWS\Tasks\AOL Morning StartUp -_26052006091124.job"
- C:\Program Files\Workspace Macro 4.5\Workspace Macro.exe
"2006-05-28 14:34:00 C:\WINDOWS\Tasks\Calculator.job"
- C:\WINDOWS\system32\calc.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-02-02 22:40:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-02-02 22:52:56
ComboFix-quarantined-files.txt 2008-02-03 03:52:50
.
2008-01-31 10:18:29 --- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:59:08 PM, on 2/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Macro Express3\MacExp.exe
C:\Program Files\Snarfware\Snarfer\snarfer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\ComboFix\kmd.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Macro Express 3.lnk = C:\Program Files\Macro Express3\MacExp.exe
O8 - Extra context menu item: + Web&Pipe: Download the link - file://C:\Program Files\WebPipe\Add_UrlO.htm
O8 - Extra context menu item: + WebP&ipe: Download the current page - file://C:\Program Files\WebPipe\Add_AllO.htm
O9 - Extra button: iOpus iMacros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\Program Files\iMacros\imacros.dll (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: nnnmmkh - nnnmmkh.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Feedreader Connect service (feedreaderSrvApp) - I-Systems OÜ - C:\Program Files\Feedreader Connect\frcupdater.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe (file missing)
O23 - Service: Feedreader Connect indexer (frcIndexerService) - I-Systems OÜ - C:\Program Files\Feedreader Connect\indexer\frcindexer.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
--
End of file - 6394 bytes