Here is the ComboFix Log...
ComboFix 08-02-15.2 - HP_Administrator 2008-02-16 3:46:00.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.789 [GMT 11:00]
Running from: C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\Z93TMCAR\ComboFix[1].exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Common Files\{3C684~1
C:\Program Files\Common Files\{3C684~1\Uninst.exe
C:\Program Files\Common Files\{4C684~1
C:\Program Files\inetget2
C:\Program Files\printview
C:\Program Files\printview\chnlist.dat
C:\Program Files\printview\hotlist.dat
C:\Program Files\printview\printhook030.dll
C:\Program Files\printview\remlist.dat
C:\Program Files\printview\setup.exe
C:\WINDOWS\Downloaded Program Files\speedtest2.dll
C:\WINDOWS\system32\drivers\sfsync03.sys
D:\Autorun.inf
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_SFSYNC03
-------\sfsync03
((((((((((((((((((((((((( Files Created from 2008-01-15 to 2008-02-15 )))))))))))))))))))))))))))))))
.
2008-02-15 02:43 . 2008-02-15 02:44 <DIR> d-------- C:\Program Files\NINTENDO DS GAME BROWSER
2008-02-15 02:43 . 2008-02-15 02:43 286,720 --------- C:\WINDOWS\Setup1.exe
2008-02-15 02:43 . 2008-02-15 02:43 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
2008-02-10 15:43 . 2008-02-10 15:44 <DIR> d-------- C:\Program Files\ACW
2008-02-09 04:26 . 2008-02-09 04:26 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-09 03:55 . 2008-02-10 15:47 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2008-02-02 00:11 . 2008-02-02 00:11 <DIR> d-------- C:\WINDOWS\system32\Plugins
2008-02-01 17:28 . 2008-02-01 17:28 <DIR> d-------- C:\Program Files\Unity
2008-01-29 12:23 . 2008-01-29 12:23 <DIR> d-------- C:\WINDOWS\system32\bak
2008-01-29 12:23 . 2008-01-29 17:08 <DIR> d-------- C:\WINDOWS\system\bak
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-15 17:06 --------- d-----w C:\Program Files\Steam2
2008-02-15 11:05 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\BitTorrent
2008-02-15 05:35 --------- d-----w C:\Documents and Settings\Victoria.COMPUTER\Application Data\LimeWire
2008-02-15 03:55 --------- d-----w C:\Program Files\BitTorrent
2008-02-14 22:33 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-02-13 09:12 --------- d-----w C:\Program Files\WiFiConnector
2008-02-12 08:20 --------- d-----w C:\Program Files\PokerStars.NET
2008-02-10 04:30 --------- d-----w C:\Program Files\MyFree Codec
2008-02-09 05:18 --------- d-----w C:\Program Files\MSN Messenger
2008-02-08 06:30 --------- d-----w C:\Program Files\Common Files\Ahead
2008-02-08 06:22 --------- d-----w C:\Program Files\PhanTim3
2008-02-08 06:21 --------- d-----w C:\Program Files\DAP
2008-02-08 06:19 --------- d-----w C:\Program Files\Google
2008-01-29 09:41 --------- d-----w C:\Program Files\MySpace
2008-01-29 01:30 --------- d-----w C:\Program Files\Winamp
2008-01-29 01:30 --------- d-----w C:\Program Files\QuickTime
2008-01-29 01:30 --------- d-----w C:\Program Files\Norton Internet Security
2008-01-29 01:30 --------- d-----w C:\Program Files\iTunes
2008-01-11 12:19 --------- d-----w C:\Program Files\City of Heroes
2008-01-05 04:38 --------- d-----w C:\Documents and Settings\Victoria.COMPUTER\Application Data\Winamp
2008-01-03 07:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-02 08:25 --------- d-----w C:\Documents and Settings\Victoria.COMPUTER\Application Data\MusicNet
2008-01-02 07:19 65,024 ----a-w C:\WINDOWS\IFinst26.exe
2008-01-02 07:19 --------- d-----w C:\Program Files\MarkAny
2008-01-02 07:19 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\DataCast
2008-01-02 07:18 --------- d-----w C:\Program Files\Samsung
2008-01-02 07:17 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\InstallShield
2007-12-24 12:21 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\dvdcss
2007-12-23 09:58 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\Skype
2007-12-23 07:10 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-12-23 07:10 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\skypePM
2007-12-23 07:08 --------- d-----w C:\Program Files\Skype
2007-12-23 07:08 --------- d-----w C:\Program Files\Common Files\Skype
2007-12-23 07:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
2007-12-20 16:10 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-12-15 02:10 --------- d-----w C:\Documents and Settings\Ken\Application Data\Winamp
2007-12-15 02:04 --------- d-----w C:\Documents and Settings\Ken\Application Data\MySpace
2006-10-22 11:06 113,664 ----a-w C:\Documents and Settings\Ailiesh.COMPUTER\goll.exe
2006-10-22 11:06 109,056 ----a-w C:\Documents and Settings\Ailiesh.COMPUTER\drv.exe
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
----a-w 253,952 2005-05-11 00:50:42 C:\hp\drivers\hplsbwatcher\bak\lsburnwatcher.exe
----a-w 14,348 2008-01-29 01:28:26 C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
----a-w 61,440 2005-02-02 23:44:24 C:\hp\KBD\bak\KBD.EXE
----a-w 14,348 2008-01-29 01:28:26 C:\hp\KBD\KBD.EXE
----a-w 153,136 2007-03-01 05:57:24 C:\Program Files\Common Files\Ahead\Lib\bak\NeroCheck.exe
----a-w 152,872 2007-06-27 09:03:40 C:\Program Files\Common Files\Ahead\Lib\bak\NMBgMonitor.exe
----a-w 284,184 2006-10-30 14:03:48 C:\Program Files\Common Files\Logitech\LComMgr\bak\Communications_Helper.exe
----a-w 14,348 2008-01-29 01:28:26 C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
----a-w 244,512 2006-11-15 11:01:52 C:\Program Files\Common Files\Logitech\LComMgr\bak\LVComSX.exe
----a-w 14,348 2008-01-29 01:28:26 C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
----a-w 49,824 2006-04-12 01:54:46 C:\Program Files\Common Files\Symantec Shared\bak\ccApp.exe
----a-w 14,348 2008-01-29 01:28:26 C:\Program Files\Common Files\Symantec Shared\ccApp.exe
----a-w 49,152 2005-06-02 06:35:56 C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\bak\hphupd08.exe
----a-w 14,348 2008-01-29 01:28:26 C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
----a-w 49,152 2005-05-11 20:12:54 C:\Program Files\HP\HP Software Update\bak\HPwuSchd2.exe
----a-w 14,348 2008-01-29 01:28:26 C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
----a-w 256,576 2006-10-29 22:36:36 C:\Program Files\iTunes\bak\iTunesHelper.exe
----a-w 14,348 2008-01-29 01:28:26 C:\Program Files\iTunes\iTunesHelper.exe
----a-w 132,496 2007-09-24 14:11:35 C:\Program Files\Java\jre1.6.0_03\bin\bak\jusched.exe
----a-w 14,348 2008-01-29 01:28:26 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
----a-w 746,520 2006-11-15 10:58:40 C:\Program Files\Logitech\QuickCam10\bak\QuickCam10.exe
----a-w 14,348 2008-01-29 01:28:26 C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
----a-w 22,656 2005-03-30 00:03:18 C:\Program Files\Norton Internet Security\bak\UrlLstCk.exe
----a-w 14,348 2008-01-29 01:28:26 C:\Program Files\Norton Internet Security\UrlLstCk.exe
----a-w 282,624 2006-10-25 07:58:18 C:\Program Files\QuickTime\bak\qttask.exe
----a-w 14,348 2008-01-29 01:28:26 C:\Program Files\QuickTime\qttask.exe
----a-w 132,624 2007-09-19 21:23:44 C:\Program Files\Samsung\Samsung Media Studio 5\bak\SMSTray.exe
----a-w 14,348 2008-01-29 01:28:26 C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
----a-w 81,920 2006-01-06 16:36:10 C:\Program Files\Sony\SonicStage\bak\SsAAD.exe
----a-w 14,348 2008-01-29 01:28:26 C:\Program Files\Sony\SonicStage\SsAAD.exe
----a-w 36,352 2007-10-10 05:28:32 C:\Program Files\Winamp\bak\winampa.exe
----a-w 14,348 2008-01-29 01:28:26 C:\Program Files\Winamp\winampa.exe
----a-w 663,552 2004-12-13 15:23:44 C:\WINDOWS\CREATOR\bak\Remind_XP.exe
----a-w 14,348 2008-01-29 01:28:26 C:\WINDOWS\CREATOR\Remind_XP.exe
----a-w 64,512 2005-08-05 10:56:34 C:\WINDOWS\ehome\bak\ehtray.exe
----a-w 64,512 2005-08-05 10:56:34 C:\WINDOWS\ehome\ehtray.exe
----a-w 208,952 2004-08-10 11:00:00 C:\WINDOWS\ime\imjp8_1\bak\IMJPMIG.EXE
----a-w 208,952 2004-08-10 11:00:00 C:\WINDOWS\ime\imjp8_1\imjpmig.exe
----a-w 233,472 2004-04-14 20:43:46 C:\WINDOWS\SMINST\bak\RECGUARD.EXE
----a-w 14,348 2008-01-29 01:28:26 C:\WINDOWS\SMINST\RECGUARD.EXE
----a-w 181 2008-02-12 08:46:53 C:\WINDOWS\system\bak\hpsysdrv.DAT
----a-w 246 2008-01-29 05:38:07 C:\WINDOWS\system\hpsysdrv.dat
----a-w 52,736 1998-05-07 16:04:38 C:\WINDOWS\system\bak\hpsysdrv.exe
----a-w 14,348 2008-01-29 01:28:26 C:\WINDOWS\system\hpsysdrv.exe
----a-w 15,360 2004-08-10 12:00:00 C:\WINDOWS\system32\bak\ctfmon.exe
----a-w 15,360 2004-08-10 12:00:00 C:\WINDOWS\system32\ctfmon.exe
----a-w 59,392 2004-08-10 11:00:00 C:\WINDOWS\system32\IME\PINTLGNT\bak\ImScInst.exe
----a-w 59,392 2004-08-10 11:00:00 C:\WINDOWS\system32\IME\PINTLGNT\imscinst.exe
----a-w 455,168 2004-08-10 11:00:00 C:\WINDOWS\system32\IME\TINTLGNT\bak\TINTSETP.EXE
----a-w 455,168 2004-08-10 11:00:00 C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [ ]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 23:00 15360]
"MSMSGS"="C:\PROGRA~1\MESSEN~1\msmsgs.exe" [2004-10-14 10:24 1694208]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [2007-09-08 10:01 43008]
"igndlm.exe"="C:\Program Files\IGN\Download Manager\dlm.exe" [2007-03-05 14:57 1103480]
"Steam"="C:\Program Files\Steam2\Steam.exe" [2007-12-01 22:16 1266936]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [ ]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2007-10-17 02:29 3313664]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-12-19 12:47 8720384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 21:56 64512]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-10 22:00 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 22:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 22:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 22:00 455168]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 00:19 77312 C:\WINDOWS\arpwrmsg.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2008-01-29 12:28 14348]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [2008-01-29 12:28 14348]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-08 01:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 C:\WINDOWS\system32\nwiz.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-05-04 12:43 90112 C:\WINDOWS\SOUNDMAN.EXE]
"AlcWzrd"="ALCWZRD.EXE" [2005-05-05 04:01 2805248 C:\WINDOWS\ALCWZRD.EXE]
"HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2008-01-29 12:28 14348]
"KBD"="C:\HP\KBD\KBD.EXE" [2008-01-29 12:28 14348]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2008-01-29 12:28 14348]
"ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-01-29 12:28 14348]
"URLLSTCK.exe"="c:\Program Files\Norton Internet Security\UrlLstCk.exe" [2008-01-29 12:28 14348]
"PS2"="C:\WINDOWS\system32\ps2.exe" [ ]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2008-01-29 12:28 14348]
"Reminder"="C:\Windows\Creator\Remind_XP.exe" [2008-01-29 12:28 14348]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPwuSchd2.exe" [2008-01-29 12:28 14348]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2008-01-29 12:28 14348]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-01-29 12:28 14348]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-29 12:28 14348]
"LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [ ]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2008-01-29 12:28 14348]
"LVCOMSX"="C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" [2008-01-29 12:28 14348]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2008-01-29 12:28 14348]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 12:22 86016]
"WinampAgent"="C:\PROGRAM FILES\WINAMP\winampa.exe" [2008-01-29 12:28 14348]
"SMSTray"="C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2008-01-29 12:28 14348]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-12-19 12:47 8720384]
C:\Documents and Settings\Victoria.COMPUTER\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe [2007-08-17 09:00:00 147456]
C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\
Picture Motion Browser Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-01-20 16:19:19 229376]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 12:44:06 29696]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 07:23:26 282624]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 16:51 192512]
R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2007-10-12 08:34]
S2 o6kagpmgo;Print Spooler Service;C:\WINDOWS\system32\osj.exe []
S3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2005-12-09 15:37]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
.
Contents of the 'Scheduled Tasks' folder
"2008-02-13 01:13:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-02-15 09:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - HP_Administrator.job"
- c:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeh/task:
"2008-02-10 02:00:00 C:\WINDOWS\Tasks\Rising Conflicts Updates.job"
- C:\WINDOWS\Installer\Rising Conflicts Updates.lnk
"2006-10-12 23:20:02 C:\WINDOWS\Tasks\Update Rising Conflicts.job"
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-02-16 04:05:51
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Java\jre1.6.0_03\bin\bak\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
.
**************************************************************************
.
Completion time: 2008-02-16 4:13:57 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-15 17:13:53
.
2007-12-20 16:10:45 --- E O F ---
And the HijackThis log....
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:22:57 AM, on 16/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Java\jre1.6.0_03\bin\bak\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MESSEN~1\msmsgs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Steam2\Steam.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page =
http://go.microsoft....k/?LinkId=54843O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] "C:\PROGRAM FILES\WINAMP\winampa.exe"
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\IGN\Download Manager\dlm.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam2\Steam.exe" -silent
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) -
http://zone.msn.com/...UI.cab53083.cabO16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) -
http://www.fileplane...C_2.3.2.100.cabO16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) -
http://zone.msn.com/...dy.cab53083.cabO16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) -
http://zone.msn.com/...at.cab53083.cabO16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -
http://download.divx...owserPlugin.cabO16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) -
http://secure2.comne...login-devel.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zon...nt.cab31267.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://messenger.zon...ro.cab56649.cabO16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) -
http://messenger.zon...ot.cab57213.cabO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zon...nt.cab56907.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.m...ash/swflash.cabO16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) -
http://zone.msn.com/...xy.cab53852.cabO16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) -
http://messenger.zon...er.cab56986.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{0C08AD9A-2E3B-44FB-9CFD-54BEC3ADB82A}: Domain = nsw.bigpond.net.au
O17 - HKLM\System\CS1\Services\Tcpip\..\{0C08AD9A-2E3B-44FB-9CFD-54BEC3ADB82A}: Domain = nsw.bigpond.net.au
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Print Spooler Service (o6kagpmgo) - Unknown owner - C:\WINDOWS\system32\osj.exe (file missing)
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 14377 bytes
Edited by DForce, 15 February 2008 - 11:26 AM.
This topic is locked
Sign In
Create Account
