Anyway, here's the Combofix log first:
ComboFix 08-02-17.2 - Kevin 2008-02-18 10:21:54.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.465 [GMT 0:00]
Running from: C:\Documents and Settings\Kevin\Desktop\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2008-01-18 to 2008-02-18 )))))))))))))))))))))))))))))))
.
2008-02-16 20:10 . 2008-02-16 20:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-02-16 20:08 . 2008-02-16 20:08 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-16 19:22 . 2008-02-16 19:22 <DIR> d-------- C:\Deckard
2008-02-16 17:05 . 2008-02-16 17:05 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-16 16:19 . 2008-02-16 16:16 691,545 --a------ C:\WINDOWS\unins000.exe
2008-02-16 16:19 . 2008-02-16 16:19 3,446 --a------ C:\WINDOWS\unins000.dat
2008-02-16 13:35 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\system32\drivers\SDTHOOK.SYS
2008-02-16 13:18 . 2008-02-16 15:18 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2008-02-16 13:18 . 2008-02-16 13:18 30,590 --a------ C:\WINDOWS\system32\pavas.ico
2008-02-16 13:18 . 2008-02-16 13:18 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
2008-02-16 13:18 . 2008-02-16 13:18 1,406 --a------ C:\WINDOWS\system32\Help.ico
2008-02-16 09:13 . 2008-02-16 09:13 <DIR> d-------- C:\Documents and Settings\Kevin\Application Data\Grisoft
2008-02-16 09:09 . 2007-05-30 12:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-02-15 19:50 . 2001-08-17 13:28 771,581 --a--c--- C:\WINDOWS\system32\dllcache\winacisa.sys
2008-02-15 19:49 . 2001-08-17 13:28 794,654 --a--c--- C:\WINDOWS\system32\dllcache\usr1801.sys
2008-02-15 19:48 . 2001-08-17 12:18 285,760 --a--c--- C:\WINDOWS\system32\dllcache\stlnata.sys
2008-02-15 19:47 . 2001-08-17 22:36 495,616 --a--c--- C:\WINDOWS\system32\dllcache\sblfx.dll
2008-02-15 19:46 . 2001-08-17 13:28 899,146 --a--c--- C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2008-02-15 19:45 . 2001-08-17 14:05 351,616 --a--c--- C:\WINDOWS\system32\dllcache\ovcodek2.sys
2008-02-15 19:44 . 2003-03-31 12:00 1,875,968 --a--c--- C:\WINDOWS\system32\dllcache\msir3jp.lex
2008-02-15 19:44 . 2003-03-31 12:00 229,439 --a--c--- C:\WINDOWS\system32\dllcache\multibox.dll
2008-02-15 19:44 . 2003-03-31 12:00 111,104 --a--c--- C:\WINDOWS\system32\dllcache\mtstocom.exe
2008-02-15 19:44 . 2001-08-17 12:50 103,296 --a--c--- C:\WINDOWS\system32\dllcache\mtxvideo.sys
2008-02-15 19:44 . 2003-03-31 12:00 98,304 --a--c--- C:\WINDOWS\system32\dllcache\msir3jp.dll
2008-02-15 19:44 . 2004-08-04 07:09 49,024 --a--c--- C:\WINDOWS\system32\dllcache\mstape.sys
2008-02-15 19:44 . 2001-08-17 14:02 35,200 --a--c--- C:\WINDOWS\system32\dllcache\msgame.sys
2008-02-15 19:44 . 2004-08-04 07:00 22,016 --a--c--- C:\WINDOWS\system32\dllcache\msircomm.sys
2008-02-15 19:44 . 2001-08-17 13:48 12,416 --a--c--- C:\WINDOWS\system32\dllcache\msriffwv.sys
2008-02-15 19:44 . 2001-08-17 13:48 6,016 --a--c--- C:\WINDOWS\system32\dllcache\msfsio.sys
2008-02-15 19:44 . 2001-08-17 14:00 2,944 --a--c--- C:\WINDOWS\system32\dllcache\msmpu401.sys
2008-02-15 19:42 . 2003-03-31 12:00 315,452 --a--c--- C:\WINDOWS\system32\dllcache\imskf.dll
2008-02-15 19:41 . 2003-03-31 12:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-02-15 19:40 . 2001-08-17 14:56 1,733,120 --a--c--- C:\WINDOWS\system32\dllcache\g400d.dll
2008-02-15 19:39 . 2001-08-17 12:14 952,007 --a--c--- C:\WINDOWS\system32\dllcache\diwan.sys
2008-02-15 19:38 . 2001-08-17 22:36 614,429 --a--c--- C:\WINDOWS\system32\dllcache\digiview.exe
2008-02-15 19:37 . 2003-03-31 12:00 1,677,824 --a--c--- C:\WINDOWS\system32\dllcache\chsbrkr.dll
2008-02-15 19:36 . 2001-08-17 13:28 871,388 --a--c--- C:\WINDOWS\system32\dllcache\bcmdm.sys
2008-02-15 19:35 . 2001-08-17 13:28 762,780 --a--c--- C:\WINDOWS\system32\dllcache\3cwmcru.sys
2008-02-15 19:34 . 2001-08-17 14:56 66,048 --a--c--- C:\WINDOWS\system32\dllcache\s3legacy.dll
2008-02-10 22:57 . 2008-02-11 22:24 <DIR> d-------- C:\Documents and Settings\Kevin\Application Data\AVG7
2008-02-10 22:56 . 2008-02-10 22:56 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-02-10 22:56 . 2008-02-10 22:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-02-10 22:56 . 2008-02-16 09:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-02-09 20:45 . 2008-02-09 20:45 <DIR> d-------- C:\Documents and Settings\Kevin\Application Data\Tenebril
2008-02-09 20:36 . 2008-02-09 20:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Tenebril
2008-02-09 20:32 . 2008-02-09 20:32 <DIR> d-------- C:\WINDOWS\system32\tenarchlib
2008-02-09 20:32 . 2005-10-12 23:10 180,224 --a-s---- C:\WINDOWS\system32\archlib.dll
2008-02-09 19:25 . 2008-02-09 19:25 <DIR> d-------- C:\Program Files\Agnitum
2008-02-09 19:25 . 2008-02-09 19:25 <DIR> d-------- C:\Documents and Settings\Kevin\Application Data\Ringjacker
2008-01-19 21:59 . 2005-09-23 07:29 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2008-01-19 21:57 . 2008-01-20 10:10 <DIR> d-------- C:\Program Files\Google
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-18 10:33 --------- d-----w C:\Documents and Settings\Kevin\Application Data\OnlineArmor
2008-02-18 10:33 --------- d-----w C:\Documents and Settings\Kevin\Application Data\MailWasherPro
2008-02-18 07:48 --------- d-----w C:\Program Files\eSignal
2008-02-17 20:15 --------- d-----w C:\Documents and Settings\Kevin\Application Data\Skype
2008-02-17 20:14 --------- d-----w C:\Documents and Settings\Kevin\Application Data\skypePM
2008-02-16 18:42 --------- d-----w C:\Program Files\Lx_cats
2008-02-16 16:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-16 14:19 --------- d-----w C:\Program Files\Qlock
2008-02-16 14:12 --------- d-----w C:\Program Files\MailWasher
2008-02-16 14:12 --------- d-----w C:\Program Files\Lexmark 5400 Series
2008-02-10 16:41 --------- d-----w C:\Program Files\Satellite TV for PC
2008-02-09 21:09 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-02-09 20:25 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-10 23:54 921,632 ----a-w C:\PA7311.DAT
2008-01-09 23:37 --------- d-----w C:\Program Files\MySpeed PC2
2008-01-09 23:36 30,601 ----a-w C:\Documents and Settings\Kevin\x.exe
2007-12-27 20:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\OnlineArmor
2007-12-27 20:04 --------- d-----w C:\Program Files\Tall Emu
2007-12-27 19:56 --------- d-----w C:\Program Files\iVocalize Web Conference 4
2007-12-27 19:56 --------- d-----w C:\Program Files\eMini-Master.com
2007-12-27 19:56 --------- d-----w C:\Program Files\Common Files\Skype
2007-12-27 19:56 --------- d-----w C:\Program Files\Common Files\PCCamera
2007-12-27 19:56 --------- d-----w C:\Program Files\Common Files\InstallerA
2007-12-27 19:56 --------- d-----w C:\Program Files\CCleaner
2007-12-27 19:56 --------- d-----w C:\Program Files\BTopenworld
2007-12-27 19:56 --------- d-----w C:\Program Files\BT Home Hub
2007-12-27 19:56 --------- d-----w C:\Program Files\Abbyy FineReader 6.0 Sprint
2007-12-27 19:56 --------- d-----w C:\Documents and Settings\Kevin\Application Data\Media Player Classic
2007-12-24 15:56 --------- d-----w C:\Program Files\Common Files\Agnitum Shared
2007-12-22 09:51 557,056 ----a-w C:\Documents and Settings\Kevin\GoToAssist_phone__306_en.exe
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
2007-11-16 19:29 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2006-12-02 02:05 557,056 ----a-w C:\Documents and Settings\Kevin\chatlnk.exe
2006-08-14 15:20 4,334 ----a-w C:\Program Files\Deploy4.log
2006-06-22 20:51 131,072 ----a-w C:\Documents and Settings\All Users\mapi32.dll
2006-02-13 12:08 138 ----a-w C:\Program Files\INSTALL.LOG
2006-02-12 23:31 37 ------w C:\Documents and Settings\Kevin Ford\getfile.dat
2005-06-16 11:08 4,121 ----a-w C:\Program Files\Deploy3.log
2005-02-22 20:13 3,669 ----a-w C:\Program Files\Deploy2.log
2005-01-03 13:35 3,930 ----a-w C:\Program Files\Deploy.log
2003-08-27 14:19 36,963 ----a-r C:\Program Files\Common Files\SM1updtr.dll
.
Infected C:\WINDOWS\system32\user32.dll hex repaired
C:\WINDOWS\system32\user32.dll ... is infected !! (additional data below)
577,024 2005-03-02 18:09:30 C:\WINDOWS\$hf_mig$\KB890859\SP2GDR\user32.dll
577,024 2005-03-02 18:19:56 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
578,048 2007-03-08 15:48:36 C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
561,152 2005-03-02 18:20:03 C:\WINDOWS\$NtServicePackUninstall$\user32.dll
528,896 2002-11-01 22:26:46 C:\WINDOWS\$NtUninstallKB824141$\user32.dll
560,128 2003-03-31 12:00:00 C:\WINDOWS\$NtUninstallKB826939$\user32.dll
577,024 2004-08-04 07:56:46 C:\WINDOWS\$NtUninstallKB890859$\user32.dll
560,128 2003-09-25 16:49:02 C:\WINDOWS\$NtUninstallKB890859_0$\user32.dll
577,024 2005-03-02 18:09:30 C:\WINDOWS\$NtUninstallKB925902$\user32.dll
265,649 2003-03-31 12:00:00 C:\WINDOWS\I386\USER32.DL_
12,288 2001-10-24 13:16:16 C:\WINDOWS\mui\FALLBACK\0405\user32.dll.mui
14,336 2001-08-18 05:40:06 C:\WINDOWS\mui\FALLBACK\0407\user32.dll.mui
14,336 2001-11-27 00:20:06 C:\WINDOWS\mui\FALLBACK\0408\user32.dll.mui
12,800 2001-10-05 17:23:26 C:\WINDOWS\mui\FALLBACK\040B\user32.dll.mui
13,824 2001-08-23 18:55:38 C:\WINDOWS\mui\FALLBACK\040C\user32.dll.mui
13,312 2001-08-30 23:50:56 C:\WINDOWS\mui\FALLBACK\0410\user32.dll.mui
14,336 2001-09-15 19:17:54 C:\WINDOWS\mui\FALLBACK\0413\user32.dll.mui
12,288 2001-09-06 21:40:30 C:\WINDOWS\mui\FALLBACK\041D\user32.dll.mui
13,312 2001-11-20 17:46:44 C:\WINDOWS\mui\FALLBACK\0816\user32.dll.mui
13,312 2001-08-22 23:22:50 C:\WINDOWS\mui\FALLBACK\0C0A\user32.dll.mui
577,024 2004-08-04 07:56:46 C:\WINDOWS\ServicePackFiles\i386\user32.dll
577,536 2007-03-08 15:36:28 C:\WINDOWS\system32\user32.dll
577,536 2007-03-08 15:36:28 C:\WINDOWS\system32\dllcache\user32.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:56 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 15:24 28672 C:\WINDOWS\system32\Ati2mdxx.exe]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-12-19 21:00 335872]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2003-11-20 15:19 98304]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2003-11-20 15:18 499712]
"Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 16:46 45056 C:\WINDOWS\system32\ico.exe]
"HKSERV.EXE"="C:\Program Files\Sony\HotKey Utility\HKserv.exe" [2003-12-02 00:36 94208]
"SonyPowerCfg"="C:\Program Files\sony\vaio power management\SPMgr.exe" [2003-10-24 17:21 167936]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-06-21 19:27 77824]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"Motive SmartBridge"="C:\PROGRA~1\BT Home Hub\Help\SmartBridge\BTHelpNotifier.exe" [2006-02-06 18:52 462935]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 18:51 39792]
"LXCTCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll" [2006-11-21 12:27 106496]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-02-10 22:56 579072]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25 6731312]
"OnlineArmor GUI"="C:\Program Files\Tall Emu\Online Armor\oaui.exe" [2007-11-16 07:51 5029952]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 07:56 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-02-10 22:56 219136]
C:\Documents and Settings\Kevin\Start Menu\Programs\Startup\
MailWasherPro.lnk - C:\Program Files\MailWasher\MailWasher.exe [2007-12-20 09:23:27 5541888]
qlock.lnk - C:\Program Files\Qlock\qlock.exe [2006-03-20 09:04:32 4070912]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= C:\PROGRA~1\TALLEM~1\ONLINE~1\oaevent.dll [2007-11-16 07:50 633344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\btbb_wcm_McciTrayApp]
C:\Program Files\btbb_wcm\McciTrayApp.exe
R1 NDISRD;NDISRD;C:\WINDOWS\system32\drivers\NDISRD.sys [2007-09-29 00:06]
R1 OADevice;OADriver;C:\WINDOWS\system32\drivers\OADriver.sys [2007-11-08 06:37]
R1 OAmon;OAmon;C:\WINDOWS\system32\drivers\OAmon.sys [2007-09-29 00:06]
R2 SvcOnlineArmor;Online Armor;"C:\Program Files\Tall Emu\Online Armor\oasrv.exe" [2007-11-16 07:51]
S3 PAC7311;Phenix-Q8;C:\WINDOWS\system32\DRIVERS\PA707UCM.SYS [2005-10-18 10:48]
S3 PPDrv;Protector Plus Driver (UnRegistered);C:\Protector Plus\PPDrv.sys []
S3 PPEMSCAN;Protector Plus Email Scan Driver;C:\Protector Plus\PPEMSCAN.sys []
S3 vncdrv;vncdrv;C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2004-06-26 12:22]
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-18 10:33:47
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
.
**************************************************************************
.
Completion time: 2008-02-18 10:39:31 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-18 10:39:21
ComboFix2.txt 2008-02-16 19:11:47
ComboFix3.txt 2007-09-16 18:53:56
.
2008-02-13 10:16:07 --- E O F ---
Now I'll do the HJT.......
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:46:27, on 18/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\sony\vaio power management\SPMgr.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\BT Home Hub\Help\SmartBridge\BTHelpNotifier.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MailWasher\MailWasher.exe
C:\Program Files\Qlock\qlock.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Kevin\Desktop\mobmeter.exe
C:\Program Files\internet explorer\iexplore.exe
C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bloomberg.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.sony-europe.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.client...fo/bt_side.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bloomberg.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareBlock Class - {0A87E45F-537A-40B4-B812-E2544C21A09F} - C:\Program Files\SpyCatcher\SCActiveBlock.dll (file missing)
O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O2 - BHO: (no name) - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - (no file)
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\sony\vaio power management\SPMgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\BT Home Hub\Help\SmartBridge\BTHelpNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: MailWasherPro.lnk = C:\Program Files\MailWasher\MailWasher.exe
O4 - Startup: qlock.lnk = C:\Program Files\Qlock\qlock.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/...UI.cab55579.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} -
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games Buddy Invite) - http://zone.msn.com/...dy.cab55579.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} -
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/...at.cab55579.cab
O16 - DPF: {62FA83F7-20EC-4D62-AC86-BAB705EE1CCD} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {6B78B13A-6E99-4588-8EAB-C2399B202022} (iVocalize Web Conference 4 Setup) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab56649.cab
O16 - DPF: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} (Java Plug-in 1.4.2_01) -
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Plug-in 1.5.0_09) -
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games Game Communicator) - http://zone.msn.com/...xy.cab55579.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abac...ent1.7.20.5.cab
O16 - DPF: {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} (ZPA_Backgammon Object) - http://zone.msn.com/...on.cab55579.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Sony Corporation - C:\Program Files\sony\vaio media music server\SSSvr.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\sony\photo server\appsrv\PhotoAppSrv.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPcservice.exe
--
End of file - 9652 bytes
All done!
Edited by mrblue, 18 February 2008 - 04:47 AM.