Thanks, here is the combofix log
ComboFix 08-02-24.4 - Ken 2008-02-24 11:09:23.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.169 [GMT -5:00]
Running from: C:\Documents and Settings\Ken\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Common Files\Yazzle1848OinUninstaller.exe
C:\WINDOWS\system32\colvnikp.dll
C:\WINDOWS\system32\hcgnrnua.dll
C:\WINDOWS\system32\hjjlm.ini
C:\WINDOWS\system32\hjjlm.ini2
C:\WINDOWS\system32\jkkkkjg.dll
C:\WINDOWS\system32\kdgjkscy.ini
C:\WINDOWS\system32\mljjh.dll
C:\WINDOWS\system32\phqjqcry.dll
C:\WINDOWS\system32\pkinvloc.ini
C:\WINDOWS\system32\scagdgqv.ini
C:\WINDOWS\system32\witjgoxx.dll
.
((((((((((((((((((((((((( Files Created from 2008-01-24 to 2008-02-24 )))))))))))))))))))))))))))))))
.
2008-02-24 09:36 . 2008-02-24 10:31 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2008-02-24 09:36 . 2008-02-24 10:30 30,590 --a------ C:\WINDOWS\system32\pavas.ico
2008-02-24 09:36 . 2008-02-24 10:30 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
2008-02-24 09:36 . 2008-02-24 10:30 1,406 --a------ C:\WINDOWS\system32\Help.ico
2008-02-24 09:19 . 2008-02-24 09:19 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-21 18:31 . 2008-02-21 18:31 <DIR> d-------- C:\Program Files\WinAVI MP4 Converter
2008-02-21 15:53 . 2007-11-19 14:25 3,829,382 --a------ C:\WINDOWS\winavi_ipod_video_converter.exe
2008-02-20 18:30 . 2004-01-12 17:57 86,016 --a------ C:\WINDOWS\system32\QuickTime.ax
2008-02-20 17:18 . 2008-02-20 17:18 <DIR> d-------- C:\Program Files\iPod
2008-01-31 23:13 . 2008-01-31 23:13 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-01-31 23:13 . 2008-01-31 23:13 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-24 16:22 --------- d-----w C:\Program Files\SP2 Connection Patcher
2008-02-24 15:39 --------- d-----w C:\Documents and Settings\Ken\Application Data\ispnews
2008-02-24 15:33 --------- d-----w C:\Program Files\Windows Defender
2008-02-24 15:32 --------- d-----w C:\Program Files\PowerISO
2008-02-24 15:32 --------- d-----w C:\Program Files\Microsoft ActiveSync
2008-02-24 15:32 --------- d-----w C:\Program Files\Lexmark 1200 Series
2008-02-24 15:32 --------- d-----w C:\Program Files\iTunes
2008-02-24 15:31 --------- d-----w C:\Program Files\Google
2008-02-24 14:09 --------- d-----w C:\Program Files\LogMeIn
2008-02-23 17:24 --------- d-----w C:\Program Files\eMule
2008-02-20 22:16 --------- d-----w C:\Program Files\QuickTime
2008-02-02 17:45 --------- d-----w C:\Program Files\XviD
2008-02-02 17:45 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-02-02 17:45 --------- d-----w C:\Program Files\LimeWire
2008-02-02 17:45 --------- d-----w C:\Program Files\FMS
2008-02-02 17:45 --------- d-----w C:\Program Files\DivX
2008-02-01 13:23 --------- d-----w C:\Documents and Settings\Ken\Application Data\Vso
2008-01-23 17:54 --------- d-----w C:\Program Files\Lavasoft
2008-01-23 17:54 --------- d-----w C:\Documents and Settings\Ken\Application Data\Lavasoft
2008-01-23 17:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-23 17:53 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-10 11:49 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-01-09 21:09 --------- d-----w C:\Documents and Settings\Girls.HAILEY.001\Application Data\F-Secure
2008-01-08 16:50 --------- d-----w C:\Documents and Settings\Girls.HAILEY.001\Application Data\ispnews
2007-12-28 16:14 --------- d-----w C:\Documents and Settings\Girls.HAILEY.000\Application Data\ispnews
2007-12-28 03:56 --------- d-----w C:\Documents and Settings\Ken\Application Data\Fisher-Price
2007-12-28 03:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-12-28 03:20 --------- d-----w C:\Program Files\Apple Software Update
2007-12-28 03:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2007-12-28 01:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-28 01:49 --------- d-----w C:\Program Files\iTunes(2)
2007-12-28 01:49 --------- d-----w C:\Program Files\iPod(2)
2007-12-28 01:48 --------- d-----w C:\Documents and Settings\Ken\Application Data\AdobeUM
2007-12-28 01:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe(2)
2007-12-24 23:17 --------- d-----w C:\Program Files\Common Files\Apple
2007-12-24 14:24 --------- d-----w C:\Program Files\Fisher-Price
2007-12-24 14:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Fisher-Price
2007-07-21 19:58 87,608 ----a-w C:\Documents and Settings\Ken\Application Data\ezpinst.exe
2007-07-21 19:58 47,360 ----a-w C:\Documents and Settings\Ken\Application Data\pcouffin.sys
2005-11-24 23:59 4,216 ----a-w C:\Program Files\Warez P2P ClientIPGUARD.LOG
2005-09-27 20:13 17,144 ----a-w C:\Documents and Settings\Ken\Application Data\GDIPFONTCACHEV1.DAT
2004-03-11 17:27 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
2005-09-02 11:08 10,240 --sha-w C:\WINDOWS\rnapxs\rnapxs.dat
.
------- Sigcheck -------
34a663e7f74ae8b2c992c2513343477e C:\WINDOWS\system32\drivers\tcpip.sys
----a-w 359,936 2005-05-25 19:07:12 C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
----a-w 360,448 2006-01-13 17:07:08 C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
----a-w 360,576 2006-04-20 12:18:35 C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
----a-w 360,832 2007-10-30 16:53:32 C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
-c----w 359,040 2007-09-26 14:25:27 C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
-c----w 359,808 2007-10-15 11:16:37 C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
----a-w 360,064 2008-01-10 11:49:46 C:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-03 16:42 401491]
"SP2 Connection Patcher"="C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" [2005-07-11 06:51 409600]
"PowerBar"="" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-26 16:37 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-06-10 20:10 339968]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2003-12-08 16:35 32768]
"F-Secure Manager"="C:\Program Files\COGECO Security Services\Common\FSM32.exe" [2005-05-09 02:05 118833]
"F-Secure TNB"="C:\Program Files\COGECO Security Services\TNB\TNBUtil.exe" [2005-06-02 08:05 700416]
"F-Secure Startup Wizard"="C:\Program Files\COGECO Security Services\FSGUI\FSSW.exe" [2005-11-18 07:57 372736]
"News Service"="C:\Program Files\COGECO Security Services\FSGUI\ispnews.exe" [2005-05-31 07:45 356352]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 18:20 866584]
"Lexmark 1200 Series"="C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" [2006-07-13 00:22 57344]
"RaidTool"="C:\Program Files\VIA\RAID\raid_tool.exe" [2005-04-28 06:22 589824]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-04-01 09:52 1368064]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2004-03-26 13:40 794624]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [2007-08-03 15:09 63048]
"DACSMiniApp"="C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe" [2007-06-29 15:01 193792]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-08-06 19:05 200704]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-04 14:18 267048]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-31 23:13 385024]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2005-04-25 13:45 36040]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-04 07:00 44544]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
COGECO Security Services.lnk - C:\Program Files\COGECO Security Services\backweb\9867844\Program\fspex.exe [2005-09-02 05:56:02 32807]
HotSync Manager.lnk - C:\Palm\HOTSYNC.EXE [2005-09-01 18:22:05 299008]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
LMIinit.dll 2007-11-15 18:46 87352 C:\WINDOWS\system32\LMIinit.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft ActiveSync\\WCESCOMM.EXE"=
"C:\\Program Files\\Microsoft ActiveSync\\WCESMGR.EXE"=
"C:\\Program Files\\Nevo\\NevoMedia Server\\NevoMediaServer.exe"=
"C:\\Program Files\\Nevo\\NevoMedia Player\\NevoMediaPlayer.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\StubInstaller.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\COGECO Security Services\\backweb\\9867844\\Program\\fspex.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\Fujifilm\\Print@Fujicolor\\fujicolor.exe"=
"C:\\Program Files\\BitLord\\BitLord.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2005-08-22 08:05]
R2 BackWeb Plug-in - 9867844;COGECO Security Services;C:\PROGRA~1\COGECO~1\backweb\9867844\Program\SERVIC~1.EXE [2006-03-21 19:19]
R2 F-Secure Filter;F-Secure File System Filter;C:\Program Files\COGECO Security Services\Anti-Virus\Win2K\FSfilter.sys [2004-09-10 10:14]
R2 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\COGECO Security Services\Anti-Virus\Win2K\FSgk.sys [2007-05-30 04:45]
R2 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\COGECO Security Services\Anti-Virus\Win2K\FSrec.sys [2004-12-17 04:34]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2007-08-03 15:09]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2007-08-03 15:09]
R3 Cap713x;Philips Cap713x Video Capture;C:\WINDOWS\system32\DRIVERS\Cap713x.sys [2005-05-04 03:32]
S3 epcfw2k;SCM Parallel Port CF Driver;C:\WINDOWS\system32\DRIVERS\epcfw2k.sys [2006-02-28 07:00]
S3 HCW848NT;Hauppauge Win/TV;C:\WINDOWS\system32\DRIVERS\hcw848nt.sys [2000-06-12 13:54]
.
Contents of the 'Scheduled Tasks' folder
"2008-02-24 16:23:17 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
"2008-02-24 00:00:35 C:\WINDOWS\Tasks\Scheduled scanning task.job"
- C:\PROGRA~1\COGECO~1\ANTI-V~1\fsav.exeZ /HARD /ARCHIVE /DISINF /SCHED /NOBREAK /REPORT=C:\PROGRA~1\COGECO~1\ANTI-V~1\report.txt
"2008-02-22 14:00:00 C:\WINDOWS\Tasks\{0DAEB324-55BB-42F8-9CB0-A5590A6D0F9C}_CUSTOMER-20BE6A_Ken.job"
- C:\WINDOWS\system32\mobsync.exeH /Schedule=
"2008-02-22 21:00:00 C:\WINDOWS\Tasks\{1541A039-0C7C-4B4E-8D3D-18F457FF15A2}_CUSTOMER-20BE6A_Ken.job"
- C:\WINDOWS\system32\mobsync.exeH /Schedule=
"2008-02-22 21:00:00 C:\WINDOWS\Tasks\{D5254AB8-3307-497F-A7B9-C6B7F3439007}_CUSTOMER-20BE6A_Ken.job"
- C:\WINDOWS\system32\mobsync.exeH /Schedule=
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-02-24 11:21:54
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
PowerBar = ?X?????????????????????????????????????????????????????????????|p??|????m??|?`?w????????PX????@?8?@?????PX??c"?s???s??????@?????N'?s?W2?L|?s????????????u??s????????c"?s???s??????@?8?@?N'?sTX2??$@?8?@?8?@?????????`X2??C2????s0C2?@W2?0C2??C2?0i?s?????????W2????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\COGECO Security Services\Anti-Virus\fsgk32st.exe
C:\Program Files\COGECO Security Services\Anti-Virus\FSGK32.EXE
C:\Program Files\COGECO Security Services\backweb\9867844\program\fsbwsys.exe
C:\Program Files\COGECO Security Services\Common\FSMA32.EXE
C:\Program Files\COGECO Security Services\Anti-Virus\fssm32.exe
C:\Program Files\COGECO Security Services\Common\FSMB32.EXE
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\COGECO Security Services\Common\FCH32.EXE
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\COGECO Security Services\Common\FAMEH32.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\COGECO Security Services\Anti-Virus\fsrw.exe
C:\Program Files\COGECO Security Services\FSPC\fspc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\COGECO Security Services\FSPC\fshttps\fshttps.exe
C:\Program Files\COGECO Security Services\FWES\Program\fsdfwd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\COGECO Security Services\Anti-Virus\fsav32.exe
C:\PROGRA~1\COGECO~1\ANTI-S~1\fsaw.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\COGECO Security Services\FSGUI\fsguidll.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2008-02-24 11:25:38 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-24 16:25:34
.
2008-02-19 23:16:19 --- E O F ---
and here is the Hijackthis log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:30:23 AM, on 2/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\COGECO~1\backweb\9867844\Program\SERVIC~1.EXE
C:\Program Files\COGECO Security Services\Anti-Virus\fsgk32st.exe
C:\Program Files\COGECO Security Services\Anti-Virus\FSGK32.EXE
C:\Program Files\COGECO Security Services\backweb\9867844\program\fsbwsys.exe
C:\Program Files\COGECO Security Services\Common\FSMA32.EXE
C:\Program Files\COGECO Security Services\Anti-Virus\fssm32.exe
C:\Program Files\COGECO Security Services\Common\FSMB32.EXE
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\COGECO Security Services\Common\FCH32.EXE
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\COGECO Security Services\Common\FAMEH32.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\COGECO Security Services\Anti-Virus\fsrw.exe
C:\Program Files\COGECO Security Services\FSPC\fspc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\COGECO Security Services\FWES\Program\fsdfwd.exe
C:\Program Files\COGECO Security Services\Anti-Virus\fsav32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\COGECO Security Services\Common\FSM32.EXE
C:\Program Files\COGECO Security Services\FSGUI\ispnews.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\COGECO~1\ANTI-S~1\fsaw.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\COGECO Security Services\FSGUI\fsguidll.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\COGECO Security Services\backweb\9867844\Program\fspex.exe
C:\Palm\HOTSYNC.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://barbie.everythinggirl.com/O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\COGECO Security Services\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\COGECO Security Services\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\COGECO Security Services\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\COGECO Security Services\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [DACSMiniApp] C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [SP2 Connection Patcher] "C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: COGECO Security Services.lnk = C:\Program Files\COGECO Security Services\backweb\9867844\Program\fspex.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
O8 - Extra context menu item: &Block this popup - C:\Program Files\COGECO Security Services\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Filter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Web Filter - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Program Files\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Suspend Webpage Filter - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Program Files\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Program Files\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Deny this website - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Program Files\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Program Files\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Allow this website - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Program Files\COGECO Security Services\FSPC\fspcmsie.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\COGECO Security Services\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\COGECO Security Services\Anti-Spyware\ieshield.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) -
http://pix.futuresho...geUploader4.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: COGECO Security Services (BackWeb Plug-in - 9867844) - BackWeb Technologies Inc. - C:\PROGRA~1\COGECO~1\backweb\9867844\Program\SERVIC~1.EXE
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\COGECO Security Services\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\COGECO Security Services\backweb\9867844\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\COGECO Security Services\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\COGECO Security Services\FSPC\fshttps\fshttps.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\COGECO Security Services\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 11689 bytes