Thank you for taking the time to help me fix my pc
Combo Fix LogComboFix 08-02-25.3 - User 2008-02-27 16:13:10.1 - NTFSx86
Running from: C:\Documents and Settings\User\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\User\Start Menu\Programs\Startup\DW_Start.lnk
C:\Program Files\ComPlus Applications\vaduhu89104.dll
C:\WINDOWS\Fonts\'
C:\WINDOWS\Fonts\a.zip
C:\WINDOWS\system32\adeeg.ini2
C:\WINDOWS\system32\avqqofko.dll
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\system32\byxxyxv.dll
C:\WINDOWS\system32\dgrwdcwi.ini
C:\WINDOWS\system32\iwcdwrgd.dll
C:\WINDOWS\system32\msnav32.ax
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\qrqss.ini
C:\WINDOWS\system32\qrqss.ini2
C:\WINDOWS\system32\ssqrq.dll
C:\winlogon.exe
C:\x.dat
C:\z.dat
.
((((((((((((((((((((((((( Files Created from 2008-01-27 to 2008-02-27 )))))))))))))))))))))))))))))))
.
2008-02-27 16:25 . 2008-02-27 16:25 32 --a------ C:\WINDOWS\system32\msnav32.ax
2008-02-26 20:48 . 2008-02-26 20:48 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-26 16:38 . 2008-02-26 16:38 294 ---hs---- C:\WINDOWS\system32\tiufeyqu.ini
2008-02-25 18:13 . 2008-02-25 18:13 16 --a------ C:\WINDOWS\system32\coh.cache
2008-02-25 17:43 . 2008-02-25 18:10 <DIR> d-------- C:\Program Files\Symantec
2008-02-25 17:43 . 2008-02-25 18:10 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-02-25 17:43 . 2008-02-25 18:10 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2008-02-25 17:36 . 2008-02-25 17:36 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2008-02-25 17:33 . 2008-02-25 17:33 134 --a------ C:\n.bat
2008-02-25 17:32 . 2008-02-25 19:09 <DIR> d-------- C:\WINDOWS\system32\we2
2008-02-25 17:32 . 2008-02-25 17:32 <DIR> d-------- C:\WINDOWS\system32\per6
2008-02-25 17:32 . 2008-02-25 17:32 <DIR> d-------- C:\WINDOWS\system32\oxo4
2008-02-25 17:32 . 2008-02-25 17:32 <DIR> d-------- C:\WINDOWS\system32\nap8
2008-02-25 17:32 . 2008-02-25 18:14 <DIR> d-------- C:\WINDOWS\system32\iDlo18
2008-02-25 17:32 . 2008-02-25 17:32 <DIR> d-------- C:\WINDOWS\system32\def4
2008-02-25 17:32 . 2008-02-25 17:32 49,163 --a------ C:\WINDOWS\system32\rwwnw64d.exe
2008-02-24 09:36 . 2008-02-24 09:36 <DIR> d-------- C:\Program Files\Go-Go Gourmet
2008-02-24 09:22 . 2008-02-24 09:22 80,097 --a------ C:\WINDOWS\system32\dcads-remove.exe
2008-02-24 09:22 . 2008-02-24 09:22 46,300 --a------ C:\WINDOWS\system32\DcadsSocial-uninstall.exe
2008-02-24 09:15 . 2008-02-24 09:15 <DIR> d-------- C:\Program Files\ToGo Game
2008-02-23 13:34 . 2008-02-23 13:47 <DIR> d-------- C:\Program Files\Shockwave.com
2008-02-16 15:45 . 2008-02-16 15:45 <DIR> dr-h----- C:\Documents and Settings\User\Application Data\SecuROM
2008-02-16 10:37 . 2008-02-16 10:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Go Go Gourmet
2008-02-10 10:53 . 2004-08-04 00:56 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-02-10 10:53 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-02-10 10:53 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-02-10 10:53 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-02-04 21:30 . 2008-02-04 21:30 17,536 --a------ C:\Documents and Settings\User\Application Data\GDIPFONTCACHEV1.DAT
2008-02-03 23:14 . 2008-02-03 23:14 <DIR> d-------- C:\WINDOWS\Sun
2008-01-30 13:30 . 2008-01-30 13:30 <DIR> d-------- C:\Program Files\The Sims Carnival SnapCity
2008-01-30 13:07 . 2008-02-21 20:45 <DIR> d-------- C:\Documents and Settings\User\Application Data\Love the cash
2008-01-30 13:07 . 2008-02-21 20:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\close poke frag ooze
2008-01-29 21:32 . 2008-01-29 21:32 <DIR> d-------- C:\Documents and Settings\User\Application Data\Gamelab
2008-01-29 15:00 . 2008-01-29 15:00 <DIR> d-------- C:\Program Files\bfgclient
2008-01-29 14:49 . 2008-01-29 14:49 <DIR> d-------- C:\Documents and Settings\User\Application Data\DAEMON Tools
2008-01-29 14:40 . 2008-01-29 14:40 716,272 --a------ C:\WINDOWS\system32\drivers\sptd.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-27 21:11 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-02-26 23:03 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-02-25 23:10 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-02-25 23:10 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-02-25 23:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-02-25 22:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-02-25 22:36 --------- d-----w C:\Documents and Settings\User\Application Data\LimeWire
2008-02-23 18:47 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-16 20:36 --------- d-----w C:\Program Files\Electronic Arts
2008-01-27 03:01 --------- d-----w C:\Program Files\Common Files\AVSMedia
2008-01-19 18:03 --------- d-----w C:\Program Files\Common Files\PACE Anti-Piracy
2008-01-19 18:03 --------- d-----w C:\Documents and Settings\User\Application Data\PACE Anti-Piracy
2008-01-19 18:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
2008-01-19 07:38 --------- d-----w C:\Program Files\EA GAMES
2008-01-14 23:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-13 01:02 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-13 01:02 --------- d-----w C:\Documents and Settings\User\Application Data\InterTrust
2008-01-10 03:31 --------- d-----w C:\Program Files\Restaurant Empire
2008-01-08 17:52 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-01-08 01:22 --------- d-----w C:\Program Files\NVIDIA Corporation
2008-01-06 20:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-06 20:10 --------- d-----w C:\Program Files\Logitech
2008-01-06 20:09 90,112 ------r C:\WINDOWS\bwUnin-6.1.0.155-8876480L.exe
2008-01-06 20:09 --------- d-----w C:\Program Files\Desktop Messenger
2008-01-06 20:09 --------- d-----w C:\Program Files\Common Files\Logitech
2008-01-06 04:45 --------- d-----w C:\Documents and Settings\User\Application Data\DivX
2008-01-06 04:37 --------- d-----w C:\Program Files\DivX
2008-01-06 02:14 --------- d-----w C:\Program Files\Java
2008-01-05 18:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\EPSON
2008-01-05 02:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2008-01-04 00:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Trymedia
2008-01-03 23:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-01-03 23:20 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-01-03 22:46 --------- d-----w C:\Program Files\SymplisIT
2007-12-31 07:05 --------- d-----w C:\Program Files\Microsoft ActiveSync
2007-12-31 05:44 --------- d-----w C:\Program Files\Common Files\Java
2007-12-31 05:43 --------- d-----w C:\Documents and Settings\User\Application Data\SUPERAntiSpyware.com
2007-12-31 05:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-12-31 05:42 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-12-31 05:26 --------- d-----w C:\Program Files\Windows Live
2007-12-31 05:25 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2007-12-31 05:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-12-30 23:38 --------- d-----w C:\Program Files\CCleaner
2007-12-30 23:29 --------- d-----w C:\Documents and Settings\User\Application Data\Yahoo!
2007-12-30 23:22 --------- d-----w C:\Program Files\Yahoo!
2007-12-30 23:22 --------- d-----w C:\Program Files\Rogers
2007-12-30 22:16 15,890 ----a-w C:\WINDOWS\system32\drivers\mdc8021x.sys
.
------- Sigcheck -------
6225f14b8ce08ccba8b25ad27843c674 C:\WINDOWS\system32\winlogon.exe
----a-w 502,272 2007-05-09 23:55:08 C:\WINDOWS\system32\winlogon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1D8282E6-BC4F-469B-AAED-7E4FF077AD93}]
2008-01-18 05:06 294912 --a------ C:\WINDOWS\system32\iebrowserc.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6CF635BD-00AD-4366-7094-F4AD0AEF4E86}]
C:\Program Files\InstallShield Installation Information\labumu.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SHS"="C:\Program Files\Rogers\SelfHealing\SHS.exe" [2007-10-12 15:30 5166392]
"RogersAgent"="c:\Program Files\Rogers\SelfHealing\rogersagent.exe" [2007-04-23 15:51 478968]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-07-20 18:46 81920]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 17:06 1318912]
"Update Manager"="C:\Program Files\Rogers\Update Manager\UpdateManager.exe" [2007-10-12 15:30 136504]
"LDM"="C:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2008-01-06 15:09 16384]
"Team Bits"="C:\DOCUME~1\User\APPLIC~1\LOVETH~1\seek grim.exe" [2008-02-21 20:45 470016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 18:33 16132608 C:\WINDOWS\RTHDCPL.exe]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 04:11 132496]
"Updater"="C:\WINDOWS\system32\updater\explorer.exe" [2007-11-24 17:08 1478612]
"YOP"="C:\PROGRA~1\Yahoo!\YOP\yop.exe" [2007-06-26 16:48 509224]
"nTrayFw"="C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2006-02-17 13:40 270336]
"LDM"="C:\Program Files\Desktop Messenger\8876480\Program\backWeb-8876480.exe" [2008-01-06 15:09 16384]
"EM_EXEC"="C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2001-12-20 12:42 35328]
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2001-12-20 04:59 204800]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
"Frag Ooze Cash Scr"="C:\Documents and Settings\All Users\Application Data\close poke frag ooze\platform seek.exe" [2008-02-27 16:25 1102336]
"{3A-A1-17-74-DW}"="C:\windows\system32\rwwnw64d.exe" [2008-02-25 17:32 49163]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 00:59 115816]
"osCheck"="C:\PROGRA~1\Symantec\osCheck.exe" [2007-01-14 02:11 771704]
C:\Documents and Settings\User\Start Menu\Programs\Startup\
DW_Start.lnk - C:\WINDOWS\system32\rwwnw64d.exe [2008-02-25 17:32:54 49163]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe [2008-01-06 15:10:00 156160]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 04:01:04 83360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 16:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 16:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"67:UDP"= 67:UDP:0.0.0.0/255.255.255.255:Enabled:DHCP Discovery Service
S3 AR5523;802.11 Wireless Network Adapter Service;C:\WINDOWS\system32\DRIVERS\ar5523.sys []
S3 ATHFMWDL;802.11 USB Wireless Adapter Bootloader driver;C:\WINDOWS\system32\Drivers\ATHFMWDL.sys []
S3 USB200M;Linksys USB 2.0 Network Adapter ver.2;C:\WINDOWS\system32\DRIVERS\USB200M2.sys [2005-04-21 01:30]
S3 WN5301;LIteon Wireless PCI Network Adapter Service;C:\WINDOWS\system32\DRIVERS\wn5301.sys [2005-10-05 11:44]
*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
"2008-02-27 01:00:00 C:\WINDOWS\Tasks\AF7873039187E4DB.job"
- c:\docume~1\user\applic~1\loveth~1\software pop roam.exe
"2008-02-26 01:00:11 C:\WINDOWS\Tasks\Norton Security Online - Run Full System Scan - User.job"
- C:\PROGRA~1\Symantec\Norton AntiVirus\Navw32.exeh/TASK:
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-02-27 16:25:45
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\User\LOCALS~1\Temp\ir_ext_temp_0\autorun.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Yahoo!\YOP\SSDK02.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
.
**************************************************************************
.
Completion time: 2008-02-27 16:37:13 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-27 21:37:09
.
2008-02-14 08:02:45 --- E O F ---
Hijack This LogLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:37:29 PM, on 2/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\Program Files\Desktop Messenger\8876480\Program\backWeb-8876480.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\User\LOCALS~1\Temp\ir_ext_temp_0\autorun.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\system32\rwwnw64d.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Yahoo!\YOP\SSDK02.exe
C:\Program Files\Rogers\SelfHealing\rogersagent.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.ca/O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BrowserCmp - {1D8282E6-BC4F-469B-AAED-7E4FF077AD93} - C:\WINDOWS\system32\iebrowserc.dll
O2 - BHO: 0 - {6CF635BD-00AD-4366-7094-F4AD0AEF4E86} - C:\Program Files\InstallShield Installation Information\labumu.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Updater] C:\WINDOWS\system32\updater\explorer.exe
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\backWeb-8876480.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Frag Ooze Cash Scr] C:\Documents and Settings\All Users\Application Data\close poke frag ooze\platform seek.exe
O4 - HKLM\..\Run: [{3A-A1-17-74-DW}] C:\windows\system32\rwwnw64d.exe DWram
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\PROGRA~1\Symantec\osCheck.exe"
O4 - HKCU\..\Run: [SHS] "C:\Program Files\Rogers\SelfHealing\SHS.exe" /background
O4 - HKCU\..\Run: [RogersAgent] c:\Program Files\Rogers\SelfHealing\rogersagent.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Update Manager] "C:\Program Files\Rogers\Update Manager\UpdateManager.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Team Bits] C:\DOCUME~1\User\APPLIC~1\LOVETH~1\seek grim.exe
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\rwwnw64d.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) -
http://upload.facebo...toUploader3.cabO16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) -
http://www.nvidia.co.../sysreqlab2.cabO16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) -
http://www.nvidia.co...iaSmartScan.cabO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\PROGRA~1\Symantec\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
--
End of file - 8783 bytes