Sorry for the late responce! Work is kicking my tail
Anyways, had a few problems installing the AVG, kept saying some of the installation files were corrupt.. said to redownload.. and redownload.. well, I'm sure you get the picture haha. Anyways, here's the logs!
Combofix :
ComboFix 08-02-25.3 - Gabby 2008-02-29 9:51:38.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.689 [GMT -6:00]
Running from: C:\Documents and Settings\Gabby\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Gabby\My Documents\WNSXS~1
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt
C:\Documents and Settings\NetworkService\Application Data\NetMon
C:\Documents and Settings\NetworkService\Application Data\NetMon\domains.txt
C:\Documents and Settings\NetworkService\Application Data\NetMon\log.txt
C:\Program Files\ISM
C:\Program Files\ISM\ism.exe
C:\Program Files\ISM\Uninstall.exe
C:\Program Files\QdrDrive
C:\Program Files\QdrDrive\qdrloader.exe
C:\Program Files\QdrModule
C:\Program Files\QdrModule\dic.gz
C:\Program Files\QdrModule\kwd.gz
C:\Program Files\Temporary
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\a1
C:\WINDOWS\system32\bwwaivgl.dll
C:\WINDOWS\system32\crhgimvl.ini
C:\WINDOWS\system32\epbuymkb.dllbox
C:\WINDOWS\system32\explorer.exe
C:\WINDOWS\system32\fadgsd.exe
C:\WINDOWS\system32\gdywovyp.ini
C:\WINDOWS\system32\hnpnstqu.dll
C:\WINDOWS\system32\hxmvaddc.ini
C:\WINDOWS\system32\icutrbws.dll
C:\WINDOWS\system32\iexplorer.dll .dbt
C:\WINDOWS\system32\ineWc01
C:\WINDOWS\system32\jjxiamny.ini
C:\WINDOWS\system32\mydhlcbt.dll
C:\WINDOWS\system32\ovcbbejy.dll
C:\WINDOWS\system32\p9
C:\WINDOWS\system32\p9\liopud89104.exe
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\plincuto.ini
C:\WINDOWS\system32\psmwwniq.dll
C:\WINDOWS\system32\rsvyb.bak1
C:\WINDOWS\system32\rsvyb.bak2
C:\WINDOWS\system32\rsvyb.ini
C:\WINDOWS\system32\rsvyb.ini2
C:\WINDOWS\system32\rsvyb.tmp
C:\WINDOWS\system32\slwlxeax.ini
C:\WINDOWS\system32\tbclhdym.ini
C:\WINDOWS\system32\tdcggkij.dll
C:\WINDOWS\system32\v6
C:\WINDOWS\system32\vfpxpogu.dll
C:\WINDOWS\system32\vkevqefc.dll
C:\WINDOWS\system32\w11
C:\WINDOWS\system32\windows
C:\WINDOWS\system32\wnphcuux.ini
C:\WINDOWS\system32\xcdyvivo.dll
.
((((((((((((((((((((((((( Files Created from 2008-01-28 to 2008-02-29 )))))))))))))))))))))))))))))))
.
2008-02-27 23:19 . 2008-02-27 23:27 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-02-27 23:19 . 2008-02-27 23:28 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-02-24 02:05 . 2008-02-24 02:05 <DIR> d-------- C:\Program Files\CCleaner
2008-02-24 01:59 . 2008-02-24 01:59 136,111 --a------ C:\WINDOWS\POTA777444.exe
2008-02-24 00:12 . 2007-07-18 18:39 490,776 -ra------ C:\WINDOWS\system32\drivers\LV561AV.SYS
2008-02-24 00:12 . 2007-07-18 18:43 490,008 -ra------ C:\WINDOWS\system32\LVUI2.dll
2008-02-24 00:12 . 2007-07-18 18:44 465,432 -ra------ C:\WINDOWS\system32\LVUI2RC.dll
2008-02-24 00:12 . 2007-07-18 18:40 416,280 -ra------ C:\WINDOWS\system32\lvcodec2.dll
2008-02-24 00:12 . 2007-07-18 18:40 195,096 -ra------ C:\WINDOWS\system32\lvci1110.dll
2008-02-24 00:12 . 2007-07-18 17:54 58,163 -ra------ C:\WINDOWS\system32\lvcoinst.ini
2008-02-24 00:12 . 2007-07-18 18:44 41,752 -ra------ C:\WINDOWS\system32\drivers\LVUSBSta.sys
2008-02-24 00:12 . 2007-07-18 17:55 19,344 -ra------ C:\WINDOWS\system32\Repository.reg
2008-02-24 00:03 . 2008-02-24 00:03 127,034 -r------- C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
2008-02-23 23:36 . 2008-02-24 00:02 <DIR> d-------- C:\Program Files\Logitech
2008-02-23 23:36 . 2008-02-24 00:12 <DIR> d-------- C:\Program Files\Common Files\LogiShrd
2008-02-23 23:36 . 2008-02-23 23:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2008-02-23 23:31 . 2008-02-23 23:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\LogiShrd
2008-02-23 22:28 . 2008-02-24 00:51 26,823 ---hs---- C:\WINDOWS\system32\gtbqxajb.ini
2008-02-23 02:28 . 2008-02-23 02:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-02-22 22:28 . 2008-02-22 22:28 26,583 ---hs---- C:\WINDOWS\system32\teddkdmq.ini
2008-02-21 22:27 . 2008-02-22 22:28 26,523 ---hs---- C:\WINDOWS\system32\smtxwxtq.ini
2008-02-21 10:22 . 2008-02-26 18:50 136,640 --a------ C:\WINDOWS\BMbf1f185a.xml
2008-02-21 10:22 . 2008-02-26 09:25 22 --a------ C:\WINDOWS\pskt.ini
2008-02-20 10:20 . 2008-02-20 10:20 294 ---hs---- C:\WINDOWS\system32\dmmcmlyp.ini
2008-02-19 21:06 . 2008-02-26 01:46 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-02-19 19:20 . 2008-02-19 19:20 2,238 --a------ C:\WINDOWS\system32\GClogo_32x32.ico
2008-02-19 10:41 . 2008-02-19 10:41 <DIR> d-------- C:\WINDOWS\wofk
2008-02-19 10:14 . 2008-02-21 09:18 36,864 --a------ C:\WINDOWS\system32\fwehg.exe
2008-02-19 10:14 . 2008-02-20 02:18 36,864 --a------ C:\WINDOWS\gsdfr5yhgjng.exe
2008-02-19 10:14 . 2008-02-21 09:18 36,864 --a------ C:\WINDOWS\f5egfdsgw.exe
2008-02-19 02:06 . 2008-02-19 02:06 <DIR> d-------- C:\Program Files\Opera
2008-02-19 00:54 . 2008-02-19 00:54 26,096 --a------ C:\WINDOWS\system32\pmnkllk.dll
2008-02-18 23:11 . 2008-02-18 23:11 9,662 --a------ C:\WINDOWS\system32\ZoneAlarmIconUS.ico
2008-02-18 22:34 . 2008-02-19 00:32 40,960 --a------ C:\WINDOWS\system32\hjjtgyg.exe
2008-02-18 22:34 . 2008-02-19 00:32 40,960 --a------ C:\WINDOWS\gfderygfh.exe
2008-02-18 22:30 . 2008-02-18 22:30 <DIR> d-------- C:\Documents and Settings\Gabby\Application Data\Motive
2008-02-18 22:28 . 2008-02-18 22:28 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Yahoo!
2008-02-18 10:18 . 2008-02-18 10:18 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
2008-02-17 23:19 . 2008-02-17 23:19 270,698 --a------ C:\WINDOWS\system32\L1E67.tmp
2008-02-17 23:19 . 2008-02-17 23:19 181,965 --a------ C:\WINDOWS\system32\LF2E7.tmp
2008-02-17 23:19 . 2008-02-17 23:19 400 --a------ C:\WINDOWS\system32\L5BA0.tmp
2008-02-14 16:22 . 2007-01-31 09:58 43,387 --a------ C:\WINDOWS\browser.exe
2008-02-14 16:22 . 2007-01-31 09:58 6,246 --a------ C:\WINDOWS\atty.ico
2008-02-14 16:21 . 2008-02-14 16:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Motive
2008-02-14 16:21 . 2005-05-10 00:36 81,920 --------- C:\WINDOWS\system32\W32n50.dll
2008-02-14 16:21 . 2005-05-10 00:36 17,162 --------- C:\WINDOWS\system32\Pcandis5.sys
2008-02-14 16:21 . 2005-05-10 00:36 16,848 --------- C:\WINDOWS\system32\Pcandis4.sys
2008-02-14 16:21 . 2005-05-10 00:36 16,073 --------- C:\WINDOWS\system32\Pcandis3.vxd
2008-02-14 16:20 . 2008-02-14 16:20 <DIR> d-------- C:\WINDOWS\Motive
2008-02-14 16:20 . 2008-02-18 22:29 <DIR> d-------- C:\Program Files\Common Files\Motive
2008-02-14 16:19 . 2008-02-18 22:28 <DIR> d-------- C:\Program Files\SBC Self Support Tool
2008-02-14 16:08 . 2008-02-14 16:08 <DIR> d-------- C:\Program Files\BroadJump
2008-02-14 16:03 . 2001-01-12 16:09 313,856 --a------ C:\WINDOWS\system32\dx3j.dll
2008-02-14 16:03 . 2001-01-12 18:04 171,280 --a------ C:\WINDOWS\system32\jit.dll
2008-02-14 16:03 . 2001-01-12 18:04 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2008-02-14 16:03 . 2001-01-12 18:04 46,352 --a------ C:\WINDOWS\setdebug.exe
2008-02-14 16:03 . 2001-01-12 16:27 7,315 --a------ C:\WINDOWS\system32\javasup.vxd
2008-02-14 16:03 . 2001-01-12 16:10 6,550 --a------ C:\WINDOWS\jautoexp.dat
2008-02-14 15:47 . 2007-01-31 09:58 266,240 --------- C:\WINDOWS\SBCDSL.exe
2008-02-14 15:47 . 2007-01-31 09:58 6,345 -ra------ C:\WINDOWS\system32\DevMngr.vxd
2008-02-14 13:43 . 2008-02-14 13:43 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll
2008-02-13 12:22 . 2008-02-13 12:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\LightScribe
2008-02-13 12:14 . 2008-02-13 12:14 <DIR> d-------- C:\Program Files\Common Files\LightScribe
2008-02-13 12:10 . 2008-02-19 21:09 <DIR> d-------- C:\Documents and Settings\Gabby\Application Data\Ahead
2008-02-13 12:04 . 2008-02-13 12:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2008-02-13 11:57 . 2008-02-13 12:00 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-02-13 11:57 . 2008-02-13 11:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-02-09 12:27 . 2008-02-14 15:45 2,876 --a------ C:\WINDOWS\ACROREAD.INI
2008-01-30 20:02 . 2008-01-30 20:02 54,608 --a------ C:\WINDOWS\system32\xfcodec.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-29 15:45 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-28 00:03 --------- d-----w C:\Documents and Settings\Gabby\Application Data\uTorrent
2008-02-22 06:46 20,480 ----a-w C:\WINDOWS\quit.exe
2008-02-14 22:03 155,995 ----a-w C:\WINDOWS\java\Packages\MZXZ7PR9.ZIP
2008-02-08 17:25 --------- d-----w C:\Documents and Settings\Gabby\Application Data\Xfire
2008-01-15 04:22 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Xfire
2008-01-09 18:02 --------- d-----w C:\Documents and Settings\Aphikins\Application Data\Xfire
2008-01-09 07:49 --------- d-----w C:\Documents and Settings\NetworkService\Application Data\Xfire
2008-01-08 18:23 --------- d-----w C:\Documents and Settings\Aphikins\Application Data\uTorrent
2008-01-08 18:06 --------- d-----w C:\Documents and Settings\Aphikins\Application Data\Media Player Classic
2008-01-02 00:28 --------- d-----w C:\Documents and Settings\Aphikins\Application Data\Yahoo!
2008-01-01 22:50 --------- d-----w C:\Documents and Settings\Aphikins\Application Data\Grisoft
2007-12-28 22:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft
2007-10-04 09:46 142 ----a-w C:\Program Files\page.html
2006-12-03 01:05 2,522 ----a-w C:\Program Files\func.js
2006-11-25 07:57 482 ----a-w C:\Program Files\Del.js
.
------- Sigcheck -------
28f288e08a098df3c0eb6aa813bb41fd C:\WINDOWS\system32\drivers\tcpip.sys
-c--a-w 359,040 2007-11-27 04:40:38 C:\WINDOWS\system32\dllcache\tcpip.sys
----a-w 359,040 2007-11-27 04:40:38 C:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"DAEMON Tools Pro Agent"="D:\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 07:08 136136]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 17:36 455968]
"QdrPack12"="C:\Program Files\QdrPack\QdrPack12.exe" [ ]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 17:43 4670704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 08:28 577536 C:\WINDOWS\SOUNDMAN.EXE]
"nwiz"="nwiz.exe" [2005-06-15 16:20 1519616 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-06-15 16:20 86016]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-06-15 16:20 6803456]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 16:02 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 16:06 2027792]
C:\Documents and Settings\Aphikins\Start Menu\Programs\Startup\
Xfire.lnk - E:\Xfire\xfire.exe [2008-01-30 20:02:36 2880336]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
AT&T Self Support Tool.lnk - C:\Program Files\SBC Self Support Tool\bin\matcli.exe [2008-02-14 16:19:14 217088]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-02-24 00:03:19 67128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
[HKLM\~\startupfolder\C:^Documents and Settings^Gabby^Start Menu^Programs^Startup^IMVU.lnk]
path=C:\Documents and Settings\Gabby\Start Menu\Programs\Startup\IMVU.lnk
backup=C:\WINDOWS\pss\IMVU.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bc2c2bc6]
C:\WINDOWS\system32\lvmighrc.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
E:\Program Files\BitComet\BitComet.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJCFD]
--a------ 2002-09-10 21:26 368706 C:\Program Files\BroadJump\Client Foundation\CFD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
--a------ 2007-09-06 07:08 136136 D:\DAEMON Tools Pro\DTProAgent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IESet]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
--a------ 2007-06-25 08:47 1057064 E:\Nero 7\InCD\InCD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
--a------ 2007-08-23 17:36 455968 C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
--a------ 2005-08-24 07:51 442455 C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2005-06-15 16:20 6803456 C:\WINDOWS\system32\NvCpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\runner1]
C:\WINDOWS\mrofinu572.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
--a------ 2007-06-25 08:47 1629480 E:\Nero 7\InCD\NBHGui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uaq]
C:\Documents and Settings\Gabby\Application Data\?asks\r?gedit.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinAble]
C:\Program Files\WinAble\winable.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2007-08-30 17:43 4670704 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MSControlService"=3 (0x3)
"DomainService"=2 (0x2)
"PavPrSrv"=2 (0x2)
"LightScribeService"=2 (0x2)
"InCDsrv"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"D:\\NeverwinterNights\\NWN\\nwmain.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"E:\\NeverwinterNights\\NWN\\nwmain.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"E:\\Xfire\\xfire.exe"=
"D:\\Program Files\\utorrent\\utorrent.exe"=
"D:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10048:TCP"= 10048:TCP:BitComet 10048 TCP
"10048:UDP"= 10048:UDP:BitComet 10048 UDP
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
S1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys []
S2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys []
S3 MSControlService;Microsoft cache control;C:\WINDOWS\system32\windows []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dde30040-84e0-11dc-9900-000d8734a114}]
\Shell\AutoRun\command - G:\LaunchU3.exe
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder
"2008-02-29 15:31:02 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-02-29 09:58:35
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
.
**************************************************************************
.
Completion time: 2008-02-29 10:01:18 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-29 16:01:08
ComboFix2.txt 2007-12-28 22:46:53
Hijack!This log :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:10:23, on 2/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG7\avgwb.dat
E:\Program Files\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://att.yahoo.comR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "D:\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [QdrPack12] "C:\Program Files\QdrPack\QdrPack12.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.liv...m/quickadd.aspxO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Gabby\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Microsoft cache control (MSControlService) - Unknown owner - C:\WINDOWS\system32\windows (file missing)
O23 - Service: NBService - Nero AG - E:\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 6602 bytes
Sign In
Create Account
