Malware Removal Help

Thank you for taking the time to look at my logs and helping me to fix the computer i posted both a ComboFix log and a Hijack This log. The Hijack This log was taken after i ran combo fix, combo fix may have solved the problem i am not entirely sure. I would greatly appreciate it if someone could look over my logs and verify that for me. The problem i had was pop-ups would continually infest my computer and lime wire would try to open it's self up even after I un-installed the program. once again i would like to thank you for your help.

________________________________________________________________________________

Combo Fix Log

ComboFix 08-01-17.1 - 01/16/2008 17:21:53.1 - NTFSx86
Running from: C:\Documents and Settings\LocalService\Desktop\ComboFix(3).exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Ferynd\Start Menu\Programs\Outerinfo
C:\Documents and Settings\Ferynd\Start Menu\Programs\Outerinfo\Terms.lnk
C:\Documents and Settings\Ferynd\Start Menu\Programs\Outerinfo\Uninstall.lnk
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt
C:\Program Files\Common Files\mrfz\mrfza.exe
C:\Program Files\Common Files\mrfz\mrfza.lck
C:\Program Files\Common Files\mrfz\mrfzd\class-barrel
C:\Program Files\Common Files\mrfz\mrfzd\mrfzc.dll
C:\Program Files\Common Files\mrfz\mrfzd\vocabulary
C:\Program Files\Common Files\mrfz\mrfzl.exe
C:\Program Files\Common Files\mrfz\mrfzl.lck
C:\Program Files\Common Files\mrfz\mrfzm.exe
C:\Program Files\Common Files\mrfz\mrfzm.lck
C:\Program Files\Common Files\mrfz\mrfzp.exe
C:\Program Files\Common Files\stem~1\??stem\
C:\Program Files\Common Files\stem~1\mshta .exe
C:\Program Files\Common Files\stem~1\mshta.exe
C:\Program Files\Common Files\Yazzle1560OinAdmin.exe
C:\Program Files\Common Files\Yazzle1560OinUninstaller.exe
C:\Program Files\inetget2
C:\Program Files\inetget2\FINAL -- Fort 5.6_MST-ONLY.exe
C:\Program Files\network monitor
C:\Program Files\network monitor\netmon.exe
C:\Program Files\outerinfo
C:\Program Files\outerinfo\FF\chrome.manifest
C:\Program Files\outerinfo\FF\components\FF.dll
C:\Program Files\outerinfo\FF\components\OuterinfoAds.xpt
C:\Program Files\outerinfo\FF\install.rdf
C:\Program Files\outerinfo\Terms.rtf
C:\Program Files\Router
C:\Program Files\Router\Router .exe
C:\Program Files\Router\Router.exe
C:\Program Files\Router\UnInstall.exe
C:\Program Files\Temporary
C:\Program Files\Temporary\kernInst.exe
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\temp\tn3
C:\WINDOWS\b103.exe
C:\WINDOWS\b104.exe
C:\WINDOWS\b122.exe
C:\WINDOWS\b128.exe
C:\WINDOWS\b138.exe
C:\WINDOWS\b149.exe
C:\WINDOWS\b151.exe
C:\WINDOWS\Fonts\svchost.exe
C:\WINDOWS\mrfz
C:\WINDOWS\mrfz\mrfz.dat
C:\WINDOWS\mrfz\wu
C:\WINDOWS\mrofinu1000106.exe
C:\WINDOWS\mrofinu1188.exe
C:\WINDOWS\RmVyeW5k\
C:\WINDOWS\RmVyeW5k\\asappsrv.dll
C:\WINDOWS\RmVyeW5k\\command.exe
C:\WINDOWS\RmVyeW5k\\lApVyqc4.vbs
C:\WINDOWS\RmVyeW5k\command.exe
C:\WINDOWS\system32\atmtd.dll
C:\WINDOWS\system32\atmtd.dll._
C:\WINDOWS\system32\bkmqeqi.dll
C:\WINDOWS\system32\byxvuro.dll
C:\WINDOWS\system32\cbxyaxu.dll
C:\WINDOWS\system32\dccdd.ini
C:\WINDOWS\system32\dccdd.ini2
C:\WINDOWS\system32\ddccd.dll
C:\WINDOWS\system32\ddccd.exe
C:\WINDOWS\system32\fcccbxw.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\RCX25.tmp
C:\WINDOWS\system32\RCX2C.tmp
C:\WINDOWS\system32\tsuninst.exe
C:\WINDOWS\system32\wnscpsv.exe
C:\WINDOWS\uninstall_nmon.vbs
C:\WINDOWS\ymante~1
C:\WINDOWS\ymante~1\?hkntfs.exe
C:\WINDOWS\Fonts\-
C:\WINDOWS\system32\drivers\core.cache.dsk . . . . failed to delete

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_CMDSERVICE
-------\LEGACY_NETWORK_MONITOR
-------\cmdService
-------\Network Monitor

((((((((((((((((((((((((( Files Created from 2007-12-17 to 2008-01-17 )))))))))))))))))))))))))))))))
.

2008-01-17 17:54 . 2008-01-17 17:54 <DIR> d-------- C:\Temp\tn3
2008-01-16 17:13 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-16 07:30 . 2008-01-16 07:30 <DIR> d-------- C:\WINDOWS\system32\060607FF010A0
2008-01-16 07:29 . 2007-12-14 07:40 120,832 --a------ C:\WINDOWS\system32\18181912131C1.exe
2008-01-13 00:58 . 2008-01-13 01:50 <DIR> d-------- C:\LuniaGSP
2008-01-12 23:52 . 2008-01-12 23:52 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Talkback
2008-01-12 04:04 . 2008-01-12 04:04 24 --a------ C:\WINDOWS\wininit.ini
2008-01-12 04:02 . 2008-01-12 04:02 2 --a------ C:\WINDOWS\msoffice.ini
2008-01-12 03:55 . 2008-01-12 03:55 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2008-01-12 03:53 . 2008-01-12 03:53 <DIR> d-------- C:\WINDOWS\system32\vt8
2008-01-12 03:53 . 2008-01-12 03:53 <DIR> d-------- C:\WINDOWS\system32\mp2
2008-01-12 03:53 . 2008-01-12 04:49 <DIR> d-------- C:\WINDOWS\system32\ez4
2008-01-12 03:53 . 2008-01-12 03:53 <DIR> d-------- C:\WINDOWS\system32\che9
2008-01-12 03:53 . 2008-01-13 05:15 379,904 --a------ C:\WINDOWS\mrofinu1000106.exe.tmp
2008-01-12 03:53 . 2008-01-12 03:53 86,016 --a------ C:\WINDOWS\system32\drivers\atinmdxxx.sys
2008-01-12 03:53 . 2008-01-14 17:55 36,864 -ra------ C:\WINDOWS\mrofinu1188.exe.tmp
2008-01-12 03:53 . 2008-01-17 17:54 932 --------- C:\WINDOWS\system32\drivers\core.cache.dsk
2008-01-12 03:52 . 2008-01-12 03:52 <DIR> d-------- C:\WINDOWS\system32\edcA18
2008-01-12 03:52 . 2008-01-12 03:53 <DIR> d-------- C:\Temp\Ryuan1
2008-01-12 03:52 . 2008-01-17 17:54 <DIR> d-------- C:\Temp
2008-01-12 03:35 . 2008-01-13 18:36 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-12 03:35 . 2008-01-12 03:35 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-04 19:56 . 2008-01-04 19:57 82 --a------ C:\WINDOWS\mafosav.INI
2008-01-03 02:12 . 2008-01-03 02:12 <DIR> d-------- C:\WINDOWS\Sun
2008-01-02 23:48 . 2008-01-12 14:42 <DIR> d-------- C:\Documents and Settings\Ferynd\Shared
2008-01-02 23:48 . 2008-01-12 14:47 <DIR> d-------- C:\Documents and Settings\Ferynd\Incomplete
2008-01-02 23:48 . 2008-01-15 22:20 <DIR> d-------- C:\Documents and Settings\Ferynd\Application Data\LimeWire
2008-01-02 23:48 . 2007-07-12 02:22 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-01-02 23:47 . 2008-01-12 14:46 <DIR> d-------- C:\Program Files\LimeWire
2008-01-02 23:47 . 2008-01-02 23:48 <DIR> d-------- C:\Program Files\Java
2008-01-02 23:47 . 2008-01-02 23:47 <DIR> d-------- C:\Program Files\Common Files\Java
2008-01-02 09:43 . 2008-01-10 18:54 848 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-01-02 09:43 . 2008-01-10 18:54 56 -r-hs---- C:\WINDOWS\system32\9383E19219.sys
2008-01-02 09:39 . 2008-01-02 09:42 <DIR> d-------- C:\Program Files\Enterbrain
2007-12-29 14:23 . 2007-12-30 12:07 <DIR> d-------- C:\Program Files\Savage
2007-12-29 13:42 . 2007-12-29 13:52 <DIR> d-------- C:\Documents and Settings\Ferynd\.xmoto
2007-12-26 21:26 . 2007-12-26 21:26 <DIR> d-------- C:\Documents and Settings\Ferynd\Application Data\DivX
2007-12-22 04:44 . 2008-01-04 00:14 <DIR> d-------- C:\Program Files\Conquer 2.0
2007-12-20 03:38 . 2007-09-18 23:41 258,352 --a------ C:\WINDOWS\system32\unicows.dll
2007-12-20 03:34 . 2007-12-20 03:39 <DIR> d-------- C:\Program Files\PerfectWorld
2007-12-17 06:25 . 2007-12-17 06:25 <DIR> d-------- C:\Program Files\Orban

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-17 22:22 --------- d-----w C:\Program Files\QuickTime
2008-01-17 22:22 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-01-13 10:24 10 ----a-w C:\Program Files\.autoreg
2008-01-04 05:20 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-04 05:16 --------- d-----w C:\Program Files\ICQ
2008-01-04 05:12 --------- d-----w C:\Program Files\BigFix
2007-12-19 06:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\Outspark
2007-12-12 05:48 --------- d-----w C:\Program Files\Outspark
2007-12-12 05:47 --------- d-----w C:\Program Files\OGPlanet
2007-11-19 14:37 --------- d-----w C:\Documents and Settings\Ferynd\Application Data\MSN6
2007-11-19 14:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\MSN6
2007-11-18 14:46 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-11-17 10:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-17 10:15 --------- d-----w C:\Program Files\DivX
2007-11-17 05:13 --------- d-----w C:\Program Files\Common Files\DirectX
2007-11-05 23:41 118,784 ----a-w C:\WINDOWS\dsdxirmv.exe
2007-08-02 13:43 282,624 ----a-w C:\Program Files\TTC.dll
2003-08-13 13:23 32 --sha-w C:\WINDOWS\{A24287D9-C5C5-449A-A4D7-455BE6CFA48E}.dat
2003-08-13 13:23 32 --sha-w C:\WINDOWS\system32\{4AEF2316-1DFF-4F96-BEDB-54E5AA72AE7B}.dat
.

<pre>
----a-w		   185,632 2008-01-17 22:54:54  C:\Program Files\Common Files\Real\Update_OB\realsched .exe
----a-w			65,536 2008-01-17 22:54:54  C:\Program Files\Common Files\Roxio Shared\System\EngUtil .exe
----a-w			50,880 2008-01-17 22:54:50  C:\Program Files\Common Files\Symantec Shared\ccApp .exe
----a-w			34,504 2008-01-17 22:54:54  C:\Program Files\Common Files\Symantec Shared\ccRegVfy .exe
----a-w		   135,168 2008-01-17 22:54:55  C:\Program Files\eM\Bay Reader\Shwicon2k .exe
----a-w		   132,496 2008-01-17 22:54:55  C:\Program Files\Java\jre1.6.0_02\bin\jusched .exe
----a-w		   200,704 2008-01-17 22:54:54  C:\Program Files\Microsoft Money\System\mnyexpr .exe
----a-w		   652,800 2008-01-17 22:55:31  C:\Program Files\QuickTime\qttask   .exe
----a-w		   652,800 2008-01-17 22:22:58  C:\Program Files\QuickTime\qttask  .exe
----a-w		   652,800 2008-01-16 03:14:35  C:\Program Files\QuickTime\qttask .exe
----a-w		   868,352 2008-01-17 22:54:57  C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc .exe
----a-w		 3,411,968 2008-01-17 22:55:03  C:\Program Files\Veoh Networks\Veoh\VeohClient .exe
----a-w		   290,821 2008-01-16 03:14:52  C:\WINDOWS\Fonts\svchost .exe
</pre>

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{32B1B799-DDE6-4661-9A11-42C0ADD8870A}]
2008-01-17 17:54 335360 --a------ C:\WINDOWS\system32\ddccd.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{64DF53E2-D4B3-4297-80FA-D54F2F2B2F5C}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{757DBB88-003C-46D6-9227-EAD730371E28}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8E015787-B1E3-404a-95DE-3E71E1FA0305}]
2007-11-19 05:36 64000 --a------ C:\WINDOWS\system32\spads.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2008-01-17 17:22 551936]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-01-15 22:14 4055552]
"Router"="C:\Program Files\Router\Router.exe" [ ]
"Usrr"="C:\PROGRA~1\COMMON~1\STEM~1\mshta.exe" [ ]
"Zpgpo"="C:\WINDOWS\?ymantec\?hkntfs.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"09090A03040D060"="18181912131C1.exe" [2007-12-14 07:40 120832 C:\WINDOWS\system32\18181912131C1.exe]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-01-15 22:14 390656]
"ccRegVfy"="C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" [2008-01-17 17:22 374272]
"CHotkey"="mHotkey.exe" [2003-03-21 13:26 483840 C:\WINDOWS\mHotkey.exe]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2007-09-17 00:07 8491008]
"nwiz"="nwiz.exe" [2007-09-17 00:07 1626112 C:\WINDOWS\system32\nwiz.exe]
"showicon2k"="C:\Program Files\\eM\Bay Reader\Shwicon2k.exe" [2008-01-15 22:14 526336]
"RoxioEngineUtility"="C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" [2008-01-17 17:55 406528]
"RoxioDragToDisc"="C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" [2008-01-15 22:14 1215488]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2007-09-17 00:07 81920]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-15 22:14 525824]
"QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [2008-01-17 17:55 652800]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2008-01-15 22:14 475648]

[HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\windows]
"load"=C:\WINDOWS\system32\ddccd.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\ddccd

R1 atinmdxxx;atinmdxxx;C:\WINDOWS\system32\drivers\atinmdxxx.sys [2008-01-12 03:53]
S3 CEUSBAUD;DigiTech USB MIDI Driver;C:\WINDOWS\system32\Drivers\CEUSBAUD.sys [2003-11-01 15:19]

*Newly Created Service* - HTTPFILTER
.
Contents of the 'Scheduled Tasks' folder
"2008-01-12 03:13:42 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer.job"
- C:\PROGRA~1\NORTON~1\NAVW32.exeG/task:C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\NORTON~1\Tasks\mycomp.sca
"2007-11-05 19:32:08 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-17 17:54:44
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\system32\dccdd.ini2 319 bytes
C:\WINDOWS\system32\ddccd.exe 338944 bytes executable

scan completed successfully
hidden files: 2

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2900.3156]
-> C:\WINDOWS\system32\ddccd.dll
.
Completion time: 2008-01-17 18:01:36 - machine was rebooted [Ferynd]
ComboFix-quarantined-files.txt 2008-01-17 23:01:32
.
2008-01-10 16:35:16 --- E O F ---

________________________________________________________________________________

Hijack This Log after running combo fix

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:13, on 2008-01-17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\18181912131C1.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\eM\Bay Reader\Shwicon2k.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Common Files\Symantec Shared\ccApp .exe
C:\Program Files\Common Files\Real\Update_OB\realsched .exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc .exe
C:\Program Files\eM\Bay Reader\Shwicon2k .exe
C:\Program Files\Veoh Networks\Veoh\VeohClient .exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched .exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.emachines.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.emachines.com/
F3 - REG:win.ini: load=C:\WINDOWS\system32\ddccd.exe
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [09090A03040D060] 18181912131C1.exe
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [showicon2k] C:\Program Files\\eM\Bay Reader\Shwicon2k.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\spads.dll" DllVerify
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [Router] C:\Program Files\Router\Router.exe
O4 - HKCU\..\Run: [Usrr] "C:\PROGRA~1\COMMON~1\STEM~1\mshta.exe" -vt ndrv
O4 - HKCU\..\Run: [Zpgpo] C:\WINDOWS\?ymantec\?hkntfs.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 5127 bytes

Edited by ferynd, 16 January 2008 - 06:16 PM.

#1
ferynd

Posted 16 January 2008 - 06:15 PM

Advertisements

#2
Rorschach112

Posted 16 January 2008 - 06:33 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us