Member Panel

midge

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:07:59, on 11/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
C:\Program Files\Netropa\Onscreen Display\OSD.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
D:\LiveUpdate.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [diagnostics] "C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe" /icon -l:en
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TrojanScanner] D:\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [BTCLiveUpdate] "D:\LiveUpdate.exe" /autostart
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Run Nintendo Wi-Fi USB Connector Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/...osticsxp2k.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1195521811593
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://support.f-secure.com/enu/home...fshc/fscax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{04EAEDE1-039A-497A-8642-263E76935EFA}: NameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CS1\Services\Tcpip\..\{04EAEDE1-039A-497A-8642-263E76935EFA}: NameServer = 194.168.4.100 194.168.8.100
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DisplayLink Service (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - (no file)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 9968 bytes

I ran HJT and this was notepad info that I saved, the info that appeared in the HJT window I was not able to copy and paste and that log starts with the 01 numbers the C:\program and C:\ DOCUME don`t appear in the HJT window.

Thanks for any help
Midge

ih8bills

Hi... Welcome to PCHF.

Forum Rules require that HJT logs must be analyzed by experienced Security Team Analysts. This is for your protection... and to give you our best service.

Our Security Team is always very busy-- and as we live all over the Earth...
Time-Zones are also an important factor.

Your patience is greatly appreciated.

Thank You

valis

hello midge, and welcome.....

what problems are you having, exactly? Log looks pretty clean, so let's dig deeper. Also, I will be out of town this weekend, so I may not get a chance to check in until monday, but I'll try to check this afternoon.

Go here: http://www.bleepingcomputer.com/comb...o-use-combofix
Follow the instructions for ComboFix, then paste the results along with a new HJT log.

Thanks,

v

midge

Hello and thanks for taking a look.
I have a problem with a closure box in the upper left hand corner, I posted a thread about it on the spyware board and apart from that the pc is slow to load up tool bar and desk top and it can be slow to shut down, pages don`t seem to be as responsive as they were and if there are a few tags open then I get "has encountered a problem / serious problem (one or the other) and needs to close.
It all just seems to be a bit touchy and slow. I`ll download the combe fix and post results of that and HJT.
Thanks Midge

valis

as for the recovery console part of combofix, it's a pretty tried and tested app. If you are still worried about it, we can go a different route to see what's up.

Using Internet Explorer, visit Free Virus Scan - Kaspersky Lab

Answer Yes, when prompted to install an ActiveX component.

The program will then begin downloading the latest definition files.
Once the files have been downloaded click on NEXT
Locate the Scan Settings button & configure to:
- Scan using the following Anti-Virus database:
  - Extended
- Scan Options:
  - Scan Archives
  - Scan Mail Bases
Click OK & have it scan My Computer
Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
Click the Save as Text button to save the file to your desktop so that you may post it in your next reply
Turn off the real time scanner of any existing antivirus program while performing the online scan

Thanks,

v

midge · 11:55 AM

This is the combo fix log, but after it ran the pc shut down saying it had encountered a serious error and had to close......
ComboFix 08-04-14.2 - Ken 2008-04-16 11:34:56.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.166 [GMT 1:00]
Running from: C:\Documents and Settings\Ken\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2008-03-16 to 2008-04-16 )))))))))))))))))))))))))))))))
.

2008-04-16 10:07 . 2008-03-29 18:45 1,146,232 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-04-16 10:07 . 2004-01-09 09:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-04-16 10:07 . 2008-03-29 18:23 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-04-16 10:07 . 2008-03-29 18:35 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-04-16 10:07 . 2008-01-17 16:34 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-04-16 10:07 . 2008-03-29 18:31 75,856 --a------ C:\WINDOWS\system32\drivers\aswSP.sys
2008-04-16 10:07 . 2008-03-29 18:27 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-04-16 10:07 . 2008-03-29 18:26 26,944 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-04-16 10:07 . 2008-03-29 18:29 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-04-16 10:07 . 2008-03-29 18:35 20,560 --a------ C:\WINDOWS\system32\drivers\aswFsBlk.sys
2008-04-14 10:13 . 2008-04-14 10:13 <DIR> d-------- C:\kav
2008-04-11 22:21 . 2008-04-11 22:21 <DIR> d-------- C:\WINDOWS\TSdesktoptoy
2008-04-11 22:21 . 2008-04-11 22:21 171,520 --a------ C:\WINDOWS\system32\cncs32.dll
2008-04-11 22:21 . 2008-04-11 22:21 18 --a------ C:\WINDOWS\gfact.ini
2008-04-11 16:36 . 2008-04-11 16:36 <DIR> d-------- C:\Program Files\Fox
2008-04-10 23:00 . 2008-04-10 23:00 <DIR> d-------- C:\Documents and Settings\Ken\Application Data\Simply Super Software
2008-04-10 23:00 . 2008-04-10 23:00 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software
2008-04-10 23:00 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
2008-04-10 23:00 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-04-10 23:00 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
2008-04-10 23:00 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-04-10 23:00 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
2008-04-09 16:53 . 2008-04-09 16:53 <DIR> d-------- C:\Program Files\Yahoo!
2008-04-09 16:53 . 2008-04-09 16:53 <DIR> d-------- C:\Program Files\CCleaner
2008-04-09 12:32 . 2008-04-09 12:32 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-09 11:40 . 2008-04-09 11:40 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-09 11:40 . 2008-04-09 11:40 <DIR> d-------- C:\Documents and Settings\Ken\Application Data\Malwarebytes
2008-04-09 11:40 . 2008-04-09 11:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-09 11:38 . 2008-04-09 11:38 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2008-04-07 18:15 . 2008-04-07 18:16 <DIR> d-------- C:\Program Files\iTunes
2008-04-07 18:15 . 2008-04-07 18:15 <DIR> d-------- C:\Program Files\iPod
2008-04-07 17:49 . 2008-04-07 17:49 0 --a------ C:\WINDOWS\nsreg.dat
2008-04-05 12:01 . 2007-09-05 23:22 289,144 --------- C:\WINDOWS\system32\VCCLSID.exe
2008-04-05 12:01 . 2006-04-27 16:49 288,417 --------- C:\WINDOWS\system32\SrchSTS.exe
2008-04-05 12:01 . 2008-03-01 23:12 86,016 --------- C:\WINDOWS\system32\VACFix.exe
2008-04-05 12:01 . 2008-03-05 22:29 82,432 --------- C:\WINDOWS\system32\IEDFix.exe
2008-04-05 12:01 . 2003-06-05 20:13 53,248 --------- C:\WINDOWS\system32\Process.exe
2008-04-05 12:01 . 2004-07-31 17:50 51,200 --------- C:\WINDOWS\system32\dumphive.exe
2008-04-05 12:01 . 2007-10-03 23:36 25,600 --------- C:\WINDOWS\system32\WS2Fix.exe
2008-04-02 22:27 . 2008-04-02 22:27 <DIR> d-------- C:\Program Files\DisplayLink Core Software
2008-04-02 22:27 . 2008-04-02 22:27 <DIR> d-------- C:\Program Files\Acer Monitor
2008-03-30 18:10 . 2008-03-30 18:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WEBREG
2008-03-30 18:03 . 2008-03-30 18:22 <DIR> d-------- C:\Documents and Settings\Ken\Application Data\HP
2008-03-30 17:59 . 2008-03-30 17:59 <DIR> d-------- C:\Program Files\Hewlett-Packard
2008-03-30 17:59 . 2008-03-30 17:59 <DIR> d-------- C:\Program Files\Common Files\HP
2008-03-30 17:59 . 2008-03-30 17:59 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-03-30 17:59 . 2008-03-30 17:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2008-03-30 17:59 . 2008-03-30 18:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP
2008-03-30 17:56 . 2008-03-30 18:10 164,924 --------- C:\WINDOWS\hpoins21.dat
2008-03-30 17:56 . 2008-02-15 04:41 7,262 --------- C:\WINDOWS\hpomdl21.dat
2008-03-30 17:46 . 2008-03-30 17:46 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-03-30 17:46 . 2008-03-30 17:49 <DIR> d-------- C:\temp\FixEngine
2008-03-30 17:46 . 2008-03-30 17:46 <DIR> d-------- C:\temp
2008-03-30 17:46 . 2008-03-30 18:06 <DIR> d-------- C:\Program Files\Hp
2008-03-30 14:44 . 2008-03-30 14:44 <DIR> d-------- C:\Program Files\Roxio
2008-03-30 14:44 . 2008-03-30 14:44 <DIR> d-------- C:\Program Files\Common Files\SureThing Shared
2008-03-29 11:43 . 2008-03-29 11:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-03-29 11:43 . 2007-03-08 05:20 49,920 -r------- C:\WINDOWS\system32\drivers\HPZid412.sys
2008-03-29 11:43 . 2007-03-08 05:20 16,496 -r------- C:\WINDOWS\system32\drivers\HPZipr12.sys
2008-03-29 11:42 . 2007-05-02 09:56 954,368 -r------- C:\WINDOWS\system32\hpotiop5.dll
2008-03-29 11:42 . 2007-05-02 10:01 675,840 -r------- C:\WINDOWS\system32\hpowiax5.dll
2008-03-29 11:42 . 2007-03-08 05:20 364,544 -r------- C:\WINDOWS\system32\hppldcoi.dll
2008-03-29 11:42 . 2007-03-08 05:20 309,760 -r------- C:\WINDOWS\system32\difxapi.dll
2008-03-29 11:42 . 2007-05-02 10:00 303,104 -r------- C:\WINDOWS\system32\hpovst12.dll
2008-03-29 11:42 . 2007-05-02 11:03 267,864 -r------- C:\WINDOWS\system32\hpzids01.dll
2008-03-29 11:42 . 2007-03-15 16:32 118,272 --------- C:\WINDOWS\system32\hpz3l5ha.dll
2008-03-29 11:42 . 2007-03-08 05:20 21,568 -r------- C:\WINDOWS\system32\drivers\HPZius12.sys
2008-03-29 11:42 . 2004-08-03 23:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-03-29 11:42 . 2004-08-03 23:58 15,104 -----c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-03-28 23:37 . 2008-03-28 23:37 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-03-28 23:37 . 2008-03-28 23:37 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-03-23 16:40 . 2008-03-25 20:55 <DIR> d-------- C:\Program Files\WinXMedia
2008-03-23 16:39 . 2004-07-03 22:59 524,288 --------- C:\WINDOWS\system32\xvidcore.dll
2008-03-23 16:39 . 2004-07-03 23:08 139,264 --------- C:\WINDOWS\system32\xvidvfw.dll
2008-03-22 17:13 . 2008-03-22 17:13 0 --------- C:\WINDOWS\RA26E1.tmp
2008-03-20 21:41 . 2008-03-30 14:07 <DIR> d-------- C:\Documents and Settings\Ken\Application Data\CheckPoint
2008-03-20 21:40 . 2008-03-20 21:40 144 --------- C:\WINDOWS\system32\lkfl.dat
2008-03-20 21:40 . 2008-03-30 14:07 96 --------- C:\WINDOWS\system32\pdfl.dat
2008-03-20 21:40 . 2008-03-20 21:40 96 --------- C:\WINDOWS\system32\ibfl.dat
2008-03-20 20:32 . 2001-06-29 20:40 29,696 --------- C:\WINDOWS\system32\flcss.exe
2008-03-20 19:06 . 2008-03-20 19:06 <DIR> d-------- C:\fsaua.data
2008-03-16 06:56 . 2008-03-16 06:56 <DIR> d-------- C:\Program Files\Tibia
2008-03-16 06:56 . 2008-03-16 06:57 <DIR> d-------- C:\Documents and Settings\Ken\Application Data\Tibia

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-04-16 08:47 --------- d-----w C:\Documents and Settings\Ken\Application Data\BitTorrent
2008-04-15 20:27 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-11 15:36 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-10 21:43 --------- d-----w C:\Documents and Settings\Ken\Application Data\DNA
2008-04-07 17:14 --------- d-----w C:\Program Files\QuickTime
2008-04-05 17:26 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
2008-04-04 16:46 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-04-03 21:59 --------- d-----w C:\Program Files\Dobermann
2008-04-03 19:11 --------- d-----w C:\Program Files\Google
2008-03-27 13:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-03-24 15:04 --------- d-----w C:\Program Files\DNA
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-11 18:34 --------- d-----w C:\Program Files\WiFiConnector
2008-03-07 16:02 --------- d-----w C:\Program Files\KONAMI
2008-03-07 13:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-06 13:04 2,864 ----a-w C:\WINDOWS\system32\winsock.dll
2008-03-03 12:03 --------- d-----w C:\Documents and Settings\Main\Application Data\ATI
2008-03-01 13:06 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-09 18:47 2,368 ------w C:\WINDOWS\system32\SVKP.sys
2008-01-31 22:11 524,288 ------w C:\WINDOWS\system32\DivXsm.exe
2008-01-31 22:11 3,596,288 ------w C:\WINDOWS\system32\qt-dx331.dll
2008-01-31 22:10 200,704 ------w C:\WINDOWS\system32\ssldivx.dll
2008-01-31 22:10 1,044,480 ------w C:\WINDOWS\system32\libdivx.dll
2008-01-29 11:02 107,368 ----a-w C:\WINDOWS\system32\GEARAspi.dll
2008-01-16 18:14 53,760 ------w C:\WINDOWS\system32\HPZipm12.dll
2008-01-16 18:14 49,152 ------w C:\WINDOWS\system32\HPZidr12.dll
2008-01-16 18:14 43,520 ------w C:\WINDOWS\system32\HPZinw12.dll
2008-01-16 18:14 33,280 ------w C:\WINDOWS\system32\HPZipr12.dll
2008-01-16 18:14 29,696 ------w C:\WINDOWS\system32\hpzipt12.dll
2008-01-16 18:14 20,480 ------w C:\WINDOWS\system32\hpzisn12.dll
2003-10-23 17:52 40,960 ------w C:\Program Files\Uninstall_CDS.exe
2008-01-09 23:55 385,257 --sh--w C:\WINDOWS\system32\ttstv.ini2
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
2007-11-06 01:50 542016 --------- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:56 15360]
"Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 19:23 102400]
"CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 12:03 868352]
"BTCLiveUpdate"="D:\LiveUpdate.exe" [2004-03-08 13:50 430080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-07-10 22:10 339968]
"diagnostics"="C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe" [2007-11-22 23:08 557149]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2007-06-11 08:06 901120]
"MULTIMEDIA KEYBOARD"="C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe" [2002-06-19 10:50 180224]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 17:41 45056]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 21:17 49152]
"hpqSRMon"="C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 16:31 80896]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"TrojanScanner"="D:\Trojan Remover\Trjscan.exe" [2008-04-07 19:51 873040]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe [2007-10-14 20:38:52 214360]
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe [2007-12-31 13:11:51 118784]
Run Nintendo Wi-Fi USB Connector Registration Tool.lnk - C:\Program Files\WiFiConnector\NintendoWFCReg.exe [2008-03-11 19:34:07 1073152]

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Thomson\\ST330\\service\\st330service.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"C:\\WINDOWS\\system32\\drqthhnp.exe"=
"C:\\WINDOWS\\system32\\hejlnqli.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\WINDOWS\\system32\\pnhtupfj.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"D:\\BitTorrent\\bittorrent.exe"=
"C:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpiscnapp.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Westwood\\RA2\\game.exe"=
"C:\\kav\\kav7.0\\english\\setup.exe"=
"C:\\Westwood\\SUN\\GAME.ICD"=

R0 si3112r;Silicon Image SiI 3512 SATARaid Controller;C:\WINDOWS\system32\drivers\si3112r.sys [2007-08-29 04:04]
R0 SiWinAcc;SiWinAcc;C:\WINDOWS\system32\drivers\SiWi nAcc.sys [2007-08-29 04:04]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 18:31]
R1 msikbd2k;Multimedia Keyboard Filter Driver;C:\WINDOWS\system32\DRIVERS\msikbd2k.sys [2001-12-20 09:02]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswF sBlk.sys [2008-03-29 18:35]
R2 DisplayLinkServiceisplayLink Service;"C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe" [2007-12-13 10:28]
R2 nhksrv;Netropa NHK Server;C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe [2001-08-06 06:41]
R2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys [2008-02-09 19:47]
R3 DisplayLinkmirrorisplayLinkmirror;C:\WINDOWS\syste m32\DRIVERS\DisplayLinkmirrorport.sys [2007-03-09 12:16]
S2 PPSCAN;PPSCAN;C:\WINDOWS\system32\drivers\PPSCAN.s ys [2002-03-29 15:58]
S3 ST330;ST330;C:\WINDOWS\system32\drivers\st330.sys [2007-11-22 22:32]
S3 STBUS;STBUS;C:\WINDOWS\system32\drivers\stbus.sys [2007-11-22 22:32]
S3 STETH;SpeedTouch Ethernet Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\steth.sys [2007-11-22 22:32]
S3 stppp;Speedtouch PPP Adapter Adapter;C:\WINDOWS\system32\DRIVERS\stppp.sys [2007-11-22 22:58]
S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-10-24 15:10]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-10-24 15:11]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-10-24 15:11]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-10-24 15:12]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-10-24 15:12]
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\w300bus.sys [2005-12-28 13:46]
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2005-12-28 13:47]
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2005-12-28 13:47]
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2005-12-28 13:48]
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w300obex.sys [2005-12-28 13:49]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.
Contents of the 'Scheduled Tasks' folder
"2008-04-14 17:06:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-04-14 17:55:00 C:\WINDOWS\Tasks\backup.job"
- C:\WINDOWS\system32\ntbackup.exeèbackup
.
************************************************** ************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-16 11:36:33
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
Completion time: 2008-04-16 11:37:31
ComboFix-quarantined-files.txt 2008-04-16 10:37:20
ComboFix2.txt 2008-04-16 10:28:51

Pre-Run: 8,652,980,224 bytes free
Post-Run: 8,640,933,888 bytes free
.
2008-04-11 12:55:13 --- E O F ---

AND THIS IS THE REPEAT HJT LOG

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:49, on 2008-04-16
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Netropa\Onscreen Display\OSD.exe
D:\LiveUpdate.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [diagnostics] "C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe" /icon -l:en
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TrojanScanner] D:\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [BTCLiveUpdate] "D:\LiveUpdate.exe" /autostart
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Run Nintendo Wi-Fi USB Connector Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/...osticsxp2k.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1195521811593
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://support.f-secure.com/enu/home...fshc/fscax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{04EAEDE1-039A-497A-8642-263E76935EFA}: NameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CS1\Services\Tcpip\..\{04EAEDE1-039A-497A-8642-263E76935EFA}: NameServer = 194.168.4.100 194.168.8.100
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DisplayLink Service (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: PsExec (PSEXESVC) - Unknown owner - C:\WINDOWS\PSEXESVC.EXE (file missing)
O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - (no file)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 10012 bytes

Thanks in advance
Midge

Member Panel

Sponsors and Ads

Live Tag Cloud