Scan saved at 11:17:54, on 17/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\atiptaxx.exe
C:\Program Files\Common Files\Nokia\NCLTools\NclConf.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Creative\SBAudigy\Taskbar\CTLTray.exe
C:\Program Files\Creative\SBAudigy\Taskbar\CTLTask.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\program files\BigFix\BigFix.exe
C:\program files\EPSON\EPSON CardMonitor\EPSON CardMonitor1.0.exe
C:\program files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
C:\program files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Michael Colin Sage\Desktop\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://community.surfya.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Evesham
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Nokia Connection Monitor] "C:\Program Files\Common Files\Nokia\NCLTools\NclConf.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [explorer] C:\WINDOWS\System32\explorer.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [clfmon] C:\WINDOWS\clfmon.exe
O4 - HKLM\..\Run: [nvsvca32] C:\WINDOWS\nvsvca32.exe
O4 - HKLM\..\Run: [tfDPSclfmon.exe] C:\WINDOWS\tfDPSclfmon.exe
O4 - HKLM\..\Run: [rjcJdclfmon.exe] C:\WINDOWS\rjcJdclfmon.exe
O4 - HKLM\..\Run: [ZtqfUnvsvca32.exe] C:\WINDOWS\ZtqfUnvsvca32.exe
O4 - HKLM\..\Run: [npImdnvsvca32.exe] C:\WINDOWS\npImdnvsvca32.exe
O4 - HKLM\..\Run: [AHmGxclfmon.exe] C:\WINDOWS\AHmGxclfmon.exe
O4 - HKLM\..\Run: [xErGoclfmon.exe] C:\WINDOWS\xErGoclfmon.exe
O4 - HKLM\..\Run: [tOdYOnvsvca32.exe] C:\WINDOWS\tOdYOnvsvca32.exe
O4 - HKLM\..\Run: [VnqGFnvsvca32.exe] C:\WINDOWS\VnqGFnvsvca32.exe
O4 - HKLM\..\Run: [fclebnvsvca32.exe] C:\WINDOWS\fclebnvsvca32.exe
O4 - HKLM\..\Run: [VXBrcnvsvca32.exe] C:\WINDOWS\VXBrcnvsvca32.exe
O4 - HKLM\..\Run: [eehQSclfmon.exe] C:\WINDOWS\eehQSclfmon.exe
O4 - HKLM\..\Run: [aRXRgclfmon.exe] C:\WINDOWS\aRXRgclfmon.exe
O4 - HKLM\..\Run: [vAPBVnvsvca32.exe] C:\WINDOWS\vAPBVnvsvca32.exe
O4 - HKLM\..\Run: [edCTBnvsvca32.exe] C:\WINDOWS\edCTBnvsvca32.exe
O4 - HKLM\..\Run: [aaLodnvsvca32.exe] C:\WINDOWS\aaLodnvsvca32.exe
O4 - HKLM\..\Run: [cGCqjnvsvca32.exe] C:\WINDOWS\cGCqjnvsvca32.exe
O4 - HKLM\..\Run: [wDGQanvsvca32.exe] C:\WINDOWS\wDGQanvsvca32.exe
O4 - HKLM\..\Run: [blaDUnvsvca32.exe] C:\WINDOWS\blaDUnvsvca32.exe
O4 - HKLM\..\Run: [mQlEuclfmon.exe] C:\WINDOWS\mQlEuclfmon.exe
O4 - HKLM\..\Run: [YANgvclfmon.exe] C:\WINDOWS\YANgvclfmon.exe
O4 - HKLM\..\Run: [GfNbKnvsvca32.exe] C:\WINDOWS\GfNbKnvsvca32.exe
O4 - HKLM\..\Run: [IFiECclfmon.exe] C:\WINDOWS\IFiECclfmon.exe
O4 - HKLM\..\Run: [QsrUdnvsvca32.exe] C:\WINDOWS\QsrUdnvsvca32.exe
O4 - HKLM\..\Run: [OvWOhclfmon.exe] C:\WINDOWS\OvWOhclfmon.exe
O4 - HKLM\..\Run: [GHeAMclfmon.exe] C:\WINDOWS\GHeAMclfmon.exe
O4 - HKLM\..\Run: [tEYKVclfmon.exe] C:\WINDOWS\tEYKVclfmon.exe
O4 - HKLM\..\Run: [leDhInvsvca32.exe] C:\WINDOWS\leDhInvsvca32.exe
O4 - HKLM\..\Run: [NXvMhnvsvca32.exe] C:\WINDOWS\NXvMhnvsvca32.exe
O4 - HKLM\..\Run: [txvAFnvsvca32.exe] C:\WINDOWS\txvAFnvsvca32.exe
O4 - HKLM\..\Run: [TWdWMclfmon.exe] C:\WINDOWS\TWdWMclfmon.exe
O4 - HKLM\..\Run: [gUeFhclfmon.exe] C:\WINDOWS\gUeFhclfmon.exe
O4 - HKLM\..\Run: [rByLIclfmon.exe] C:\WINDOWS\rByLIclfmon.exe
O4 - HKLM\..\Run: [mxQofnvsvca32.exe] C:\WINDOWS\mxQofnvsvca32.exe
O4 - HKLM\..\Run: [cltaKnvsvca32.exe] C:\WINDOWS\cltaKnvsvca32.exe
O4 - HKLM\..\Run: [oaclMnvsvca32.exe] C:\WINDOWS\oaclMnvsvca32.exe
O4 - HKLM\..\Run: [DGTJUclfmon.exe] C:\WINDOWS\DGTJUclfmon.exe
O4 - HKLM\..\Run: [ZRPyOnvsvca32.exe] C:\WINDOWS\ZRPyOnvsvca32.exe
O4 - HKLM\..\Run: [YkxxQnvsvca32.exe] C:\WINDOWS\YkxxQnvsvca32.exe
O4 - HKLM\..\Run: [GgLewnvsvca32.exe] C:\WINDOWS\GgLewnvsvca32.exe
O4 - HKLM\..\Run: [ViODHnvsvca32.exe] C:\WINDOWS\ViODHnvsvca32.exe
O4 - HKLM\..\Run: [KtaIpnvsvca32.exe] C:\WINDOWS\KtaIpnvsvca32.exe
O4 - HKLM\..\Run: [MjOxBclfmon.exe] C:\WINDOWS\MjOxBclfmon.exe
O4 - HKLM\..\Run: [BuKJjclfmon.exe] C:\WINDOWS\BuKJjclfmon.exe
O4 - HKLM\..\Run: [UYrapclfmon.exe] C:\WINDOWS\UYrapclfmon.exe
O4 - HKLM\..\Run: [kIcxsnvsvca32.exe] C:\WINDOWS\kIcxsnvsvca32.exe
O4 - HKLM\..\Run: [FYNgQnvsvca32.exe] C:\WINDOWS\FYNgQnvsvca32.exe
O4 - HKLM\..\Run: [aVpeCnvsvca32.exe] C:\WINDOWS\aVpeCnvsvca32.exe
O4 - HKLM\..\Run: [pQJDSnvsvca32.exe] C:\WINDOWS\pQJDSnvsvca32.exe
O4 - HKLM\..\Run: [mNBnGclfmon.exe] C:\WINDOWS\mNBnGclfmon.exe
O4 - HKLM\..\Run: [Wfbibnvsvca32.exe] C:\WINDOWS\Wfbibnvsvca32.exe
O4 - HKLM\..\Run: [FcbLUnvsvca32.exe] C:\WINDOWS\FcbLUnvsvca32.exe
O4 - HKLM\..\Run: [ePcaCclfmon.exe] C:\WINDOWS\ePcaCclfmon.exe
O4 - HKLM\..\Run: [CjXiFclfmon.exe] C:\WINDOWS\CjXiFclfmon.exe
O4 - HKLM\..\Run: [xdGBQclfmon.exe] C:\WINDOWS\xdGBQclfmon.exe
O4 - HKLM\..\Run: [GDmkPclfmon.exe] C:\WINDOWS\GDmkPclfmon.exe
O4 - HKLM\..\Run: [bOCNSnvsvca32.exe] C:\WINDOWS\bOCNSnvsvca32.exe
O4 - HKLM\..\Run: [IfGowclfmon.exe] C:\WINDOWS\IfGowclfmon.exe
O4 - HKLM\..\Run: [YbMDbclfmon.exe] C:\WINDOWS\YbMDbclfmon.exe
O4 - HKLM\..\Run: [ooHsdclfmon.exe] C:\WINDOWS\ooHsdclfmon.exe
O4 - HKLM\..\Run: [XZYOhnvsvca32.exe] C:\WINDOWS\XZYOhnvsvca32.exe
O4 - HKLM\..\Run: [eCvdEclfmon.exe] C:\WINDOWS\eCvdEclfmon.exe
O4 - HKLM\..\Run: [apJaynvsvca32.exe] C:\WINDOWS\apJaynvsvca32.exe
O4 - HKLM\..\Run: [ZUhTYnvsvca32.exe] C:\WINDOWS\ZUhTYnvsvca32.exe
O4 - HKLM\..\Run: [GDRvRclfmon.exe] C:\WINDOWS\GDRvRclfmon.exe
O4 - HKLM\..\Run: [lcCHUclfmon.exe] C:\WINDOWS\lcCHUclfmon.exe
O4 - HKLM\..\Run: [nOtCbclfmon.exe] C:\WINDOWS\nOtCbclfmon.exe
O4 - HKLM\..\Run: [kWmSInvsvca32.exe] C:\WINDOWS\kWmSInvsvca32.exe
O4 - HKLM\..\Run: [jvEDUnvsvca32.exe] C:\WINDOWS\jvEDUnvsvca32.exe
O4 - HKLM\..\Run: [HSDPRclfmon.exe] C:\WINDOWS\HSDPRclfmon.exe
O4 - HKLM\..\Run: [iAxOXclfmon.exe] C:\WINDOWS\iAxOXclfmon.exe
O4 - HKLM\..\Run: [xQARaclfmon.exe] C:\WINDOWS\xQARaclfmon.exe
O4 - HKLM\..\Run: [ZsEjCclfmon.exe] C:\WINDOWS\ZsEjCclfmon.exe
O4 - HKLM\..\Run: [qSxfUnvsvca32.exe] C:\WINDOWS\qSxfUnvsvca32.exe
O4 - HKLM\..\Run: [ALfpbclfmon.exe] C:\WINDOWS\ALfpbclfmon.exe
O4 - HKLM\..\Run: [PdYCdclfmon.exe] C:\WINDOWS\PdYCdclfmon.exe
O4 - HKLM\..\Run: [lIaBaclfmon.exe] C:\WINDOWS\lIaBaclfmon.exe
O4 - HKLM\..\Run: [NwaaQclfmon.exe] C:\WINDOWS\NwaaQclfmon.exe
O4 - HKLM\..\Run: [wRTbBnvsvca32.exe] C:\WINDOWS\wRTbBnvsvca32.exe
O4 - HKLM\..\Run: [MkUfLnvsvca32.exe] C:\WINDOWS\MkUfLnvsvca32.exe
O4 - HKLM\..\Run: [GbfsLclfmon.exe] C:\WINDOWS\GbfsLclfmon.exe
O4 - HKLM\..\Run: [JKjoQclfmon.exe] C:\WINDOWS\JKjoQclfmon.exe
O4 - HKLM\..\Run: [aROqEnvsvca32.exe] C:\WINDOWS\aROqEnvsvca32.exe
O4 - HKLM\..\Run: [ajVoPnvsvca32.exe] C:\WINDOWS\ajVoPnvsvca32.exe
O4 - HKLM\..\Run: [XbRsinvsvca32.exe] C:\WINDOWS\XbRsinvsvca32.exe
O4 - HKLM\..\Run: [ifOLRclfmon.exe] C:\WINDOWS\ifOLRclfmon.exe
O4 - HKLM\..\Run: [eQIlanvsvca32.exe] C:\WINDOWS\eQIlanvsvca32.exe
O4 - HKLM\..\Run: [tiBhlclfmon.exe] C:\WINDOWS\tiBhlclfmon.exe
O4 - HKLM\..\Run: [biaNinvsvca32.exe] C:\WINDOWS\biaNinvsvca32.exe
O4 - HKLM\..\Run: [kCbXrnvsvca32.exe] C:\WINDOWS\kCbXrnvsvca32.exe
O4 - HKLM\..\Run: [rKMbknvsvca32.exe] C:\WINDOWS\rKMbknvsvca32.exe
O4 - HKLM\..\Run: [YTecYclfmon.exe] C:\WINDOWS\YTecYclfmon.exe
O4 - HKLM\..\Run: [WpZfynvsvca32.exe] C:\WINDOWS\WpZfynvsvca32.exe
O4 - HKLM\..\Run: [nPSkJclfmon.exe] C:\WINDOWS\nPSkJclfmon.exe
O4 - HKLM\..\Run: [cKHqnclfmon.exe] C:\WINDOWS\cKHqnclfmon.exe
O4 - HKLM\..\Run: [JLRjbnvsvca32.exe] C:\WINDOWS\JLRjbnvsvca32.exe
O4 - HKLM\..\Run: [RYdloclfmon.exe] C:\WINDOWS\RYdloclfmon.exe
O4 - HKLM\..\Run: [bcIGrnvsvca32.exe] C:\WINDOWS\bcIGrnvsvca32.exe
O4 - HKLM\..\Run: [lcJJFclfmon.exe] C:\WINDOWS\lcJJFclfmon.exe
O4 - HKLM\..\Run: [FgevQclfmon.exe] C:\WINDOWS\FgevQclfmon.exe
O4 - HKLM\..\Run: [TpAuWclfmon.exe] C:\WINDOWS\TpAuWclfmon.exe
O4 - HKLM\..\Run: [rGrqinvsvca32.exe] C:\WINDOWS\rGrqinvsvca32.exe
O4 - HKLM\..\Run: [iApwnnvsvca32.exe] C:\WINDOWS\iApwnnvsvca32.exe
O4 - HKLM\..\Run: [PAPpdnvsvca32.exe] C:\WINDOWS\PAPpdnvsvca32.exe
O4 - HKLM\..\Run: [KhVByclfmon.exe] C:\WINDOWS\KhVByclfmon.exe
O4 - HKLM\..\Run: [CaqiZnvsvca32.exe] C:\WINDOWS\CaqiZnvsvca32.exe
O4 - HKLM\..\Run: [VHAsUnvsvca32.exe] C:\WINDOWS\VHAsUnvsvca32.exe
O4 - HKLM\..\Run: [vQJtBclfmon.exe] C:\WINDOWS\vQJtBclfmon.exe
O4 - HKLM\..\Run: [RfabMclfmon.exe] C:\WINDOWS\RfabMclfmon.exe
O4 - HKLM\..\Run: [yaNDSclfmon.exe] C:\WINDOWS\yaNDSclfmon.exe
O4 - HKLM\..\Run: [RbUgAclfmon.exe] C:\WINDOWS\RbUgAclfmon.exe
O4 - HKLM\..\Run: [rddYvclfmon.exe] C:\WINDOWS\rddYvclfmon.exe
O4 - HKLM\..\Run: [dddeBclfmon.exe] C:\WINDOWS\dddeBclfmon.exe
O4 - HKLM\..\Run: [pbFIMclfmon.exe] C:\WINDOWS\pbFIMclfmon.exe
O4 - HKLM\..\Run: [GagRKnvsvca32.exe] C:\WINDOWS\GagRKnvsvca32.exe
O4 - HKLM\..\Run: [CBBbgnvsvca32.exe] C:\WINDOWS\CBBbgnvsvca32.exe
O4 - HKLM\..\Run: [VVAbdclfmon.exe] C:\WINDOWS\VVAbdclfmon.exe
O4 - HKLM\..\Run: [FfKbZnvsvca32.exe] C:\WINDOWS\FfKbZnvsvca32.exe
O4 - HKLM\..\Run: [qMDdmclfmon.exe] C:\WINDOWS\qMDdmclfmon.exe
O4 - HKLM\..\Run: [rqwhMclfmon.exe] C:\WINDOWS\rqwhMclfmon.exe
O4 - HKLM\..\Run: [GWPnGclfmon.exe] C:\WINDOWS\GWPnGclfmon.exe
O4 - HKLM\..\Run: [yegMGnvsvca32.exe] C:\WINDOWS\yegMGnvsvca32.exe
O4 - HKLM\..\Run: [nSbalnvsvca32.exe] C:\WINDOWS\nSbalnvsvca32.exe
O4 - HKLM\..\Run: [iUTApnvsvca32.exe] C:\WINDOWS\iUTApnvsvca32.exe
O4 - HKLM\..\Run: [QVlXmnvsvca32.exe] C:\WINDOWS\QVlXmnvsvca32.exe
O4 - HKLM\..\Run: [lJfBbclfmon.exe] C:\WINDOWS\lJfBbclfmon.exe
O4 - HKLM\..\Run: [eDIHKclfmon.exe] C:\WINDOWS\eDIHKclfmon.exe
O4 - HKLM\..\Run: [FESAHnvsvca32.exe] C:\WINDOWS\FESAHnvsvca32.exe
O4 - HKLM\..\Run: [biqQfnvsvca32.exe] C:\WINDOWS\biqQfnvsvca32.exe
O4 - HKLM\..\Run: [IdeAmnvsvca32.exe] C:\WINDOWS\IdeAmnvsvca32.exe
O4 - HKLM\..\Run: [KedvGclfmon.exe] C:\WINDOWS\KedvGclfmon.exe
O4 - HKLM\..\Run: [CRImanvsvca32.exe] C:\WINDOWS\CRImanvsvca32.exe
O4 - HKLM\..\Run: [vacJBclfmon.exe] C:\WINDOWS\vacJBclfmon.exe
O4 - HKLM\..\Run: [GeGuwnvsvca32.exe] C:\WINDOWS\GeGuwnvsvca32.exe
O4 - HKLM\..\Run: [HumQGclfmon.exe] C:\WINDOWS\HumQGclfmon.exe
O4 - HKLM\..\Run: [sSHiaclfmon.exe] C:\WINDOWS\sSHiaclfmon.exe
O4 - HKLM\..\Run: [eZBVUnvsvca32.exe] C:\WINDOWS\eZBVUnvsvca32.exe
O4 - HKLM\..\Run: [RAFdqclfmon.exe] C:\WINDOWS\RAFdqclfmon.exe
O4 - HKLM\..\Run: [wljffnvsvca32.exe] C:\WINDOWS\wljffnvsvca32.exe
O4 - HKLM\..\Run: [HfwaNnvsvca32.exe] C:\WINDOWS\HfwaNnvsvca32.exe
O4 - HKLM\..\Run: [BvrVHclfmon.exe] C:\WINDOWS\BvrVHclfmon.exe
O4 - HKLM\..\Run: [ZGtsWnvsvca32.exe] C:\WINDOWS\ZGtsWnvsvca32.exe
O4 - HKLM\..\Run: [dHZfSclfmon.exe] C:\WINDOWS\dHZfSclfmon.exe
O4 - HKLM\..\Run: [cgjddnvsvca32.exe] C:\WINDOWS\cgjddnvsvca32.exe
O4 - HKLM\..\Run: [eoxMvclfmon.exe] C:\WINDOWS\eoxMvclfmon.exe
O4 - HKLM\..\Run: [qdaYFnvsvca32.exe] C:\WINDOWS\qdaYFnvsvca32.exe
O4 - HKLM\..\Run: [KBPdbclfmon.exe] C:\WINDOWS\KBPdbclfmon.exe
O4 - HKLM\..\Run: [lQOTHclfmon.exe] C:\WINDOWS\lQOTHclfmon.exe
O4 - HKLM\..\Run: [bRCauclfmon.exe] C:\WINDOWS\bRCauclfmon.exe
O4 - HKLM\..\Run: [ZEcIVnvsvca32.exe] C:\WINDOWS\ZEcIVnvsvca32.exe
O4 - HKLM\..\Run: [Wcwfbclfmon.exe] C:\WINDOWS\Wcwfbclfmon.exe
O4 - HKLM\..\Run: [TeGuDnvsvca32.exe] C:\WINDOWS\TeGuDnvsvca32.exe
O4 - HKLM\..\Run: [BRyXinvsvca32.exe] C:\WINDOWS\BRyXinvsvca32.exe
O4 - HKLM\..\Run: [xYHhQclfmon.exe] C:\WINDOWS\xYHhQclfmon.exe
O4 - HKLM\..\Run: [JFIqRclfmon.exe] C:\WINDOWS\JFIqRclfmon.exe
O4 - HKLM\..\Run: [aeJmanvsvca32.exe] C:\WINDOWS\aeJmanvsvca32.exe
O4 - HKLM\..\Run: [NQQamclfmon.exe] C:\WINDOWS\NQQamclfmon.exe
O4 - HKLM\..\Run: [vRaSaclfmon.exe] C:\WINDOWS\vRaSaclfmon.exe
O4 - HKLM\..\Run: [hjfgNnvsvca32.exe] C:\WINDOWS\hjfgNnvsvca32.exe
O4 - HKLM\..\Run: [ecHOhclfmon.exe] C:\WINDOWS\ecHOhclfmon.exe
O4 - HKLM\..\Run: [PlxUsclfmon.exe] C:\WINDOWS\PlxUsclfmon.exe
O4 - HKLM\..\Run: [NeCBenvsvca32.exe] C:\WINDOWS\NeCBenvsvca32.exe
O4 - HKLM\..\Run: [cpPEFclfmon.exe] C:\WINDOWS\cpPEFclfmon.exe
O4 - HKLM\..\Run: [iOAsanvsvca32.exe] C:\WINDOWS\iOAsanvsvca32.exe
O4 - HKLM\..\Run: [aVdetclfmon.exe] C:\WINDOWS\aVdetclfmon.exe
O4 - HKLM\..\Run: [IQapNclfmon.exe] C:\WINDOWS\IQapNclfmon.exe
O4 - HKLM\..\Run: [DFTlZnvsvca32.exe] C:\WINDOWS\DFTlZnvsvca32.exe
O4 - HKLM\..\Run: [JbCkqnvsvca32.exe] C:\WINDOWS\JbCkqnvsvca32.exe
O4 - HKLM\..\Run: [vFSGUnvsvca32.exe] C:\WINDOWS\vFSGUnvsvca32.exe
O4 - HKLM\..\Run: [XtEYEnvsvca32.exe] C:\WINDOWS\XtEYEnvsvca32.exe
O4 - HKLM\..\Run: [Ymedcnvsvca32.exe] C:\WINDOWS\Ymedcnvsvca32.exe
O4 - HKLM\..\Run: [hEWfmnvsvca32.exe] C:\WINDOWS\hEWfmnvsvca32.exe
O4 - HKLM\..\Run: [daFdnclfmon.exe] C:\WINDOWS\daFdnclfmon.exe
O4 - HKLM\..\Run: [KcXeknvsvca32.exe] C:\WINDOWS\KcXeknvsvca32.exe
O4 - HKLM\..\Run: [Deakfnvsvca32.exe] C:\WINDOWS\Deakfnvsvca32.exe
O4 - HKLM\..\Run: [YESvonvsvca32.exe] C:\WINDOWS\YESvonvsvca32.exe
O4 - HKLM\..\Run: [VqfGanvsvca32.exe] C:\WINDOWS\VqfGanvsvca32.exe
O4 - HKLM\..\Run: [SyhWIclfmon.exe] C:\WINDOWS\SyhWIclfmon.exe
O4 - HKLM\..\Run: [btuIunvsvca32.exe] C:\WINDOWS\btuIunvsvca32.exe
O4 - HKLM\..\Run: [YCDYbnvsvca32.exe] C:\WINDOWS\YCDYbnvsvca32.exe
O4 - HKLM\..\Run: [doebnnvsvca32.exe] C:\WINDOWS\doebnnvsvca32.exe
O4 - HKLM\..\Run: [KAwcdnvsvca32.exe] C:\WINDOWS\KAwcdnvsvca32.exe
O4 - HKLM\..\Run: [Gtpewnvsvca32.exe] C:\WINDOWS\Gtpewnvsvca32.exe
O4 - HKLM\..\Run: [fvHPmclfmon.exe] C:\WINDOWS\fvHPmclfmon.exe
O4 - HKLM\..\Run: [cmrDBclfmon.exe] C:\WINDOWS\cmrDBclfmon.exe
O4 - HKLM\..\Run: [EbeVjnvsvca32.exe] C:\WINDOWS\EbeVjnvsvca32.exe
O4 - HKLM\..\Run: [okQuLclfmon.exe] C:\WINDOWS\okQuLclfmon.exe
O4 - HKLM\..\Run: [QWDFuclfmon.exe] C:\WINDOWS\QWDFuclfmon.exe
O4 - HKLM\..\Run: [TnNIUnvsvca32.exe] C:\WINDOWS\TnNIUnvsvca32.exe
O4 - HKLM\..\Run: [iFcJEnvsvca32.exe] C:\WINDOWS\iFcJEnvsvca32.exe
O4 - HKLM\..\Run: [UGoCHclfmon.exe] C:\WINDOWS\UGoCHclfmon.exe
O4 - HKLM\..\Run: [BHIDEclfmon.exe] C:\WINDOWS\BHIDEclfmon.exe
O4 - HKLM\..\Run: [FQMuinvsvca32.exe] C:\WINDOWS\FQMuinvsvca32.exe
O4 - HKLM\..\Run: [faWgfclfmon.exe] C:\WINDOWS\faWgfclfmon.exe
O4 - HKLM\..\Run: [hACBPclfmon.exe] C:\WINDOWS\hACBPclfmon.exe
O4 - HKLM\..\Run: [OBLuMclfmon.exe] C:\WINDOWS\OBLuMclfmon.exe
O4 - HKLM\..\Run: [cAftYnvsvca32.exe] C:\WINDOWS\cAftYnvsvca32.exe
O4 - HKLM\..\Run: [uwAPdnvsvca32.exe] C:\WINDOWS\uwAPdnvsvca32.exe
O4 - HKLM\..\Run: [RvlaEnvsvca32.exe] C:\WINDOWS\RvlaEnvsvca32.exe
O4 - HKLM\..\Run: [iVmcWclfmon.exe] C:\WINDOWS\iVmcWclfmon.exe
O4 - HKLM\..\Run: [dbsxHnvsvca32.exe] C:\WINDOWS\dbsxHnvsvca32.exe
O4 - HKLM\..\Run: [hfTaJclfmon.exe] C:\WINDOWS\hfTaJclfmon.exe
O4 - HKLM\..\Run: [uvgoHnvsvca32.exe] C:\WINDOWS\uvgoHnvsvca32.exe
O4 - HKLM\..\Run: [ZNfjYnvsvca32.exe] C:\WINDOWS\ZNfjYnvsvca32.exe
O4 - HKLM\..\Run: [ElpFvclfmon.exe] C:\WINDOWS\ElpFvclfmon.exe
O4 - HKLM\..\Run: [LHoalclfmon.exe] C:\WINDOWS\LHoalclfmon.exe
O4 - HKLM\..\Run: [PakgXnvsvca32.exe] C:\WINDOWS\PakgXnvsvca32.exe
O4 - HKLM\..\Run: [Misvynvsvca32.exe] C:\WINDOWS\Misvynvsvca32.exe
O4 - HKLM\..\Run: [bTYEdnvsvca32.exe] C:\WINDOWS\bTYEdnvsvca32.exe
O4 - HKLM\..\Run: [AlRPhnvsvca32.exe] C:\WINDOWS\AlRPhnvsvca32.exe
O4 - HKLM\..\Run: [DJbBgclfmon.exe] C:\WINDOWS\DJbBgclfmon.exe
O4 - HKLM\..\Run: [uEGcIclfmon.exe] C:\WINDOWS\uEGcIclfmon.exe
O4 - HKLM\..\Run: [XiFqFclfmon.exe] C:\WINDOWS\XiFqFclfmon.exe
O4 - HKLM\..\Run: [xkectclfmon.exe] C:\WINDOWS\xkectclfmon.exe
O4 - HKLM\..\Run: [HfUTxnvsvca32.exe] C:\WINDOWS\HfUTxnvsvca32.exe
O4 - HKLM\..\Run: [KgNUfnvsvca32.exe] C:\WINDOWS\KgNUfnvsvca32.exe
O4 - HKLM\..\Run: [acdRIclfmon.exe] C:\WINDOWS\acdRIclfmon.exe
O4 - HKLM\..\Run: [ZVirAclfmon.exe] C:\WINDOWS\ZVirAclfmon.exe
O4 - HKLM\..\Run: [fsvvIclfmon.exe] C:\WINDOWS\fsvvIclfmon.exe
O4 - HKLM\..\Run: [SvcH0st] C:\WINDOWS\shch.exe /i
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [TkBellExee] C:\WINDOWS\realschd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [ASDPLUGIN] C:\WINDOWS\system32\temp532.exe -N
O4 - HKLM\..\Run: [IEACCESS] C:\WINDOWS\system32\temp532.exe -N
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [PPWebCap] C:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe
O4 - HKCU\..\Run: [TaskTray] C:\Program Files\Creative\SBAudigy\Taskbar\CTLTray.exe
O4 - HKCU\..\Run: [Taskbar] C:\Program Files\Creative\SBAudigy\Taskbar\CTLTask.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Drar] C:\Documents and Settings\Michael Colin Sage\Application Data\ttnr.exe
O4 - HKCU\..\Run: [Meghx] C:\WINDOWS\System32\qnkd.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BigFix.lnk = C:\program files\BigFix\BigFix.exe
O4 - Global Startup: EPSON CardMonitor.lnk = ?
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Kodak EasyShare software.lnk = C:\program files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\program files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\program files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Remedy Keys.lnk = C:\program files\Remedy Keys.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {237AA178-C3BC-4f67-A8BB-D8BC14BA0B89} - C:\DOCUME~1\KERRYJ~1\LOCALS~1\Temp\remove_me.dll (file missing)
O9 - Extra button: Microsoft® JavaScript® Console - {3D3809CB-C35F-4465-825B-461B903BEB9F} - C:\WINDOWS\system32\COMDLG32.OCX
O9 - Extra 'Tools' menuitem: JavaScript Console - {3D3809CB-C35F-4465-825B-461B903BEB9F} - C:\WINDOWS\system32\COMDLG32.OCX
O9 - Extra button: Microsoft® JavaScript® Console - {405BCD7B-F932-4841-8C22-C1E99CB4A7F7} - C:\WINDOWS\system32\COMDLG32.OCX
O9 - Extra 'Tools' menuitem: JavaScript Console - {405BCD7B-F932-4841-8C22-C1E99CB4A7F7} - C:\WINDOWS\system32\COMDLG32.OCX
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\EROProj.dll
O9 - Extra button: Microsoft® JavaScript® Console - {A62943F4-B2DA-4366-A12B-BDFCB6004B4D} - C:\WINDOWS\system32\COMDLG32.OCX
O9 - Extra 'Tools' menuitem: JavaScript Console - {A62943F4-B2DA-4366-A12B-BDFCB6004B4D} - C:\WINDOWS\system32\COMDLG32.OCX
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\program files\AIM\aim.exe
O9 - Extra button: Microsoft® JavaScript® Console - {B72A6D8C-8F6D-4C9F-90FF-25D0A050B96F} - C:\WINDOWS\system32\COMDLG32.OCX
O9 - Extra 'Tools' menuitem: JavaScript Console - {B72A6D8C-8F6D-4C9F-90FF-25D0A050B96F} - C:\WINDOWS\system32\COMDLG32.OCX
O9 - Extra button: Microsoft® JavaScript® Console - {EB6B5DA5-6946-4613-977A-385D8F0FE1BF} - C:\WINDOWS\system32\COMDLG32.OCX
O9 - Extra 'Tools' menuitem: JavaScript Console - {EB6B5DA5-6946-4613-977A-385D8F0FE1BF} - C:\WINDOWS\system32\COMDLG32.OCX
O9 - Extra button: Microsoft® JavaScript® Console - {ECCD6D25-C922-4186-ACC9-8C1BA418D12B} - C:\WINDOWS\system32\COMDLG32.OCX
O9 - Extra 'Tools' menuitem: JavaScript Console - {ECCD6D25-C922-4186-ACC9-8C1BA418D12B} - C:\WINDOWS\system32\COMDLG32.OCX
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {237AA178-C3BC-4f67-A8BB-D8BC14BA0B89} - C:\DOCUME~1\KERRYJ~1\LOCALS~1\Temp\remove_me.dll (file missing) (HKCU)
O9 - Extra button: Microsoft® JavaScript® Console - {A62943F4-B2DA-4366-A12B-BDFCB6004B4D} - C:\WINDOWS\system32\COMDLG32.OCX (HKCU)
O9 - Extra 'Tools' menuitem: JavaScript Console - {A62943F4-B2DA-4366-A12B-BDFCB6004B4D} - C:\WINDOWS\system32\COMDLG32.OCX (HKCU)
O9 - Extra button: (no name) - {E9173ECA-1F4F-41ed-AF1F-8F723DFE3458} - (no file) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.etel-internet.co.uk
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/ ... nicode.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... Client.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.telewest.co.uk/motive/files/ ... reQual.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by8fd.bay8.hotmail.msn.com/activex/HMAtchmt.ocx
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe