heres the combofix log with the HJT log
ComboFix 07-11-01.1 - Darlington Omeni 2007-11-04 9:08:01.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.334 [GMT -5:00]
Running from: C:\Documents and Settings\Darlington Omeni\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Darlington Omeni\Desktop\CFScript.txt
* Created a new restore point
FILE::
C:\WINDOWS\system32\cproyidp.dll
C:\WINDOWS\system32\orhqbldt.dll
C:\WINDOWS\system32\prcoqxgm.dll
C:\WINDOWS\system32\twtvxtrd.dll
C:\WINDOWS\system32\wvuvuus.dll
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\DOCUME~1\ALLUSE~1\APPLIC~1\systemerrorfixer
C:\DOCUME~1\ALLUSE~1\APPLIC~1\systemerrorfixer\Data\ac
C:\DOCUME~1\ALLUSE~1\APPLIC~1\systemerrorfixer\Data\em
C:\DOCUME~1\ALLUSE~1\APPLIC~1\systemerrorfixer\Data\oid
C:\DOCUME~1\ALLUSE~1\APPLIC~1\systemerrorfixer\Data\user
C:\DOCUME~1\ALLUSE~1\STARTM~1\Live Safety Center.lnk
C:\DOCUME~1\ALLUSE~1\STARTM~1\Online Security Guide.lnk
C:\DOCUME~1\DARLIN~1\APPLIC~1\systemerrorfixer
C:\DOCUME~1\DARLIN~1\APPLIC~1\systemerrorfixer\Logs\update.log
C:\DOCUME~1\DARLIN~1\Desktop\Live Safety Center.lnk
C:\DOCUME~1\DARLIN~1\Desktop\Online Security Guide.lnk
C:\DOCUME~1\DARLIN~1\FAVORI~1\Online Security Guide.lnk
C:\Documents and Settings\Darlington Omeni\Application Data\systemerrorfixer\Logs\update.log
C:\Documents and Settings\Darlington Omeni\Desktop\Live Safety Center.lnk
C:\Documents and Settings\Darlington Omeni\Desktop\Online Security Guide.lnk
C:\Documents and Settings\Darlington Omeni\Favorites\Online Security Guide.lnk
C:\Program Files\Common Files\SystemErrorFixer
C:\Program Files\Common Files\SystemErrorFixer\strpmon.exe
C:\Program Files\Faxfgqar
C:\Program Files\Iqpwprej
C:\Program Files\lmxqtyrm
C:\Program Files\Mxrqqohc
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\abadd.ini
C:\WINDOWS\system32\cproyidp.dll
C:\WINDOWS\system32\cwvhswti.dllbox
C:\WINDOWS\system32\ddaba.dll
C:\WINDOWS\system32\nqstv.ini2
C:\WINDOWS\system32\nqstv.tmp
C:\WINDOWS\system32\prcoqxgm.dll
C:\WINDOWS\system32\twtvxtrd.dllbox
C:\WINDOWS\system32\wvuvuus.dll
.
((((((((((((((((((((((((( Files Created from 2007-10-04 to 2007-11-04 )))))))))))))))))))))))))))))))
.
2007-11-04 01:32 86,080 --a------ C:\WINDOWS\system32\kyihlyen.dll
2007-11-04 01:32 78,912 --a------ C:\WINDOWS\system32\bjvnravy.dll
2007-11-04 01:23 340,032 --a------ C:\WINDOWS\system32\bmyhhykd.dll
2007-11-03 12:00 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-11-03 12:00 <DIR> d-------- C:\Documents and Settings\Darlington Omeni\Application Data\SUPERAntiSpyware.com
2007-11-03 12:00 <DIR> d-------- C:\DOCUME~1\DARLIN~1\APPLIC~1\SUPERAntiSpyware.com
2007-11-03 12:00 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
2007-11-01 10:32 <DIR> d-------- C:\WINDOWS\SpyMonitor
2007-11-01 10:32 1,246,720 --a------ C:\WINDOWS\system32\ModalCreateFileWarning.dll
2007-11-01 10:32 1,238,016 --a------ C:\WINDOWS\system32\ModalRegistryWarning.dll
2007-10-31 17:46 11,254 --a------ C:\WINDOWS\system32\locate.com
2007-10-31 16:47 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2007-10-31 11:31 <DIR> d-------- C:\Documents and Settings\Darlington Omeni\Application Data\Grisoft
2007-10-31 11:31 <DIR> d-------- C:\DOCUME~1\DARLIN~1\APPLIC~1\Grisoft
2007-10-31 11:31 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-10-30 05:41 <DIR> d-------- C:\ShowNew
2007-10-30 05:41 <DIR> d-------- C:\GetRunKey
2007-10-29 21:33 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-29 16:44 17,408 --a------ C:\psapi.dll
2007-10-29 05:49 <DIR> d-------- C:\Program Files\Enigma Software Group
2007-10-28 20:54 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-10-28 07:15 <DIR> d-------- C:\VundoFix Backups
2007-10-27 23:55 <DIR> d-------- C:\Program Files\RogueRemover FREE
2007-10-27 23:54 <DIR> d-------- C:\Program Files\Sunbelt Software
2007-10-27 23:26 <DIR> d-------- C:\Documents and Settings\Darlington Omeni\Application Data\True Sword
2007-10-27 23:26 <DIR> d-------- C:\DOCUME~1\DARLIN~1\APPLIC~1\True Sword
2007-10-27 23:25 <DIR> d-------- C:\Program Files\True Sword 4
2007-10-27 16:13 48 --a------ C:\Documents and Settings\Darlington Omeni\readme.bat
2007-10-27 16:12 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Agnitum
2007-10-25 09:26 53,248 --a------ C:\WINDOWS\bdoscandel.exe
2007-10-16 13:46 <DIR> d-------- C:\Program Files\DAEMON Tools
2007-10-16 13:42 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-10-16 13:22 <DIR> d-------- C:\Documents and Settings\Darlington Omeni\Application Data\dvdcss
2007-10-16 13:22 <DIR> d-------- C:\DOCUME~1\DARLIN~1\APPLIC~1\dvdcss
2007-10-15 15:59 <DIR> d-------- C:\Program Files\PCSecureDeleteTrial
2007-10-10 03:18 584,192 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-10-08 22:36 83,096 --a------ C:\WINDOWS\system32\SSSensor.dll
2007-10-08 22:35 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-04 03:24 --------- d-----w C:\Program Files\eMule
2007-11-04 02:01 --------- d-----w C:\Documents and Settings\Darlington Omeni\Application Data\Azureus
2007-11-04 02:01 --------- d-----w C:\DOCUME~1\DARLIN~1\APPLIC~1\Azureus
2007-10-31 18:38 --------- d-----w C:\Program Files\WinAce
2007-10-30 02:19 --------- d-----w C:\Program Files\Trend Micro
2007-10-29 00:16 --------- d-----w C:\Program Files\DivX
2007-10-28 12:54 5,258 ----a-w C:\WINDOWS\system32\drivers\fwdrv.err
2007-10-26 03:06 --------- d-----w C:\Program Files\Trillian
2007-10-24 16:34 --------- d-----w C:\Program Files\HP
2007-10-05 06:15 --------- d-----w C:\Program Files\Azureus
2007-10-01 16:26 --------- d-----w C:\Program Files\DVD Shrink
2007-10-01 16:26 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
2007-09-30 15:20 --------- d-----w C:\Program Files\Common Files\xing shared
2007-09-30 15:20 --------- d-----w C:\Program Files\Common Files\Real
2007-09-30 15:19 --------- d-----w C:\Program Files\Real
2007-09-30 15:10 --------- d-----w C:\Documents and Settings\Darlington Omeni\Application Data\Apple Computer
2007-09-30 15:10 --------- d-----w C:\DOCUME~1\DARLIN~1\APPLIC~1\Apple Computer
2007-09-30 15:04 --------- d-----w C:\Program Files\Apple Software Update
2007-09-30 15:03 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
2007-09-30 14:04 --------- d-----w C:\Program Files\AllToAVI
2007-09-30 03:13 47,360 ----a-w C:\Documents and Settings\Darlington Omeni\Application Data\pcouffin.sys
2007-09-30 03:13 47,360 ----a-w C:\DOCUME~1\DARLIN~1\APPLIC~1\pcouffin.sys
2007-09-30 03:13 --------- d-----w C:\Documents and Settings\Darlington Omeni\Application Data\Vso
2007-09-30 03:13 --------- d-----w C:\DOCUME~1\DARLIN~1\APPLIC~1\Vso
2007-09-29 17:38 --------- d-----w C:\Program Files\WinAVI Video Converter
2007-09-29 03:29 3,082 ----a-w C:\WINDOWS\system32\affv208325p1now.sys
2007-09-29 03:09 --------- d-----w C:\Documents and Settings\Darlington Omeni\Application Data\DVD Flick
2007-09-29 03:09 --------- d-----w C:\DOCUME~1\DARLIN~1\APPLIC~1\DVD Flick
2007-09-28 21:20 --------- d-----w C:\Program Files\Common Files\AVSMedia
2007-09-28 21:18 --------- d-----w C:\Documents and Settings\Darlington Omeni\Application Data\AVSMedia
2007-09-28 21:18 --------- d-----w C:\DOCUME~1\DARLIN~1\APPLIC~1\AVSMedia
2007-09-28 21:18 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
2007-09-28 21:17 --------- d-----w C:\Program Files\Common Files\Download Manager
2007-09-28 21:12 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G5
2007-09-28 21:02 36,734 ----a-w C:\WINDOWS\system32\OggDSuninst.exe
2007-09-28 21:02 --------- d-----w C:\Documents and Settings\Darlington Omeni\Application Data\River Past G5
2007-09-28 21:02 --------- d-----w C:\DOCUME~1\DARLIN~1\APPLIC~1\River Past G5
2007-09-28 04:19 --------- d-----w C:\Program Files\AC3Filter
2007-09-28 01:02 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys
2007-09-28 01:00 --------- d-----w C:\Documents and Settings\Darlington Omeni\Application Data\DivX
2007-09-28 01:00 --------- d-----w C:\DOCUME~1\DARLIN~1\APPLIC~1\DivX
2007-09-28 00:59 --------- d-----w C:\Program Files\Movkit
2007-09-26 01:19 --------- d-----w C:\Program Files\Smart Projects
2007-09-26 00:24 --------- d-----w C:\Program Files\Custom Technology
2007-09-25 23:26 --------- d-----w C:\Program Files\AVIcodec
2007-09-25 23:04 --------- d-----w C:\Program Files\MediaInfo
2007-09-25 16:55 --------- d-----w C:\Documents and Settings\Darlington Omeni\Application Data\CCEFront
2007-09-25 16:55 --------- d-----w C:\DOCUME~1\DARLIN~1\APPLIC~1\CCEFront
2007-09-25 12:02 --------- d-----w C:\Program Files\OpenVideoConverter
2007-09-22 14:58 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
2007-09-22 00:11 --------- d-----w C:\Documents and Settings\Darlington Omeni\Application Data\Sunbelt Software
2007-09-22 00:11 --------- d-----w C:\DOCUME~1\DARLIN~1\APPLIC~1\Sunbelt Software
2007-09-20 01:47 --------- d-----w C:\Documents and Settings\Darlington Omeni\Application Data\Comodo
2007-09-20 01:47 --------- d-----w C:\DOCUME~1\DARLIN~1\APPLIC~1\Comodo
2007-09-20 01:47 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\Comodo
2007-09-18 02:59 --------- d-----w C:\Program Files\Nero
2007-09-18 00:54 --------- d-----w C:\Documents and Settings\Darlington Omeni\Application Data\Ahead
2007-09-18 00:54 --------- d-----w C:\DOCUME~1\DARLIN~1\APPLIC~1\Ahead
2007-09-17 18:40 35,856 ----a-w C:\WINDOWS\system32\drivers\tmpreflt.sys
2007-09-17 18:40 202,768 ----a-w C:\WINDOWS\system32\drivers\tmxpflt.sys
2007-09-17 18:31 1,126,072 ----a-w C:\WINDOWS\system32\drivers\vsapint.sys
2007-09-16 18:46 --------- d-----w C:\Program Files\MTV Networks
2007-09-16 18:44 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-09-15 01:09 --------- d-----w C:\Program Files\Common Files\Sonic Shared
2007-09-15 01:08 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-09-12 11:02 --------- d-----w C:\Program Files\The Eagle
2007-09-11 23:14 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-09-10 01:19 --------- d-----w C:\Documents and Settings\Darlington Omeni\Application Data\The Eagle
2007-09-10 01:19 --------- d-----w C:\DOCUME~1\DARLIN~1\APPLIC~1\The Eagle
2007-09-08 20:17 --------- d-----w C:\Program Files\TVUPlayer
2007-09-05 23:41 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kontiki
2007-09-05 23:38 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\Channel4
2007-09-05 01:21 --------- d-----w C:\Program Files\Common Files\HP
2007-08-22 12:55 96,256 ------w C:\WINDOWS\system32\dllcache\inseng.dll
2007-08-22 12:55 665,600 ------w C:\WINDOWS\system32\dllcache\wininet.dll
2007-08-22 12:55 617,984 ------w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-08-22 12:55 55,808 ------w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-08-22 12:55 532,480 ------w C:\WINDOWS\system32\dllcache\mstime.dll
2007-08-22 12:55 474,112 ------w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-08-22 12:55 449,024 ------w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-08-22 12:55 39,424 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-08-22 12:55 357,888 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-08-22 12:55 3,064,832 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-08-22 12:55 251,904 ------w C:\WINDOWS\system32\dllcache\iepeers.dll
2007-08-22 12:55 205,824 ------w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-08-22 12:55 16,384 ------w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-08-22 12:55 151,040 ------w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-08-22 12:55 146,432 ------w C:\WINDOWS\system32\dllcache\msrating.dll
2007-08-22 12:55 1,498,112 ------w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-08-22 12:55 1,054,208 ------w C:\WINDOWS\system32\dllcache\danim.dll
2007-08-22 12:55 1,022,976 ------w C:\WINDOWS\system32\dllcache\browseui.dll
2007-08-21 10:19 18,432 ------w C:\WINDOWS\system32\dllcache\iedw.exe
2007-08-21 06:15 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-21 06:15 683,520 ------w C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-08-15 22:33 129,784 ----a-w C:\WINDOWS\system32\pxafs.dll
2007-08-15 22:33 120,056 ----a-w C:\WINDOWS\system32\pxcpyi64.exe
2007-08-15 22:33 118,520 ----a-w C:\WINDOWS\system32\pxinsi64.exe
.
((((((((((((((((((((((((((((( snapshot@2007-11-02_22.24.09.92 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-10-29 22:56:19 136,192 ----a-w C:\WINDOWS\catchme.exe
+ 2007-10-29 23:56:19 136,192 ----a-w C:\WINDOWS\catchme.exe
+ 2007-11-03 17:00:10 34,304 ----a-r C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF1.exe
+ 2007-11-03 17:00:10 29,696 ----a-r C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF11.exe
- 2007-10-28 03:43:47 63,860 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2007-11-04 14:18:41 63,860 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-10-28 03:43:47 405,310 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2007-11-04 14:18:41 405,310 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2007-07-22 22:39:27 279,552 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2007-07-22 23:39:27 279,552 ----a-w C:\WINDOWS\system32\swreg.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"pccguide.exe"="C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe" [2006-11-21 14:02]
"SigmatelSysTrayApp"="stsystra.exe" [2006-07-24 10:20 C:\WINDOWS\stsystra.exe]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 07:15]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2006-07-21 16:50]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 05:20]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 04:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OE_OEM"="C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe" [2006-08-04 16:15]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 13:06]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cwvhswti]
cwvhswti.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
backup=C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
"C:\Program Files\Dell Support\DSAgnt.exe" /startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ModemOnHold]
C:\Program Files\NetWaiting\netWaiting.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
.
**************************************************************************
catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-11-04 09:17:10
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-11-04 9:22:45 - machine was rebooted
C:\ComboFix2.txt ... 2007-11-03 08:19
C:\ComboFix3.txt ... 2007-11-02 21:26
.
--- E O F ---
heres the HJT log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:24:11 AM, on 11/4/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tsc.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\dmoney.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O3 - Toolbar: (no name) - {F4D76F09-7896-458a-890F-E1F05C46069F} - (no file)
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [OE_OEM] "C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -
http://download.divx.com/webplayer/stag ... taller.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: cwvhswti - cwvhswti.dll (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
--
End of file - 4553 bytes