I am not sure if below is what you meant by including the C:\ComboFix.txt but this is what was produced by ComboFix. I put a big space between this and the HIJACK THIS log.
Thanks for the help,
ComboFix 08-10-30.09 - HP_Administrator 2008-10-30 20:30:07.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.564 [GMT -5:00]
Running from: C:\Documents and Settings\HP_Administrator.JKHOME\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\HP_Administrator.JKHOME\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\MCX1\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\MCX2\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\WINDOWS\IE4 Error Log.txt
D:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2008-09-28 to 2008-10-31 )))))))))))))))))))))))))))))))
.
2008-10-28 15:53 . 2008-10-28 15:53 172,544 --a------ C:\WINDOWS\system32\rovoclpaymgjsodc.dll
2008-10-27 05:17 . 2008-10-27 05:17 <DIR> d-------- C:\WINDOWS\system32\References
2008-10-20 05:09 . 2008-10-20 05:09 600,064 --a------ C:\WINDOWS\system32\lqfynrjzngwr.dll
2008-10-17 13:48 . 2008-10-17 13:48 <DIR> d-------- C:\Documents and Settings\All Users\Symantec Temporary Files
2008-10-17 13:33 . 2008-10-20 10:46 90,948 --a------ C:\WINDOWS\system32\lqfynrjzngwr.dll-uninst.exe
2008-10-17 13:32 . 2008-10-28 16:33 78,620 --a------ C:\WINDOWS\system32\simhwaacioo.exe
2008-10-17 12:53 . 2008-10-17 12:53 <DIR> d-------- C:\Program Files\Common Files\eSellerate
2008-10-17 12:40 . 2008-10-17 12:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-17 12:38 . 2008-10-17 12:38 <DIR> d-------- C:\Program Files\Bonjour
2008-09-10 20:44 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2008-09-10 20:44 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2008-09-10 20:44 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2008-09-10 20:44 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2008-09-10 20:44 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2008-09-10 20:44 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2008-09-10 20:44 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2008-09-10 20:44 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2008-09-06 15:09 . 2008-09-06 15:09 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-09-06 15:09 . 2008-09-06 15:09 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-20 03:54 --------- d-----w C:\Program Files\Trend Micro
2008-10-20 00:48 --------- d-----w C:\Program Files\Tansee iPod Transfer Photo
2008-10-19 21:03 --------- d-----w C:\Program Files\HP Games
2008-10-19 21:00 --------- d-----w C:\Program Files\LimeWire
2008-10-19 18:27 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
2008-10-18 04:53 --------- d-----w C:\Documents and Settings\HP_Administrator.JKHOME\Application Data\LimeWire
2008-10-17 17:40 --------- d-----w C:\Program Files\iTunes
2008-10-17 17:40 --------- d-----w C:\Program Files\iPod
2008-10-17 17:37 --------- d-----w C:\Program Files\QuickTime
2008-10-17 17:26 --------- d-----w C:\Program Files\Apple Software Update
2008-10-15 08:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-08-28 10:04 333,056 ------w C:\WINDOWS\system32\drivers\srv.sys
2008-03-31 00:14 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-03-14 07:23 52,816 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\GDIPFONTCACHEV1.DAT
2007-11-13 04:28 1,388 ------w C:\Documents and Settings\HP_Administrator\Application Data\ViewerApp.dat
2007-09-07 03:56 0 ------w C:\Documents and Settings\HP_Administrator\Application Data\wklnhst.dat
2006-07-27 16:02 22 --sha-w C:\WINDOWS\SMINST\HPCD.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4AC0DC2C-F31D-06B2-DD1F-F3172EBBB9C0}]
2008-10-20 05:09 600064 --a------ C:\WINDOWS\system32\lqfynrjzngwr.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9429DFE4-4DCD-791B-0E66-DF4EFD27CD56}]
2008-10-28 15:53 172544 --a------ C:\WINDOWS\system32\rovoclpaymgjsodc.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-29 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-09 15360]
"OE"="C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe" [2007-12-16 492808]
"Microsoft Location Finder"="C:\Program Files\Microsoft Location Finder\LocationFinder.exe" [2005-08-24 101080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 67584]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-01-24 7311360]
"HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"DISCover"="C:\Program Files\DISC\DISCover.exe" [2006-03-16 1077248]
"DiscUpdateManager"="C:\Program Files\DISC\DiscUpdMgr.exe" [2006-03-16 61440]
"DMAScheduler"="c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe" [2006-03-20 90112]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-23 237568]
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-16 249856]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"VX3000"="C:\WINDOWS\vVX3000.exe" [2007-04-10 709992]
"LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 61440]
"UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [2008-07-29 1398024]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-05-06 180269]
"BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" [2006-06-28 622592]
"ControlCenter3"="C:\Program Files\Brother\ControlCenter3\brctrcen.exe" [2006-06-29 77824]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-09-06 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"viwbheurjaydwc"="C:\WINDOWS\system32\rovoclpaymgjsodc.dll" [2008-10-28 172544]
"RTHDCPL"="RTHDCPL.EXE" [2006-03-08 C:\WINDOWS\RTHDCPL.EXE]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 C:\WINDOWS\arpwrmsg.exe]
"nwiz"="nwiz.exe" [2006-01-24 C:\WINDOWS\system32\nwiz.exe]
C:\Documents and Settings\Default User\Start Menu\Programs\Startup\
Pin.lnk - C:\hp\bin\CLOAKER.EXE [2006-05-06 27136]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
Extender Resource Monitor.lnk - C:\WINDOWS\ehome\RMSysTry.exe [2005-10-20 18432]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-04-29 124400]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-12-15 282624]
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe [2006-11-01 118784]
Updates From HP.lnk - C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe [2006-05-06 36903]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\DISC\\DISCover.exe"=
"C:\\Program Files\\DISC\\DiscStreamHub.exe"=
"C:\\Program Files\\DISC\\myFTP.exe"=
"C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\SightSpeed\\SightSpeed.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
R2 MSCamSvc;MSCamSvc;C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b73cb5e-3ee0-11dd-bc42-001731ab145c}]
\Shell\AutoRun\command - J:\Accessories_eCommerce.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7e2dd94-5c36-11dd-bc48-0016b69a2619}]
\Shell\AutoRun\command - J:\3Q_Wholesale_Central.EXE
.
Contents of the 'Scheduled Tasks' folder
2008-10-29 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-PCDrProfiler - (no file)
Notify-dimsntfy - (no file)
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Default_Search_URL =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopR0 -: HKCU-Main,SearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
R0 -: HKLM-Main,Search Bar =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopR1 -: HKCU-Internet Connection Wizard,ShellNext =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopR1 -: HKCU-Internet Settings,ProxyOverride = *.local
R1 -: HKCU-SearchURL,(Default) =
hxxp://www.google.com/search?q=%s
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-10-30 20:38:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.EXE
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
C:\WINDOWS\system32\regsvr32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
.
**************************************************************************
.
Completion time: 2008-10-30 20:44:38 - machine was rebooted
ComboFix-quarantined-files.txt 2008-10-31 01:44:29
Pre-Run: 41,425,592,320 bytes free
Post-Run: 43,267,256,320 bytes free
201 --- E O F --- 2008-10-27 08:01:37
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:48:40 PM, on 10/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdMgr.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\regsvr32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\Microsoft Location Finder\LocationFinder.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Trend Micro\HijackCheck\Hcheck.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mysidesearch search enhancer - {4AC0DC2C-F31D-06B2-DD1F-F3172EBBB9C0} - C:\WINDOWS\system32\lqfynrjzngwr.dll
O2 - BHO: cpmsky browser enhancer - {9429DFE4-4DCD-791B-0E66-DF4EFD27CD56} - C:\WINDOWS\system32\rovoclpaymgjsodc.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: HpWebHelper - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [HPHUPD08] "c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe"
O4 - HKLM\..\Run: [DISCover] "C:\Program Files\DISC\DISCover.exe"
O4 - HKLM\..\Run: [DiscUpdateManager] "C:\Program Files\DISC\DiscUpdMgr.exe"
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BrMfcWnd] "C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] "C:\Program Files\Brother\ControlCenter3\brctrcen.exe" /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [viwbheurjaydwc] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\rovoclpaymgjsodc.dll"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OE] "C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe"
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Extender Resource Monitor.lnk = C:\WINDOWS\ehome\RMSysTry.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing)
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://*.trymedia.com (HKLM)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx2.hotmail.com/mail/w3/pr01/re ... NPUpld.cabO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
--
End of file - 10786 bytes