Hello and thanks again for your help.
Still getting some popups.
Here is the log generated by combofix and following is the HiJackthis log.
ComboFix 07-07-30.2 - "Tazz" 2007-07-30 15:24:18.1 [GMT -4:00] - NTFS
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.True
* Created a new restore point
(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\buqddnsp.dll
C:\WINDOWS\system32\gfxlhnie.dll
C:\WINDOWS\system32\iuvygmyx.dll
C:\WINDOWS\system32\mgaxiaum.dll
C:\WINDOWS\system32\polwtmka.dll
C:\WINDOWS\system32\romgxsia.dll
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\salesmonitor
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007\Data\Abbr
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007\Data\ProductCode
C:\DOCUME~1\Tazz\Desktop.\internet explorer.lnk
C:\Documents and Settings\Tazz.\err.log
C:\Program Files\Common Files\winantispyware 2007
C:\Program Files\Common Files\winantispyware 2007\err.log
C:\temp\tn3
C:\WINDOWS\acdt-pid67n.exe
C:\WINDOWS\DOWNLO~1\UWA7P_0001_N91M0809NetInstaller.exe
C:\WINDOWS\smante~1
C:\WINDOWS\smante~1\w?crtupd.exe
C:\WINDOWS\system32\b02FdUe
C:\WINDOWS\system32\bikkwxhq.exe
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\drivers\core.sys
C:\WINDOWS\system32\fxtlejdo.exe
C:\WINDOWS\system32\gpjlnwex.exe
C:\WINDOWS\system32\hsxqfvql.exe
C:\WINDOWS\system32\hypjsonq.exe
C:\WINDOWS\system32\ichbkalc.exe
C:\WINDOWS\system32\jilmhrht.exe
C:\WINDOWS\system32\L1
C:\WINDOWS\system32\L11
C:\WINDOWS\system32\L3
C:\WINDOWS\system32\L3\wr716.exe
C:\WINDOWS\system32\L5
C:\WINDOWS\system32\L7
C:\WINDOWS\system32\L9
C:\WINDOWS\system32\L9\wb720.exe
C:\WINDOWS\system32\lflbyurw.exe
C:\WINDOWS\system32\mcroso~1
C:\WINDOWS\system32\ngofyyta.exe
C:\WINDOWS\system32\nxivhyqh.exe
C:\WINDOWS\system32\qkickqhc.exe
C:\WINDOWS\system32\rdmflyup.exe
C:\WINDOWS\system32\rfiiblmt.exe
C:\WINDOWS\system32\sckyamxn.exe
C:\WINDOWS\system32\touk.dll
C:\WINDOWS\system32\uhfmhxmc.exe
C:\WINDOWS\system32\uyhcpgfm.exe
C:\WINDOWS\system32\waacgbtc.exe
C:\WINDOWS\system32\whncnnup.exe
C:\WINDOWS\system32\win
C:\WINDOWS\system32\wiylucmj.exe
C:\WINDOWS\system32\wxyiaiiw.exe
C:\WINDOWS\system32\ypvxvsrr.exe
C:\WINDOWS\TISKY009.exe
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_CORE
-------\LEGACY_FOPN
-------\core
((((((((((((((((((((((((( Files Created from 2007-06-28 to 2007-07-30 )))))))))))))))))))))))))))))))
2007-07-30 15:22 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-30 02:05 <DIR> d----c--- C:\VundoFix Backups
2007-07-30 02:03 126,016 --a------ C:\WINDOWS\SYSTEM32\uivhboqa.dll
2007-07-29 19:59 126,016 --------- C:\WINDOWS\SYSTEM32\cquvscor.dll
2007-07-29 19:13 <DIR> d-------- C:\Program Files\a-squared Free
2007-07-29 18:33 126,016 --a------ C:\WINDOWS\SYSTEM32\oyoancwi.dll
2007-07-29 16:45 <DIR> d-------- C:\Program Files\Lavasoft
2007-07-29 16:45 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
2007-07-29 16:13 126,016 --------- C:\WINDOWS\SYSTEM32\xhnbbkml.dll
2007-07-29 00:40 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-07-29 00:34 126,016 --------- C:\WINDOWS\SYSTEM32\leflxjui.dll
2007-07-28 23:18 126,016 --a------ C:\WINDOWS\SYSTEM32\dqjllnqw.dll
2007-07-28 23:03 126,016 --------- C:\WINDOWS\SYSTEM32\ybmjvjqm.dll
2007-07-28 20:59 126,016 --------- C:\WINDOWS\SYSTEM32\ypdseglr.dll
2007-07-28 20:49 <DIR> d-------- C:\Program Files\Enigma Software Group
2007-07-28 20:20 126,016 --a------ C:\WINDOWS\SYSTEM32\ivengpcc.dll
2007-07-28 14:14 126,016 --------- C:\WINDOWS\SYSTEM32\vqgjatog.dll
2007-07-28 11:15 126,016 --a------ C:\WINDOWS\SYSTEM32\ckifxoyh.dll
2007-07-28 09:59 126,016 --------- C:\WINDOWS\SYSTEM32\bkmopytf.dll
2007-07-28 04:03 126,016 --------- C:\WINDOWS\SYSTEM32\eshdxlcm.dll
2007-07-28 02:51 126,016 --------- C:\WINDOWS\SYSTEM32\eovuchtb.dll
2007-07-28 01:41 126,016 --a------ C:\WINDOWS\SYSTEM32\xivostte.dll
2007-07-28 00:48 126,016 --------- C:\WINDOWS\SYSTEM32\sjdqjyop.dll
2007-07-27 23:16 126,016 --a------ C:\WINDOWS\SYSTEM32\olginuod.dll
2007-07-25 18:54 83,024 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\iksyssec.sys
2007-07-25 18:54 57,424 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\iksysflt.sys
2007-07-25 18:54 53,840 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ikfilesec.sys
2007-07-25 18:54 39,376 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ikfileflt.sys
2007-07-25 18:54 29,264 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\kcom.sys
2007-07-25 18:53 626,688 --a------ C:\WINDOWS\SYSTEM32\msvcr80.dll
2007-07-25 18:53 <DIR> d-------- C:\Program Files\Spyware Doctor
2007-07-25 18:53 <DIR> d-------- C:\DOCUME~1\Tazz\APPLIC~1\PC Tools
2007-07-25 18:46 <DIR> d-------- C:\Program Files\Norton Security Scan
2007-07-25 18:39 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
2007-07-25 18:38 <DIR> d-------- C:\Program Files\Google
2007-07-25 09:43 126,016 --a------ C:\WINDOWS\SYSTEM32\vyxmcedf.dll
2007-07-21 01:31 <DIR> d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Viewpoint
2007-07-21 00:58 663,265 --a------ C:\Temp\bY001.exe
2007-07-21 00:58 171,520 --a------ C:\WINDOWS\SYSTEM32\dxkrjpl.dll
2007-07-21 00:58 <DIR> d-------- C:\Temp\brr
2007-07-21 00:58 <DIR> d-------- C:\Temp\0c2
2007-06-04 15:18 9,344 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\NSDriver.sys
2007-06-04 15:17 8,320 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\AWRTRD.sys
2007-06-04 15:14 6,272 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\AWRTPD.sys
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-07-29 18:00 --------- d-------- C:\Program Files\MSN Gaming Zone
2007-07-29 16:36 --------- d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-07-28 10:43 --------- d-------- C:\Program Files\Common Files\AOL
2007-07-28 10:37 --------- d-------- C:\Program Files\Common Files\aolshare
2007-07-28 04:27 --------- d-------- C:\DOCUME~1\Tazz\APPLIC~1\AOL
2007-07-21 00:02 --------- d-------- C:\Program Files\EPSON Print CD
2007-07-11 16:44 --------- d-------- C:\Program Files\Finale 2003
2007-06-13 12:47 --------- d-------- C:\Program Files\palmOne
2007-06-13 12:41 --------- d-------- C:\Program Files\Documents To Go
2006-12-02 21:05 2522 --a------ C:\Program Files\func.js
2006-11-25 03:57 482 --a------ C:\Program Files\Del.js
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C8ABC4F-8867-4892-8B65-8EC7BFEF6366}]
C:\Program Files\Windows Media Player\hotez83122.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1d5d679d-0cd3-4e1c-9b4a-2103a37caadc}]
2007-07-21 00:58 171520 --a------ C:\WINDOWS\system32\dxkrjpl.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2CE30782-C2FB-4016-8E6A-9A2A21A78B15}]
C:\WINDOWS\system32\ddayx.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58]
"XGIWatchDog"="C:\Program Files\XGI\XWatDog.exe" [2005-02-28 22:19]
"VSOCheckTask"="c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" [2003-08-08 19:02]
"VirusScan Online"="c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" [2003-08-17 22:50]
"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" []
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 02:01]
"Trirot"="Trirot.exe" [2005-02-28 22:19 C:\WINDOWS\SYSTEM32\Trirot.exe]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-13 20:23]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-14 10:35]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2003-11-19 18:48]
"RegServer"="regserve.exe" [2005-02-28 22:19 C:\WINDOWS\SYSTEM32\RegServe.exe]
"PrintServer Diagnostic"="C:\Program Files\Print Server\PTP\PSDiagnostic.exe" [2004-11-24 18:09]
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [2004-04-11 21:15]
"mmtask"="c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [2004-04-19 15:45]
"MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\McUpdate.exe" [2003-08-21 19:10]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2003-08-27 12:00]
"Logitech Utility"="Logi_MwX.Exe" [2003-11-07 05:50 C:\WINDOWS\LOGI_MWX.EXE]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-04-11 12:43]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2004-03-04 21:59]
"DadApp"="C:\Program Files\Dell\AccessDirect\dadapp.exe" [2004-03-04 12:36]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 06:00 C:\WINDOWS\SYSTEM32\BTHPROPS.CPL]
"Avvenu Update"="C:\Program Files\Avvenu\Avvenu_updater.exe" []
"Avvenu Access n Share Update"="C:\Program Files\Avvenu\Avvenu_updater.exe" []
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [2006-10-23 08:50]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-06-12 13:19]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sen"="C:\WINDOWS\system32\MCROSO~1\tracert.exe" []
"Nsmjcn"="C:\WINDOWS\S?mantec\w?crtupd.exe" []
"Sonic RecordNow!"="C:\Program Files\Print Server\PTP\PSDiagnostic.exe" [2004-11-24 18:09]
"EPSON Stylus Photo RX580 wireless @ Kazuhiro Itoh’s Computer"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBPA.exe" [2006-05-23 05:00]
C:\Documents and Settings\Tazz\Start Menu\Programs\Startup\
DESKTOP.INI [2004-08-10 14:04:12]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljiijk]
mljiijk.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
R0 agpCPQ;Compaq AGP Bus Filter;C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
R1 Cdr4_xp;Cdr4_xp;C:\WINDOWS\system32\drivers\Cdr4_xp.sys
R1 Cdralw2k;Cdralw2k;C:\WINDOWS\system32\drivers\Cdralw2k.sys
R1 IKFileFlt;File Filter Driver;C:\WINDOWS\system32\drivers\ikfileflt.sys
R1 IKFileSec;File Security Driver;C:\WINDOWS\system32\drivers\ikfilesec.sys
R1 IkSysFlt;System Filter Driver;C:\WINDOWS\system32\drivers\iksysflt.sys
R1 IKSysSec;System Security Driver;C:\WINDOWS\system32\drivers\iksyssec.sys
R1 sscdbhk5;sscdbhk5;C:\WINDOWS\system32\drivers\sscdbhk5.sys
R1 ssrtln;ssrtln;C:\WINDOWS\system32\drivers\ssrtln.sys
R2 BthServ;Bluetooth Support Service;C:\WINDOWS\system32\svchost.exe -k bthsvcs
R2 drvnddm;drvnddm;C:\WINDOWS\system32\drivers\drvnddm.sys
R2 tfsnboio;tfsnboio;C:\WINDOWS\system32\dla\tfsnboio.sys
R2 tfsncofs;tfsncofs;C:\WINDOWS\system32\dla\tfsncofs.sys
R2 tfsndrct;tfsndrct;C:\WINDOWS\system32\dla\tfsndrct.sys
R2 tfsndres;tfsndres;C:\WINDOWS\system32\dla\tfsndres.sys
R2 tfsnifs;tfsnifs;C:\WINDOWS\system32\dla\tfsnifs.sys
R2 tfsnopio;tfsnopio;C:\WINDOWS\system32\dla\tfsnopio.sys
R2 tfsnpool;tfsnpool;C:\WINDOWS\system32\dla\tfsnpool.sys
R2 tfsnudf;tfsnudf;C:\WINDOWS\system32\dla\tfsnudf.sys
R2 tfsnudfa;tfsnudfa;C:\WINDOWS\system32\dla\tfsnudfa.sys
R3 HSF_DPV;HSF_DPV;C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS
R3 HSFHWICH;HSFHWICH;C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
R3 MxlW2k;MxlW2k;C:\WINDOWS\system32\drivers\MxlW2k.sys
R3 NaiFiltr;NaiFiltr;C:\WINDOWS\system32\DRIVERS\NaiFiltr.sys
R3 SynTP;Synaptics TouchPad Driver;C:\WINDOWS\system32\DRIVERS\SynTP.sys
R3 wanatw;WAN Miniport (ATW);C:\WINDOWS\system32\DRIVERS\wanatw4.sys
R3 Xgiv3;Xgiv3;C:\WINDOWS\system32\DRIVERS\Xgiv3m.sys
S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver;C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
S3 BthEnum;Bluetooth Request Block Driver;C:\WINDOWS\system32\DRIVERS\BthEnum.sys
S3 BTHMODEM;Bluetooth Serial Communications Driver;C:\WINDOWS\system32\DRIVERS\bthmodem.sys
S3 BthPan;Bluetooth Device (Personal Area Network);C:\WINDOWS\system32\DRIVERS\bthpan.sys
S3 BTHPORT;Bluetooth Port Driver;C:\WINDOWS\system32\Drivers\BTHport.sys
S3 BTHUSB;Bluetooth Radio USB Driver;C:\WINDOWS\system32\Drivers\BTHUSB.sys
S3 E100B;Intel(R) PRO Adapter Driver;C:\WINDOWS\system32\DRIVERS\e100b325.sys
S3 MFWAGSIF;MOTU FireWire Audio GSIF;C:\WINDOWS\system32\drivers\MFWAGSIF.sys
S3 MFWAWAVE;MOTU FireWire Audio Wave;C:\WINDOWS\system32\drivers\MFWAWAVE.sys
S3 MotuFWA;MotuFWA;C:\WINDOWS\system32\drivers\MotuFWA.sys
S3 PalmUSBD;PalmUSBD;C:\WINDOWS\system32\drivers\PalmUSBD.sys
S3 pmxscan;Visioneer USB Kernel;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S3 RDID1009;EDIROL UM-1 USB Driver;C:\WINDOWS\system32\Drivers\rdwm1009.sys
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI);C:\WINDOWS\system32\DRIVERS\rfcomm.sys
S3 SDDMI2;SDDMI2;\??\C:\WINDOWS\system32\DDMI2.sys
S3 SevenConnectionService;Xpress Mail Personal Edition Service;C:\Program Files\Xpress Mail\Personal Edition\ConnectionService.exe
S3 UIUSys;Conexant Setup API;C:\WINDOWS\system32\drivers\UIUSys.sys
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{22e69c98-6590-11d9-9e9d-00038a000015}]
AutoRun\command- E:\PortableRoboForm.exe
RoboForm2Go\command- E:\PortableRoboForm.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9a6a031e-3126-11db-a288-00038a000015}]
Explore\command- explorer.exe /n,/e ,.
Launch\command- E:\portablevaultaes.exe
Contents of the 'Scheduled Tasks' folder
2007-07-22 04:40:11 C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (INFINITY-Tazz).job - c:\program files\mcafee.com\vso\mcmnhdlr.exe
2007-07-30 19:40:00 C:\WINDOWS\Tasks\McAfee.com Update Check (INFINITY-Bud).job - C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe
2007-07-30 19:43:00 C:\WINDOWS\Tasks\McAfee.com Update Check (INFINITY-Tazz).job - C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
2007-07-25 22:46:58 C:\WINDOWS\Tasks\Norton Security Scan.job - C:\Program Files\Norton Security Scan\Nss.exe
2004-10-06 11:57:38 C:\WINDOWS\Tasks\Symantec NetDetect.job - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-07-30 15:39:03
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:0000018c
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-07-30 15:44:16 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-07-30 15:43
--- E O F ---
Here is the HiJackthis log -
Logfile of HijackThis v1.99.1
Scan saved at 3:57:24 PM, on 7/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\E_S00RP1.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\XGI\XWatDog.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\WINDOWS\system32\Trirot.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\Program Files\Print Server\PTP\PSDiagnostic.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://hotmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0C8ABC4F-8867-4892-8B65-8EC7BFEF6366} - C:\Program Files\Windows Media Player\hotez83122.dll (file missing)
O2 - BHO: (no name) - {1d5d679d-0cd3-4e1c-9b4a-2103a37caadc} - C:\WINDOWS\system32\dxkrjpl.dll
O2 - BHO: (no name) - {2CE30782-C2FB-4016-8E6A-9A2A21A78B15} - C:\WINDOWS\system32\ddayx.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: PKIEhlpr Class - {FF32A4CE-E54D-11D3-9FB7-E3582B1BD44D} - C:\WINDOWS\system32\PKIEHLP1.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [XGIWatchDog] C:\Program Files\XGI\XWatDog.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Trirot] Trirot.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [RegServer] regserve.exe
O4 - HKLM\..\Run: [PrintServer Diagnostic] C:\Program Files\Print Server\PTP\PSDiagnostic.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Avvenu Update] C:\Program Files\Avvenu\Avvenu_updater.exe
O4 - HKLM\..\Run: [Avvenu Access n Share Update] "C:\Program Files\Avvenu\Avvenu_updater.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [Sen] "C:\WINDOWS\system32\MCROSO~1\tracert.exe" -vt yazb
O4 - HKCU\..\Run: [Nsmjcn] C:\WINDOWS\S?mantec\w?crtupd.exe
O4 - HKCU\..\Run: [Sonic RecordNow!] C:\Program Files\Print Server\PTP\PSDiagnostic.exe
O4 - HKCU\..\Run: [EPSON Stylus Photo RX580 wireless @ Kazuhiro Itoh’s Computer] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBPA.EXE /FU "C:\WINDOWS\TEMP\E_S9C7.tmp" /EF "HKCU"
O4 - Global Startup: Avvenu Connector.lnk = C:\Program Files\Avvenu\Avvenu_agent.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} -
http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Mobipassword 2.0 - {5D1DD345-27E1-4767-80A5-D64852D86D98} - C:\Program Files\Icom Consulting Inc\Mobipassword 2.01\PKLinksScript2.htm (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) -
http://download.av.aol.com/molbin/share ... insctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.mail.live.com/mail/w1/resou ... NPUpld.cab
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) -
https://pst.itcsusa.com/Remote/msrdp.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) -
http://cdn.digitalcity.com/radio/ampx/a ... _en_dl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
http://download.av.aol.com/molbin/share ... cgdmgr.cab
O20 - Winlogon Notify: mljiijk - mljiijk.dll (file missing)
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Xpress Mail Personal Edition Service (SevenConnectionService) - Unknown owner - C:\Program Files\Xpress Mail\Personal Edition\ConnectionService.exe (file missing)
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Security Center (wscsvc) - Unknown owner - C:\WINDOWS\C:\WINDOWS\System32\svchost.exe (file missing)