Adam, sorry for responding so late. The ComboFix log took longer to complete than expected. The Kaspersky took twice as long as ComboFix.
Btw, how do I remove the "Mirar" program?
First off, here is the ComboFix log..
ComboFix 08-12-15.01 - Charlie 2008-12-18 19:48:28.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.510.117 [GMT -5:00]
Running from: c:\documents and settings\Charlie\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Charlie\Desktop\CFScript.txt
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\Charlie\Application Data\LimeWire
c:\documents and settings\Charlie\Application Data\LimeWire\.AppSpecialShare\[Conclave-Mendoi]_Mobile_Suit_Gundam_00_-_03_[704x400_XviD_MP3][E6CBE224].avi.torrent.bak
c:\documents and settings\Charlie\Application Data\LimeWire\.NetworkShare\LimeWireWin4.16.6.exe
c:\documents and settings\Charlie\Application Data\LimeWire\410splashpro.png
c:\documents and settings\Charlie\Application Data\LimeWire\412splashpro.png
c:\documents and settings\Charlie\Application Data\LimeWire\414splashfree.png
c:\documents and settings\Charlie\Application Data\LimeWire\active.mojito
c:\documents and settings\Charlie\Application Data\LimeWire\createtimes.cache
c:\documents and settings\Charlie\Application Data\LimeWire\data.ser
c:\documents and settings\Charlie\Application Data\LimeWire\downloads.dat
c:\documents and settings\Charlie\Application Data\LimeWire\fileurns.bak
c:\documents and settings\Charlie\Application Data\LimeWire\fileurns.cache
c:\documents and settings\Charlie\Application Data\LimeWire\filters.props
c:\documents and settings\Charlie\Application Data\LimeWire\gnutella.net
c:\documents and settings\Charlie\Application Data\LimeWire\installation.props
c:\documents and settings\Charlie\Application Data\LimeWire\library.dat
c:\documents and settings\Charlie\Application Data\LimeWire\limewire.props
c:\documents and settings\Charlie\Application Data\LimeWire\mojito.props
c:\documents and settings\Charlie\Application Data\LimeWire\passive.mojito
c:\documents and settings\Charlie\Application Data\LimeWire\promotion\promodb.properties
c:\documents and settings\Charlie\Application Data\LimeWire\promotion\promodb.script
c:\documents and settings\Charlie\Application Data\LimeWire\pub1.key
c:\documents and settings\Charlie\Application Data\LimeWire\public.key
c:\documents and settings\Charlie\Application Data\LimeWire\questions.props
c:\documents and settings\Charlie\Application Data\LimeWire\responses.cache
c:\documents and settings\Charlie\Application Data\LimeWire\secureMessage.key
c:\documents and settings\Charlie\Application Data\LimeWire\simpp.xml
c:\documents and settings\Charlie\Application Data\LimeWire\spam.dat
c:\documents and settings\Charlie\Application Data\LimeWire\tables.props
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme.lwtp
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\
01_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\
02_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\
03_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\
04_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\
05_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\chat.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\dir_closed.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\dir_open.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\forward_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\forward_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\kill.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\kill_on.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\lime.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\logo.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\notsearching.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\pause_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\pause_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\play_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\play_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\question.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\rewind_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\rewind_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\searching.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\splash.png
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\splashpro.png
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\stop_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\stop_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\theme.txt
c:\documents and settings\Charlie\Application Data\LimeWire\themes\black_theme\warning.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme.lwtp
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\
01_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\
02_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\
03_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\
04_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\
05_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\chat.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\dir_closed.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\dir_open.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\forward_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\forward_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\kill.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\logo.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\notsearching.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\pause_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\pause_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\play_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\play_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\question.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\rewind_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\rewind_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\search.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\searching.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\splash.png
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\splashpro.png
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\stop_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\stop_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\theme.txt
c:\documents and settings\Charlie\Application Data\LimeWire\themes\classic_theme\warning.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme.lwtp
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\
01_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\
02_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\
03_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\
04_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\
05_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\chat.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\dir_closed.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\dir_open.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\forward_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\forward_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\kill.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\kill_on.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\lime.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\logo.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\notsearching.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\pause_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\pause_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\play_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\play_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\question.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\rewind_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\rewind_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\searching.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\splash.png
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\splashpro.png
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\stop_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\stop_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\theme.txt
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewire_theme\warning.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme.lwtp
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\
01_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\
02_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\
03_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\
04_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\
05_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\chat.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\dir_closed.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\dir_open.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\forward_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\forward_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\kill.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\kill_on.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\lime.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\logo.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\notsearching.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\pause_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\pause_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\play_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\play_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\question.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\rewind_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\rewind_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\searching.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\splash.png
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\splashpro.png
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\stop_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\stop_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\theme.txt
c:\documents and settings\Charlie\Application Data\LimeWire\themes\limewirePro_theme\warning.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme.lwtp
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\
01_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\
02_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\
03_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\
04_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\
05_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\chat.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\forward_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\forward_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\kill.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\kill_on.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\logo.png
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\notsearching.png
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\pause_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\pause_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\play_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\play_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\question.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\rewind_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\rewind_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\searching.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\splash.png
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\splashpro.png
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\stop_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\stop_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\theme.txt
c:\documents and settings\Charlie\Application Data\LimeWire\themes\other_theme\warning.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme.lwtp
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\
01_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\
02_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\
03_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\
04_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\
05_star.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\chat.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\forward_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\forward_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\kill.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\kill_on.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\logo.png
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\notsearching.png
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\pause_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\pause_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\play_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\play_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\question.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\rewind_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\rewind_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\searching.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\splash.png
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\splashpro.png
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\stop_dn.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\stop_up.gif
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\theme.txt
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\version.txt
c:\documents and settings\Charlie\Application Data\LimeWire\themes\windows_theme\warning.gif
c:\documents and settings\Charlie\Application Data\LimeWire\ttree.cache
c:\documents and settings\Charlie\Application Data\LimeWire\update.xml
c:\documents and settings\Charlie\Application Data\LimeWire\version.key
c:\documents and settings\Charlie\Application Data\LimeWire\version.xml
c:\documents and settings\Charlie\Application Data\LimeWire\versions.props
c:\documents and settings\Charlie\Application Data\LimeWire\xml\data\delete_me
c:\documents and settings\Charlie\Application Data\LimeWire\xml\misc\application.gif
c:\documents and settings\Charlie\Application Data\LimeWire\xml\misc\audio.gif
c:\documents and settings\Charlie\Application Data\LimeWire\xml\misc\document.gif
c:\documents and settings\Charlie\Application Data\LimeWire\xml\misc\image.gif
c:\documents and settings\Charlie\Application Data\LimeWire\xml\misc\video.gif
c:\documents and settings\Charlie\Application Data\LimeWire\xml\schemas\application.xsd
c:\documents and settings\Charlie\Application Data\LimeWire\xml\schemas\audio.xsd
c:\documents and settings\Charlie\Application Data\LimeWire\xml\schemas\document.xsd
c:\documents and settings\Charlie\Application Data\LimeWire\xml\schemas\image.xsd
c:\documents and settings\Charlie\Application Data\LimeWire\xml\schemas\video.xsd
c:\program files\Ascentive
c:\program files\LimeWire
c:\program files\LimeWire\hs_err_pid1540.log
c:\program files\LimeWire\hs_err_pid2368.log
c:\program files\LimeWire\hs_err_pid2516.log
c:\program files\LimeWire\hs_err_pid3208.log
c:\program files\LimeWire\hs_err_pid3740.log
c:\program files\LimeWire\hs_err_pid568.log
c:\program files\LimeWire\hs_err_pid5852.log
c:\program files\LimeWire\log.txt
.
((((((((((((((((((((((((( Files Created from 2008-11-19 to 2008-12-19 )))))))))))))))))))))))))))))))
.
2008-12-18 16:29 . 2008-12-18 16:29 <DIR> d-------- c:\program files\Alwil Software
2008-12-18 14:30 . 2008-12-18 14:30 <DIR> d-------- c:\program files\Pando Networks
2008-12-18 14:30 . 2008-12-18 14:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\PMB Files
2008-12-13 02:18 . 2008-12-13 02:18 <DIR> d-------- c:\program files\Trend Micro
2008-11-22 17:49 . 2008-11-22 17:49 <DIR> d-------- c:\program files\Oxigen
2008-11-22 17:45 . 2008-11-22 17:45 <DIR> d-------- c:\program files\OxigenInstall
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-19 00:37 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-12-18 02:46 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2008-12-17 23:56 --------- d-----w c:\program files\BitLord
2008-12-16 02:06 --------- d-----w c:\program files\Spyware Doctor
2008-12-05 06:27 --------- d-----w c:\program files\Tennis Elbow 2009
2008-11-16 22:52 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-11-14 05:06 --------- d-----w c:\program files\AIM6
2008-11-14 05:06 --------- d-----w c:\documents and settings\All Users\Application Data\AOL Downloads
2008-11-14 05:04 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint
2008-11-14 05:04 --------- d-----w c:\documents and settings\All Users\Application Data\acccore
2008-11-05 02:44 --------- d-----w c:\program files\Norton PC Checkup
2008-11-05 02:25 --------- d-----w c:\documents and settings\Charlie\Application Data\InstallShield
2008-11-05 02:14 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-31 05:12 --------- d-----w c:\program files\CONEXANT
2008-10-25 19:38 --------- d-----w c:\program files\Perfect World Entertainment
2008-10-24 13:40 --------- d-----w c:\documents and settings\Charlie\Application Data\GetRightToGo
2008-10-24 06:12 --------- d-----w c:\program files\Common Files\Sonic Shared
2008-10-24 06:11 --------- d-----w c:\program files\Sonic
2008-10-24 06:00 --------- d-----w c:\program files\My Faster PC
2008-10-24 05:59 --------- d-----w c:\program files\Google
2008-10-24 05:57 --------- d-----w c:\documents and settings\All Users\Application Data\Avg7
2008-10-24 05:54 --------- d--h--w c:\documents and settings\Charlie\Application Data\ijjigame
2008-10-24 05:50 --------- d-----w c:\program files\Shockwave.com
2005-12-28 07:07 670 ----a-w c:\documents and settings\Charlie\Application Data\wklnhst.dat
2007-04-05 19:38 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.
((((((((((((((((((((((((((((( snapshot@2008-12-15_20.40.31.77 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-11-26 17:21:30 1,236,208 ----a-w c:\windows\system32\aswBoot.exe
+ 2008-11-26 17:15:10 97,480 ----a-w c:\windows\system32\AvastSS.scr
+ 2008-11-26 17:15:35 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys
+ 2008-11-26 17:17:25 20,560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys
+ 2008-11-26 17:18:25 93,296 ----a-w c:\windows\system32\drivers\aswmon.sys
+ 2008-11-26 17:18:18 94,032 ----a-w c:\windows\system32\drivers\aswmon2.sys
+ 2008-11-26 17:16:29 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
+ 2008-11-26 17:17:36 111,184 ----a-w c:\windows\system32\drivers\aswSP.sys
+ 2008-11-26 17:16:38 50,864 ----a-w c:\windows\system32\drivers\aswTdi.sys
+ 2008-12-19 00:33:53 16,384 ----atw c:\windows\temp\Perflib_Perfdata_704.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-30 68856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-04-11 794624]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 102492]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 692316]
"eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 290816]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2005-02-17 233534]
"Home Theater SchSvr"="c:\program files\Common Files\InterVideo\SchSvr\SchSvr.exe" [2005-06-14 106496]
"WINREMOTE"="c:\program files\InterVideo\Common\Bin\WinRemote.exe" [2005-06-14 233472]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-05-30 180269]
"IPHSend"="c:\program files\Common Files\AOL\IPHSend\IPHSend.exe" [2006-02-17 124520]
"BigDog303"="c:\windows\VM303_STI.EXE" [2005-06-23 61440]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-02-16 282624]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-03-02 257088]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-08-25 1168264]
"OxigenClientAdmin"="c:\program files\Oxigen\bin\Oxigen.exe" [2007-06-23 887264]
"OxigenTrayIcon"="c:\program files\Oxigen\bin\OxiTray.exe" [2007-06-23 557536]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
c:\documents and settings\Administrator.SHEN\Start Menu\Programs\Startup\
AutoTBar.exe [2003-09-30 57344]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
HP Digital Imaging Monitor.lnk - c:\program files\Hp\Digital Imaging\bin\hpqtra08.exe [2004-11-04 258048]
HP Image Zone Fast Start.lnk - c:\program files\Hp\Digital Imaging\bin\hpqthb08.exe [2004-11-04 53248]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\1133663716\\ee\\aolsoftware.exe"=
"c:\\Program Files\\Common Files\\AOL\\1133663716\\ee\\aim6.exe"=
"c:\\Program Files\\AIM95\\aim.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Nexon\\MapleStory\\MapleStory.exe"=
"c:\\Program Files\\Tennis Elbow 2009\\TennisElbow.exe"=
"c:\\Gamigo Games\\Smash Online\\SmashOnline.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56242:TCP"= 56242:TCP:Pando Media Booster
"56242:UDP"= 56242:UDP:Pando Media Booster
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-12-18 111184]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-12-18 20560]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-10-26 356920]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\Viewpoint\Common\ViewpointService.exe" [2007-10-24 24652]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\DRIVERS\HSFHWATI.sys [2005-03-22 200192]
R3 vcddev;VCD VNC Virtual Network Adapter;c:\windows\system32\DRIVERS\vcdvnic.sys [2006-03-09 13312]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c94e5b1-122a-11db-a0f4-0014a51d6749}]
\Shell\AutoRun\command - E:\setupSNK.exe
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) =
hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspxIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: {{C5428486-50A0-4a02-9D20-520B59A9F9B3} - {A16AD1E9-F69A-45af-9462-B1C286708842} -
O16 -: Microsoft XML Parser for Java -
file://c:\windows\Java\classes\xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
FF - ProfilePath - c:\documents and settings\Charlie\Application Data\Mozilla\Firefox\Profiles\526uknh5.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
FF - plugin: c:\program files\Microsoft Silverlight\2.0.30523.8\npctrl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-12-18 19:56:23
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe??????????z????|?`???? ???B?????????????hLC? ??????
BigDog303 = c:\windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)????????????????0?????????@??????????????
scanning hidden files ...
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(876)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2008-12-18 20:04:10
ComboFix-quarantined-files.txt 2008-12-19 01:02:36
ComboFix2.txt 2008-12-16 01:46:34
ComboFix3.txt 2007-07-17 23:07:25
Pre-Run: 5,841,457,152 bytes free
Post-Run: 5,805,387,776 bytes free
413 --- E O F --- 2008-10-28 17:52:21
Here is the Kaspersky Report..
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Friday, December 19, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Thursday, December 18, 2008 23:03:00
Records in database: 1478175
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
C:\
D:\
E:\
Scan statistics:
Files scanned: 83092
Threat name: 12
Infected objects: 13
Suspicious objects: 0
Duration of the scan: 03:49:48
File name / Threat name / Threats count
C:\Documents and Settings\Charlie\My Documents\filelib\xtrememath359\03 Track 3(1).wma Infected: Trojan-Downloader.WMA.Wimad.l 1
C:\Documents and Settings\Charlie\My Documents\filelib\xtrememath359\03 Track 3.wma Infected: Trojan-Downloader.WMA.Wimad.k 1
C:\Documents and Settings\Charlie\My Documents\filelib\xtrememath359\你最近还好吗 she .wma Infected: Trojan-Downloader.WMA.Wimad.n 1
C:\Documents and Settings\Charlie\My Documents\filelib\xtrememath359\你最近还好吗 she.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Documents and Settings\Charlie\My Documents\filelib\xtrememath359\你最近还好吗.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Documents and Settings\Charlie\My Documents\sdsetup.exe Infected: not-a-virus:Monitor.Win32.KeyLogger.dq 1
C:\Program Files\HijackThis\backups\backup-20061222-173701-382.dll Infected: Trojan.Win32.Obfuscated.ev 1
C:\Program Files\Online Services\AOL90US\comps\toolbar\toolbr.EXE Infected: not-a-virus:AdWare.Win32.SearchIt.t 1
C:\QooBox\Quarantine\C\Documents and Settings\Charlie\Application Data\gadcom\gadcom.exe.vir Infected: Trojan.Win32.Agent.aumr 1
C:\QooBox\Quarantine\C\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll.vir Infected: not-a-virus:AdWare.Win32.Shopper.v 1
C:\QooBox\Quarantine\C\WINDOWS\system32\aadqsdtd.dll.vir Infected: Trojan.Win32.Monder.acgs 1
C:\QooBox\Quarantine\C\WINDOWS\system32\ltsjxidf.dll.vir Infected: Trojan.Win32.Monder.acfb 1
C:\QooBox\Quarantine\C\WINDOWS\system32\ydtlhhax.dll.vir Infected: Trojan.Win32.Monder.acfd 1
The selected area was scanned.
And finally, another HijackThis Log..
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:59:05 AM, on 12/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Nexon\MapleStory\npkcmsvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\VM303_STI.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Charlie\Local Settings\temp\jkos-Charlie\binaries\ScanningProcess.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?linkid=677R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [OxigenClientAdmin] "C:\Program Files\Oxigen\bin\Oxigen.exe"
O4 - HKLM\..\Run: [OxigenTrayIcon] C:\Program Files\Oxigen\bin\OxiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Windows Live Search -
res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspxO8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\WINDOWS\system32\shdocvw.dll
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftup ... 6863785656O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - C:\Nexon\MapleStory\npkcmsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 9688 bytes