Tech Support Forum - View Single Post

teenzbutler · 05-09-2008, 10:31 AM

Anytime I rebooted my computer, my background graphic changed with "Warning, your computer may be infected with a virus...." Then little bugs would crawl all over my desktop and start eating the icons. I followed all the instructions for removal. This is what I done so far:

1. I have Norton 360. I did a full system scan and removed anything it found
2. Downloaded and ran Super Antispyware (please see log below)
3. Downloaded and ran SS&D and removed anything it found
4. Downloaded and ran Adware 2007 and removed anything it found
5. Downloaded and ran Hijackthis (please see log below)

It appeared these tools resolved the issue. However, I would feel more confident if someone can review the Hijackthis log and let me know if there is anything hidden.
=================================
SUPERAntiSpyware Scan Log
Generated 05/08/2008 at 05:16 PM

Application Version : 4.0.1154

Core Rules Database Version : 3455
Trace Rules Database Version: 1447

Scan type : Complete Scan
Total Scan Time : 00:24:18

Memory items scanned : 657
Memory threats detected : 1
Registry items scanned : 6480
Registry threats detected : 33
File items scanned : 22707
File threats detected : 233

Trojan.Unclassified/CTFMONA
C:\WINDOWS\SYSTEM32\CTFMONA.EXE
C:\WINDOWS\SYSTEM32\CTFMONA.EXE
C:\WINDOWS\Prefetch\CTFMONA.EXE-0F567013.pf

Adware.Tracking Cookie
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@webpower[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@usatoday1.112.2o7[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ads.m4internet[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@eyewonder[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@mediaonenetwork[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@apmebf[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@superstats[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@shopping.112.2o7[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@uclick[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.googleadservices[7].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@adultadworld[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@pro-market[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@media6degrees[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ads.pointroll[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@hitbox[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ehg-shoes.hitbox[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@stats.chooseyouritem[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ads.revsci[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@stat.dealtime[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@doubleclick[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@traffic[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@cbs.112.2o7[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ads.bridgetrack[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@anad.tacoda[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@adecn[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@casalemedia[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@qnsr[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@bravenet[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@statcounter[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@kelleybluebook.112.2o7[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@clickbank[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@mediamax[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@phg.hitbox[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ads.techguy[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.burstnet[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@adrevolver[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@mediaplex[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@linksynergy[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@indexstats[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6whkicjdjkdq.stats.esomniture[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@atwola[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@adinterax[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@imrworldwide[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjnyqmdjafp.stats.esomniture[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@azjmp[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@counter16.sextracker[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@kontera[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@webstat[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@atdmt[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@serving-sys[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ehg-dig.hitbox[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@247realmedia[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@media.cardomain[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@specificclick[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ad1.clickhype[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@fastclick[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.burstbeacon[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@adbrite[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@questionmarket[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@overture[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ehg-j2.hitbox[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@counter7.sextracker[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@trafficregenerator[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@luggagepointcom.112.2o7[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@advertising[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ehg-traderpublishing.hitbox[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.traffic[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjkoqicjaco.stats.esomniture[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.googleadservices[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ads.addesktop[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@bizrate[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@4.adbrite[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@pornotube[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@equs.liveperson[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ehg-traderelectronicmedia.hitbox[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ehg-equifax.hitbox[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@revsci[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@bs.serving-sys[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@bfast[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@burstnet[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.googleadservices[4].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@collective-media[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@classifiedventures1.112.2o7[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@wolverineworldwide.112.2o7[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjkykicpkfq.stats.esomniture[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ehg-cardomain.hitbox[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@adserver.adtechus[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@zedo[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@nextag[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@dealtime[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@perf.overture[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@adlegend[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjlialcjilo.stats.esomniture[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@partner2profit[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@adtech[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@2o7[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@imageads2.googleadservices[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@bluestreak[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@insightexpressai[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wfkiolc5ohq.stats.esomniture[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@tribalfusion[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@sextracker[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@tacoda[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjnyqodjcgp.stats.esomniture[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@marketlive.122.2o7[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@jewelrytelevision.112.2o7[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjnyekc5ogo.stats.esomniture[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@web4.realtracker[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@yadro[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@anat.tacoda[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@yieldmanager[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.googleadservices[6].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjkoahdzklq.stats.esomniture[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@tremor.adbureau[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@feed.validclick[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ad.us-ec.adtechus[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@realmedia[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ads.cnn[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ehg-bmwna.hitbox[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.addfreestats[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@precisionclick[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@interclick[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.mediamax[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.googleadservices[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@homesteadtechnologies.122.2o7[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@trafficmp[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjl4spajsao.stats.esomniture[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@click.cybertvpartner[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@equifax.adbureau[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.googleadservices[5].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ar.atwola[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjkoohcjkeo.stats.esomniture[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@data.coremetrics[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wfk4qgdpmkp.stats.esomniture[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@adserver.mediarun[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@rotator.adjuggler[1].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjnywnc5ico.stats.esomniture[2].txt
C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.googleadservices[3].txt
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@advertising[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@adopt.euroclick[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@doubleclick[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@e-2dj6wjkyqocpsao.stats.esomniture[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@bs.serving-sys[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@richmedia.yahoo[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@imrworldwide[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@indextools[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@ehg-traderpublishing.hitbox[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@e-2dj6wjnyaicjieq.stats.esomniture[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@media.adrevolver[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@pro-market[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@vhost.oddcast[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@collective-media[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@counter.hitslink[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@insightfirst[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@zedo[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@perf.overture[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@trafficmp[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@4.adbrite[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@serving-sys[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@dominionenterprises.112.2o7[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@questionmarket[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@anad.tacoda[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@cvs.pnimedia[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@ad.yieldmanager[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@tacoda[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@adbrite[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@bravenet[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@fastclick[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@edge.ru4[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@overture[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@ads.traderonline[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@ehg-wastemanagement.hitbox[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@revsci[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@sales.liveperson[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@sales.liveperson[3].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@www.googleadservices[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@www.googleadservices[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@ads.x10[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@e-2dj6wflockajmcp.stats.esomniture[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@toseeka[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@mediaplex[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@ehg-lowermybills.hitbox[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@www.googleadservices[4].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@www.googleadservices[3].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@sportskids.112.2o7[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@server.iad.liveperson[3].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@atwola[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@apmebf[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@data.coremetrics[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@bizrate[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@tribalfusion[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@mattressusa.122.2o7[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@server.iad.liveperson[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@ehg-warnerbrothers.hitbox[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@statcounter[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@ehg-melbourneit.hitbox[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@warnerbros.112.2o7[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@partner2profit[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@msnportal.112.2o7[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@adrevolver[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@cratebarrel.112.2o7[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@test.coremetrics[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@e-2dj6wgkoujc5mgq.stats.esomniture[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@ehg-lifetimeentertainment.hitbox[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@adecn[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@atdmt[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@2o7[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@easy-hit-counters[1].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@insightexpressai[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@hitbox[2].txt
C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@insightexpress[2].txt

Adware.IST/ISTBar (Slotch Bar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ISTactivex.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ISTactivex.dll#.Owner
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ISTactivex.dll#{EF86873F-04C2-4A95-A373-5703C08EFC7B}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs#C:\WINDOWS\Downloaded Program Files\ISTactivex.dll [ ]
HKU\S-1-5-21-453202408-401739415-653543666-1008\Software\Microsoft\Internet Explorer\Main#BandRest [ Never ]
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main#BandRest [ Never ]

Adware.Avenue Media/Internet Optimizer
C:\Program Files\Internet Optimizer
HKU\S-1-5-21-453202408-401739415-653543666-1008\Software\Microsoft\Internet Explorer\URLSearchHooks#_{CFBFAE00-17A6-11D0-99CB-00C04FD64497}

Adware.ClearSearch
C:\Program Files\ClearSearch

Rogue.WinIFixer
C:\Documents and Settings\All Users\Start Menu\Programs\WinIFixer\License Agreement.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\WinIFixer\Register.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\WinIFixer\Uninstall.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\WinIFixer\WinIFixer.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\WinIFixer
C:\Program Files\WinIFixer\database.dat
C:\Program Files\WinIFixer\license.txt
C:\Program Files\WinIFixer\MFC71.dll
C:\Program Files\WinIFixer\MFC71ENU.DLL
C:\Program Files\WinIFixer\msvcp71.dll
C:\Program Files\WinIFixer\msvcr71.dll
C:\Program Files\WinIFixer\Uninstall.exe
C:\Program Files\WinIFixer\WinIFixer.exe.local
C:\Program Files\WinIFixer\WinIFixerSkin.dll
C:\Program Files\WinIFixer
HKLM\Software\Microsoft\Windows\CurrentVersion\Run#WinIFixer [ C:\Program Files\WinIFixer\WinIFixer.exe ]
HKLM\Software\winifixer.com
HKLM\Software\winifixer.com\WinIFixer
HKLM\Software\winifixer.com\WinIFixer#RegistrationUrl
HKLM\Software\winifixer.com\WinIFixer#RegistrationDiscUrl
HKLM\Software\winifixer.com\WinIFixer#ADVid
HKLM\Software\winifixer.com\WinIFixer#InstallDir
HKLM\Software\winifixer.com\WinIFixer#domain
HKLM\Software\winifixer.com\WinIFixer#SoftID
HKLM\Software\winifixer.com\WinIFixer#DatabaseVersion
HKLM\Software\winifixer.com\WinIFixer#ProgramVersion
HKLM\Software\winifixer.com\WinIFixer#EngineVersion
HKLM\Software\winifixer.com\WinIFixer#GuiVersion
HKLM\Software\winifixer.com\WinIFixer#ProxyName
HKLM\Software\winifixer.com\WinIFixer#ProxyPort
HKLM\Software\winifixer.com\WinIFixer#ScanPriority
HKLM\Software\winifixer.com\WinIFixer#DaysInterval
HKLM\Software\winifixer.com\WinIFixer#ScanDepth
HKLM\Software\winifixer.com\WinIFixer#ScanSystemOnStartup
HKLM\Software\winifixer.com\WinIFixer#AutomaticallyUpdates
HKLM\Software\winifixer.com\WinIFixer#MinimizeOnStart
HKLM\Software\winifixer.com\WinIFixer#BackgroundScan
HKLM\Software\winifixer.com\WinIFixer#BackgroundScanTimeout
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winifixer
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winifixer#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winifixer#UninstallString
C:\Documents and Settings\All Users\Desktop\WinIFixer.lnk

Trojan.Unknown Origin
C:\WINDOWS\SYSTEM32\CTFMONB.BMP
=================================
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:18:55 AM, on 5/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RealVNC\WinVNC\WinVNC.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\eFax Messenger 4.2\J2GDllCmd.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\eFax Messenger 4.2\J2GTray.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\CASIO\Photo Loader\Plauto.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Java\jre1.6.0_05\bin\javaw.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08\hpqtra08.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\Crusty.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qus10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://my.msn.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\NppBho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\UIBHO.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\RealVNC\WinVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [eFax 4.2] "C:\Program Files\eFax Messenger 4.2\J2GDllCmd.exe" /R
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [ctfmona] C:\WINDOWS\system32\ctfmona.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMidi] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [CMSRegOW.exe] "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\CMSRegOW.exe" /r (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMidi] MIDIDEF.EXE (User 'Default user')
O4 - S-1-5-18 Startup: MP3 Rocket (Minimized).lnk = C:\Program Files\MP3 Rocket\MP3Rocket.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: MP3Rocket (silent).lnk = C:\Program Files\MP3Rocket\MP3Rocket_on_startup.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: palmOne Registration.lnk = C:\Program Files\Palm\register.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: PowerReg Scheduler V3.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: MP3 Rocket (Minimized).lnk = C:\Program Files\MP3 Rocket\MP3Rocket.exe (User 'Default user')
O4 - .DEFAULT Startup: MP3Rocket (silent).lnk = C:\Program Files\MP3Rocket\MP3Rocket_on_startup.exe (User 'Default user')
O4 - .DEFAULT Startup: palmOne Registration.lnk = C:\Program Files\Palm\register.exe (User 'Default user')
O4 - .DEFAULT Startup: PowerReg Scheduler V3.exe (User 'Default user')
O4 - Startup: MP3 Rocket (Minimized).lnk = C:\Program Files\MP3 Rocket\MP3Rocket.exe
O4 - Startup: MP3Rocket (silent).lnk = C:\Program Files\MP3Rocket\MP3Rocket_on_startup.exe
O4 - Startup: palmOne Registration.lnk = C:\Program Files\Palm\register.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: eFax 4.2.lnk = C:\Program Files\eFax Messenger 4.2\J2GTray.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Photo Loader supervisory.lnk = C:\Program Files\CASIO\Photo Loader\Plauto.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn...taller_gmn.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/5...l/gtdownls.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://meetings.webex.com/client/v_...ex/ieatgpc.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O21 - SSODL: TxyyfdD - {BC87E186-162D-4B2C-11BE-0BECA7D9F395} - C:\WINDOWS\system32\bg.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VNC Server (winvnc) - RealVNC Ltd. - C:\Program Files\RealVNC\WinVNC\WinVNC.exe

--
End of file - 14327 bytes

05-09-2008, 10:31 AM	#1 (permalink)
teenzbutler Registered User Join Date: May 2008 Posts: 11 OS: Windows XP SP2	Warning Virus Background Appears Anytime I rebooted my computer, my background graphic changed with "Warning, your computer may be infected with a virus...." Then little bugs would crawl all over my desktop and start eating the icons. I followed all the instructions for removal. This is what I done so far: 1. I have Norton 360. I did a full system scan and removed anything it found 2. Downloaded and ran Super Antispyware (please see log below) 3. Downloaded and ran SS&D and removed anything it found 4. Downloaded and ran Adware 2007 and removed anything it found 5. Downloaded and ran Hijackthis (please see log below) It appeared these tools resolved the issue. However, I would feel more confident if someone can review the Hijackthis log and let me know if there is anything hidden. ================================= SUPERAntiSpyware Scan Log Generated 05/08/2008 at 05:16 PM Application Version : 4.0.1154 Core Rules Database Version : 3455 Trace Rules Database Version: 1447 Scan type : Complete Scan Total Scan Time : 00:24:18 Memory items scanned : 657 Memory threats detected : 1 Registry items scanned : 6480 Registry threats detected : 33 File items scanned : 22707 File threats detected : 233 Trojan.Unclassified/CTFMONA C:\WINDOWS\SYSTEM32\CTFMONA.EXE C:\WINDOWS\SYSTEM32\CTFMONA.EXE C:\WINDOWS\Prefetch\CTFMONA.EXE-0F567013.pf Adware.Tracking Cookie C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@webpower[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@usatoday1.112.2o7[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ads.m4internet[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@eyewonder[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@mediaonenetwork[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@apmebf[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@superstats[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@shopping.112.2o7[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@uclick[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.googleadservices[7].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@adultadworld[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@pro-market[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@media6degrees[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ads.pointroll[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@hitbox[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ehg-shoes.hitbox[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@stats.chooseyouritem[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ads.revsci[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@stat.dealtime[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@doubleclick[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@traffic[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@cbs.112.2o7[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ads.bridgetrack[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@anad.tacoda[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@adecn[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@casalemedia[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@qnsr[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@bravenet[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@statcounter[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@kelleybluebook.112.2o7[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@clickbank[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@mediamax[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@phg.hitbox[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ads.techguy[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.burstnet[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@adrevolver[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@mediaplex[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@linksynergy[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@indexstats[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6whkicjdjkdq.stats.esomniture[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@atwola[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@adinterax[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@imrworldwide[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjnyqmdjafp.stats.esomniture[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@azjmp[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@counter16.sextracker[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@kontera[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@webstat[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@atdmt[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@serving-sys[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ehg-dig.hitbox[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@247realmedia[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@media.cardomain[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@specificclick[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ad1.clickhype[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@fastclick[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.burstbeacon[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@adbrite[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@questionmarket[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@overture[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ehg-j2.hitbox[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@counter7.sextracker[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@trafficregenerator[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@luggagepointcom.112.2o7[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@advertising[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ehg-traderpublishing.hitbox[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.traffic[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjkoqicjaco.stats.esomniture[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.googleadservices[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ads.addesktop[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@bizrate[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@4.adbrite[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@pornotube[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@equs.liveperson[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ehg-traderelectronicmedia.hitbox[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ehg-equifax.hitbox[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@revsci[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@bs.serving-sys[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@bfast[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@burstnet[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.googleadservices[4].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@collective-media[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@classifiedventures1.112.2o7[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@wolverineworldwide.112.2o7[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjkykicpkfq.stats.esomniture[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ehg-cardomain.hitbox[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@adserver.adtechus[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@zedo[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@nextag[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@dealtime[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@perf.overture[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@adlegend[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjlialcjilo.stats.esomniture[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@partner2profit[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@adtech[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@2o7[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@imageads2.googleadservices[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@bluestreak[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@insightexpressai[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wfkiolc5ohq.stats.esomniture[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@tribalfusion[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@sextracker[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@tacoda[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjnyqodjcgp.stats.esomniture[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@marketlive.122.2o7[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@jewelrytelevision.112.2o7[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjnyekc5ogo.stats.esomniture[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@web4.realtracker[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@yadro[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@anat.tacoda[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@yieldmanager[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.googleadservices[6].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjkoahdzklq.stats.esomniture[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@tremor.adbureau[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@feed.validclick[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ad.us-ec.adtechus[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@realmedia[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ads.cnn[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ehg-bmwna.hitbox[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.addfreestats[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@precisionclick[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@interclick[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.mediamax[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.googleadservices[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@homesteadtechnologies.122.2o7[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@trafficmp[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjl4spajsao.stats.esomniture[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@click.cybertvpartner[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@equifax.adbureau[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.googleadservices[5].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@ar.atwola[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjkoohcjkeo.stats.esomniture[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@data.coremetrics[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wfk4qgdpmkp.stats.esomniture[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@adserver.mediarun[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@rotator.adjuggler[1].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@e-2dj6wjnywnc5ico.stats.esomniture[2].txt C:\Documents and Settings\Curt Pindler\Cookies\curt_pindler@www.googleadservices[3].txt C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@advertising[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@adopt.euroclick[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@doubleclick[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@e-2dj6wjkyqocpsao.stats.esomniture[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@bs.serving-sys[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@richmedia.yahoo[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@imrworldwide[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@indextools[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@ehg-traderpublishing.hitbox[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@e-2dj6wjnyaicjieq.stats.esomniture[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@media.adrevolver[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@pro-market[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@vhost.oddcast[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@collective-media[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@counter.hitslink[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@insightfirst[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@zedo[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@perf.overture[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@trafficmp[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@4.adbrite[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@serving-sys[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@dominionenterprises.112.2o7[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@questionmarket[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@anad.tacoda[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@cvs.pnimedia[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@ad.yieldmanager[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@tacoda[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@adbrite[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@bravenet[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@fastclick[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@edge.ru4[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@overture[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@ads.traderonline[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@ehg-wastemanagement.hitbox[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@revsci[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@sales.liveperson[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@sales.liveperson[3].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@www.googleadservices[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@www.googleadservices[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@ads.x10[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@e-2dj6wflockajmcp.stats.esomniture[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@toseeka[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@mediaplex[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@ehg-lowermybills.hitbox[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@www.googleadservices[4].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@www.googleadservices[3].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@sportskids.112.2o7[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@server.iad.liveperson[3].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@atwola[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@apmebf[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@data.coremetrics[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@bizrate[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@tribalfusion[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@mattressusa.122.2o7[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@server.iad.liveperson[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@ehg-warnerbrothers.hitbox[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@statcounter[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@ehg-melbourneit.hitbox[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@warnerbros.112.2o7[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@partner2profit[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@msnportal.112.2o7[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@adrevolver[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@cratebarrel.112.2o7[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@test.coremetrics[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@e-2dj6wgkoujc5mgq.stats.esomniture[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@ehg-lifetimeentertainment.hitbox[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@adecn[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@atdmt[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@2o7[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@easy-hit-counters[1].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@insightexpressai[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry_pindler@hitbox[2].txt C:\Documents and Settings\Gerry Pindler\Cookies\gerry pindler@insightexpress[2].txt Adware.IST/ISTBar (Slotch Bar) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ISTactivex.dll HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ISTactivex.dll#.Owner HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ISTactivex.dll#{EF86873F-04C2-4A95-A373-5703C08EFC7B} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs#C:\WINDOWS\Downloaded Program Files\ISTactivex.dll [ ] HKU\S-1-5-21-453202408-401739415-653543666-1008\Software\Microsoft\Internet Explorer\Main#BandRest [ Never ] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main#BandRest [ Never ] Adware.Avenue Media/Internet Optimizer C:\Program Files\Internet Optimizer HKU\S-1-5-21-453202408-401739415-653543666-1008\Software\Microsoft\Internet Explorer\URLSearchHooks#_{CFBFAE00-17A6-11D0-99CB-00C04FD64497} Adware.ClearSearch C:\Program Files\ClearSearch Rogue.WinIFixer C:\Documents and Settings\All Users\Start Menu\Programs\WinIFixer\License Agreement.lnk C:\Documents and Settings\All Users\Start Menu\Programs\WinIFixer\Register.lnk C:\Documents and Settings\All Users\Start Menu\Programs\WinIFixer\Uninstall.lnk C:\Documents and Settings\All Users\Start Menu\Programs\WinIFixer\WinIFixer.lnk C:\Documents and Settings\All Users\Start Menu\Programs\WinIFixer C:\Program Files\WinIFixer\database.dat C:\Program Files\WinIFixer\license.txt C:\Program Files\WinIFixer\MFC71.dll C:\Program Files\WinIFixer\MFC71ENU.DLL C:\Program Files\WinIFixer\msvcp71.dll C:\Program Files\WinIFixer\msvcr71.dll C:\Program Files\WinIFixer\Uninstall.exe C:\Program Files\WinIFixer\WinIFixer.exe.local C:\Program Files\WinIFixer\WinIFixerSkin.dll C:\Program Files\WinIFixer HKLM\Software\Microsoft\Windows\CurrentVersion\Run#WinIFixer [ C:\Program Files\WinIFixer\WinIFixer.exe ] HKLM\Software\winifixer.com HKLM\Software\winifixer.com\WinIFixer HKLM\Software\winifixer.com\WinIFixer#RegistrationUrl HKLM\Software\winifixer.com\WinIFixer#RegistrationDiscUrl HKLM\Software\winifixer.com\WinIFixer#ADVid HKLM\Software\winifixer.com\WinIFixer#InstallDir HKLM\Software\winifixer.com\WinIFixer#domain HKLM\Software\winifixer.com\WinIFixer#SoftID HKLM\Software\winifixer.com\WinIFixer#DatabaseVersion HKLM\Software\winifixer.com\WinIFixer#ProgramVersion HKLM\Software\winifixer.com\WinIFixer#EngineVersion HKLM\Software\winifixer.com\WinIFixer#GuiVersion HKLM\Software\winifixer.com\WinIFixer#ProxyName HKLM\Software\winifixer.com\WinIFixer#ProxyPort HKLM\Software\winifixer.com\WinIFixer#ScanPriority HKLM\Software\winifixer.com\WinIFixer#DaysInterval HKLM\Software\winifixer.com\WinIFixer#ScanDepth HKLM\Software\winifixer.com\WinIFixer#ScanSystemOnStartup HKLM\Software\winifixer.com\WinIFixer#AutomaticallyUpdates HKLM\Software\winifixer.com\WinIFixer#MinimizeOnStart HKLM\Software\winifixer.com\WinIFixer#BackgroundScan HKLM\Software\winifixer.com\WinIFixer#BackgroundScanTimeout HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winifixer HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winifixer#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winifixer#UninstallString C:\Documents and Settings\All Users\Desktop\WinIFixer.lnk Trojan.Unknown Origin C:\WINDOWS\SYSTEM32\CTFMONB.BMP ================================= Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:18:55 AM, on 5/9/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\RealVNC\WinVNC\WinVNC.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\CTHELPER.EXE C:\windows\system\hpsysdrv.exe C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe C:\WINDOWS\System32\hphmon05.exe C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\eFax Messenger 4.2\J2GDllCmd.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\HP\KBD\KBD.EXE C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\eFax Messenger 4.2\J2GTray.exe C:\Program Files\Palm\Hotsync.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\CASIO\Photo Loader\Plauto.exe C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\Java\jre1.6.0_05\bin\javaw.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08\hpqtra08.exe C:\WINDOWS\System32\HPZipm12.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Trend Micro\HijackThis\Crusty.exe.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus10.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qus10.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://my.msn.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\NppBho.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\UIBHO.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\RealVNC\WinVNC\WinVNC.exe" -servicehelper O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [eFax 4.2] "C:\Program Files\eFax Messenger 4.2\J2GDllCmd.exe" /R O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe" O4 - HKLM\..\Run: [ctfmona] C:\WINDOWS\system32\ctfmona.exe O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMidi] MIDIDEF.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [CMSRegOW.exe] "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\CMSRegOW.exe" /r (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMidi] MIDIDEF.EXE (User 'Default user') O4 - S-1-5-18 Startup: MP3 Rocket (Minimized).lnk = C:\Program Files\MP3 Rocket\MP3Rocket.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: MP3Rocket (silent).lnk = C:\Program Files\MP3Rocket\MP3Rocket_on_startup.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: palmOne Registration.lnk = C:\Program Files\Palm\register.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: PowerReg Scheduler V3.exe (User 'SYSTEM') O4 - .DEFAULT Startup: MP3 Rocket (Minimized).lnk = C:\Program Files\MP3 Rocket\MP3Rocket.exe (User 'Default user') O4 - .DEFAULT Startup: MP3Rocket (silent).lnk = C:\Program Files\MP3Rocket\MP3Rocket_on_startup.exe (User 'Default user') O4 - .DEFAULT Startup: palmOne Registration.lnk = C:\Program Files\Palm\register.exe (User 'Default user') O4 - .DEFAULT Startup: PowerReg Scheduler V3.exe (User 'Default user') O4 - Startup: MP3 Rocket (Minimized).lnk = C:\Program Files\MP3 Rocket\MP3Rocket.exe O4 - Startup: MP3Rocket (silent).lnk = C:\Program Files\MP3Rocket\MP3Rocket_on_startup.exe O4 - Startup: palmOne Registration.lnk = C:\Program Files\Palm\register.exe O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: eFax 4.2.lnk = C:\Program Files\eFax Messenger 4.2\J2GTray.exe O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Photo Loader supervisory.lnk = C:\Program Files\CASIO\Photo Loader\Plauto.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn...taller_gmn.cab O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/5...l/gtdownls.cab O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} - O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://meetings.webex.com/client/v_...ex/ieatgpc.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O21 - SSODL: TxyyfdD - {BC87E186-162D-4B2C-11BE-0BECA7D9F395} - C:\WINDOWS\system32\bg.dll (file missing) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: VNC Server (winvnc) - RealVNC Ltd. - C:\Program Files\RealVNC\WinVNC\WinVNC.exe -- End of file - 14327 bytes