Thanks for the speedy response. A few things to mention before you look at the logs below. When I ran the .bat file, I saw the cmd screen pop up and flicker briefly, that's all it did. Also in regard to your question about the multiple times I ran Combofix, I just had some issues with power failure where I live, situation is fine now. Here are the logs:
2008-11-07 17:37:37 A------- 174 C:\Qoobox\Quarantine\catchme.log
2008-11-08 14:15:02 A------- 0 C:\Qoobox\Quarantine\C\WINDOWS\system32\8Ok4qQGr.exe.a_a.vir
2008-11-08 23:15:07 A------- 7,592 C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2008-11-08 23:16:08 A------- 2 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-CFSServ.exe.reg.dat
2008-11-08 23:16:08 A------- 2 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-NDSTray.exe.reg.dat
2008-11-08 23:16:08 A------- 2 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-TFncKy.reg.dat
--------------------------------------------------------------------
--------------------------------------------------------------------
ComboFix 08-11-09.01 - Ryan 2008-11-09 13:38:21.6 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1586 [GMT -8:00]
Running from: c:\documents and settings\Ryan\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Ryan\Desktop\CFScript.txt
* Created a new restore point
.
- REDUCED FUNCTIONALITY MODE -
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\8Ok4qQGr.exe
.
((((((((((((((((((((((((( Files Created from 2008-10-09 to 2008-11-09 )))))))))))))))))))))))))))))))
.
2008-11-09 13:24 . 2008-11-09 13:24 0 --a------ c:\windows\system32\8Ok4qQGr.exe.a_a
2008-11-05 21:36 . 2008-11-05 21:37 <DIR> d-------- C:\rsit
2008-11-05 20:43 . 2008-11-05 20:43 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-11-05 20:33 . 2008-11-05 20:43 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-05 20:08 . 2008-11-05 20:09 80,806,558 --a------ C:\registrybackup.reg
2008-11-05 19:40 . 2008-11-05 21:28 250 --a------ c:\windows\gmer.ini
2008-11-05 19:24 . 2008-11-05 19:24 <DIR> d-------- c:\program files\Trend Micro
2008-10-29 16:19 . 2005-06-03 14:09 454,656 --a------ c:\windows\system32\CapabilityTable.exe
2008-10-29 16:18 . 2005-06-03 14:07 176,128 --a------ c:\windows\system32\nvunrm.exe
2008-10-29 16:18 . 2005-02-11 00:14 4,624 --a------ c:\windows\system32\nvaudio.nvu
2008-10-29 16:18 . 2005-02-08 10:26 3,596 --a------ c:\windows\system32\nvnrm.nvu
2008-10-29 16:13 . 2005-06-03 14:07 176,128 --a------ c:\windows\system32\nvumpu.exe
2008-10-29 16:13 . 2005-06-03 14:07 176,128 --a------ c:\windows\system32\nvuaudio.exe
2008-10-29 16:12 . 2008-10-29 21:01 <DIR> d-------- c:\program files\NVIDIA Corporation
2008-10-29 16:12 . 2008-10-29 16:12 <DIR> d-------- c:\program files\Common Files\NVIDIA Shared
2008-10-29 15:55 . 2005-09-09 12:51 176,128 --------- c:\windows\system32\nvuide.exe
2008-10-29 15:49 . 2005-05-13 06:52 176,128 --a------ c:\windows\system32\nvusmb.exe
2008-10-29 15:49 . 2005-02-08 10:26 1,231 --a------ c:\windows\system32\nvsmb.nvu
2008-10-29 15:28 . 2007-11-06 17:30 158,263 --a------ c:\windows\system32\nvapps.nvb
2008-10-29 15:27 . 2008-10-29 15:30 <DIR> d-------- c:\windows\NV20762080.TMP
2008-10-28 22:31 . 2003-08-29 00:13 4,608 --a------ c:\windows\system32\drivers\CDDRV.sys
2008-10-28 15:22 . 2008-10-29 17:02 164,163 --a------ c:\windows\system32\nvapps.xml
2008-10-28 15:21 . 2007-11-06 17:59 356,352 --a------ c:\windows\system32\NVUNINST.EXE
2008-10-28 15:21 . 2007-11-06 17:30 356,352 --a------ c:\windows\system32\nvudisp.exe
2008-10-28 15:21 . 2007-11-06 17:30 17,737 --a------ c:\windows\system32\nvdisp.nvu
2008-10-27 23:34 . 2001-08-17 12:53 4,992 --a------ c:\windows\system32\drivers\loop.sys
2008-10-27 23:34 . 2001-08-17 12:53 4,992 --a--c--- c:\windows\system32\dllcache\loop.sys
2008-10-27 16:34 . 2008-10-27 16:36 <DIR> d-------- c:\windows\NV932736.TMP
2008-10-27 16:32 . 2008-10-27 16:32 664 --a------ c:\windows\system32\d3d9caps.dat
2008-10-27 16:25 . 2008-10-29 15:30 <DIR> d-------- c:\windows\nview
2008-10-27 15:41 . 2008-10-27 15:41 <DIR> d-------- c:\windows\system32\AGEIA
2008-10-27 15:41 . 2008-10-27 16:20 <DIR> d-------- c:\program files\AGEIA Technologies
2008-10-27 15:40 . 2008-10-27 15:42 <DIR> d-------- c:\windows\NV7082828.TMP
2008-10-27 15:12 . 2008-10-27 15:36 <DIR> d-------- c:\windows\NV7641132.TMP
2008-10-24 17:26 . 2008-10-24 17:26 <DIR> d-------- c:\documents and settings\Guest\Application Data\Symantec
2008-10-23 17:45 . 2008-10-15 08:34 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2008-10-22 17:21 . 2008-10-22 17:21 <DIR> d-------- c:\windows\system32\N360_BACKUP
2008-10-22 17:03 . 2008-10-22 17:03 <DIR> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-22 16:46 . 2008-10-22 16:46 <DIR> d-------- c:\program files\Windows Sidebar
2008-10-22 16:45 . 2008-11-03 15:13 <DIR> d-------- c:\program files\Norton 360
2008-10-22 16:44 . 2008-10-22 17:06 123,952 --a------ c:\windows\system32\drivers\SYMEVENT.SYS
2008-10-22 16:44 . 2008-10-22 17:06 60,800 --a------ c:\windows\system32\S32EVNT1.DLL
2008-10-22 16:44 . 2008-10-22 17:06 10,671 --a------ c:\windows\system32\drivers\SYMEVENT.CAT
2008-10-22 16:44 . 2008-10-22 17:06 805 --a------ c:\windows\system32\drivers\SYMEVENT.INF
2008-10-21 21:27 . 2008-10-03 09:41 6,066,176 -----c--- c:\windows\system32\dllcache\ieframe.dll
2008-10-21 21:27 . 2007-04-17 01:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat
2008-10-21 21:27 . 2007-03-07 21:10 991,232 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2008-10-21 21:27 . 2008-08-25 23:24 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll
2008-10-21 21:27 . 2008-08-25 23:24 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll
2008-10-21 21:27 . 2008-08-25 23:24 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll
2008-10-21 21:27 . 2008-08-25 23:24 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll
2008-10-21 21:27 . 2008-08-25 23:24 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll
2008-10-21 21:27 . 2008-08-25 00:38 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe
2008-10-21 10:28 . 2008-11-06 20:47 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-10-21 10:28 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-10-21 10:28 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-10-20 16:02 . 2008-10-20 16:02 <DIR> d-------- c:\documents and settings\Ryan\Application Data\Malwarebytes
2008-10-20 16:01 . 2008-10-20 16:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-10-20 14:53 . 2008-10-22 17:20 <DIR> d-------- c:\documents and settings\Ryan\Application Data\Symantec
2008-10-19 23:46 . 2008-10-19 23:45 30,272 --a------ c:\windows\system32\Ti56qn3F.exe
2008-10-14 10:02 . 2008-09-15 04:12 1,846,400 -----c--- c:\windows\system32\dllcache\win32k.sys
2008-10-14 10:02 . 2008-09-08 02:41 333,824 -----c--- c:\windows\system32\dllcache\srv.sys
2008-10-14 10:01 . 2008-08-14 02:11 2,189,184 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-10-14 10:01 . 2008-08-14 02:09 2,145,280 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-10-14 10:01 . 2008-08-14 01:33 2,066,048 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-10-14 10:01 . 2008-08-14 01:33 2,023,936 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-09 20:47 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-11-09 06:20 --------- d-----w c:\documents and settings\Ryan\Application Data\dvdcss
2008-11-06 04:43 --------- d-----w c:\program files\Java
2008-11-05 19:24 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint
2008-11-05 00:33 --------- d-----w c:\program files\Microsoft ActiveSync
2008-10-30 00:12 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-27 23:40 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-10-23 01:11 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2008-10-23 01:06 --------- d-----w c:\program files\Symantec
2008-10-21 01:58 --------- d-----w c:\program files\Google
2008-10-20 22:41 --------- d-----w c:\program files\Symantec AntiVirus
2008-10-16 22:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 22:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 22:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 22:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 22:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 22:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 22:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 22:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-02 16:20 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2008-10-02 16:20 107,832 ----a-w c:\windows\system32\PnkBstrB.exe
2008-10-02 16:11 66,872 ----a-w c:\windows\system32\PnkBstrA.exe
2008-10-01 23:47 --------- d-----w c:\documents and settings\Guest\Application Data\Amazon
2008-09-30 21:54 --------- d-----w c:\program files\Electronic Arts
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-04 16:31 288,024 ----a-w c:\windows\system32\PhysXCplUI.exe
2008-08-29 15:57 70,936 ----a-w c:\windows\system32\PhysXLoader.dll
2008-08-26 07:24 826,368 ----a-w c:\windows\system32\wininet.dll
2008-08-14 10:09 2,145,280 ----a-w c:\windows\system32\ntoskrnl.exe
2008-08-14 09:33 2,023,936 ----a-w c:\windows\system32\ntkrnlpa.exe
2005-11-30 00:54 5,862,994 ----a-w c:\program files\ts2_client_rc2_2032.exe
2007-10-15 02:47 10,022 --sha-w c:\windows\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((( snapshot@2008-11-07_17.41.48.65 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-11-09 20:47:33 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_1b4.dat
+ 2008-11-09 20:47:25 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_540.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayExcluded]
@="{4433A54A-1AC8-432F-90FC-85F045CF383C}"
[HKEY_CLASSES_ROOT\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}]
2008-10-31 12:24 576352 --a------ c:\program files\Common Files\Symantec Shared\Backup\buShell.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayPending]
@="{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}"
[HKEY_CLASSES_ROOT\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}]
2008-10-31 12:24 576352 --a------ c:\program files\Common Files\Symantec Shared\Backup\buShell.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayProtected]
@="{476D0EA3-80F9-48B5-B70B-05E677C9C148}"
[HKEY_CLASSES_ROOT\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}]
2008-10-31 12:24 576352 --a------ c:\program files\Common Files\Symantec Shared\Backup\buShell.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2005-05-26 112640]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-06 8523776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-06 81920]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 131072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-05 136600]
"nwiz"="nwiz.exe" [2007-11-06 c:\windows\system32\nwiz.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 01:42 72208 c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Ryan^Start Menu^Programs^Startup^Microsoft Office OneNote 2003 Quick Launch.lnk]
path=c:\documents and settings\Ryan\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk
backup=c:\windows\pss\Microsoft Office OneNote 2003 Quick Launch.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
--a------ 2008-07-10 08:47 116040 c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-13 16:12 15360 c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-07-30 09:47 289064 c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 09:50 413696 c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
-ra------ 2006-03-30 16:45 313472 c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
--a------ 2008-02-29 02:12 76304 c:\windows\KHALMNPR.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Apple Mobile Device"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"\\\\ares\\local_srvr_d\\Pegasus Archive\\Old or Shitty Games\\Quake III Arena\\quake3.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\2K Games\\Firaxis Games\\Sid Meier's Civilization 4 Gold\\Civilization4.exe"=
"c:\\Program Files\\2K Games\\Firaxis Games\\Sid Meier's Civilization 4 Gold\\Warlords\\Civ4Warlords.exe"=
"c:\\Program Files\\RealVNC\\VNC4\\winvnc4.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
R2 LBeepKE;LBeepKE;c:\windows\system32\Drivers\LBeepKE.sys [2006-06-29 3712]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
S3 CDDRV;CDDRV;c:\windows\system32\Drivers\CDDRV.sys [2003-08-29 4608]
S3 COH_Mon;COH_Mon;c:\windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
S3 HwIOctl;HwIOctl;c:\program files\Setup Files\MS-7160 v3.20\HwIOctl.sys [ ]
S3 Memctl;Memctl;c:\program files\Setup Files\MS-7160 v3.20\Memctl.sys [ ]
S3 msloop;Microsoft Loopback Adapter Driver;c:\windows\system32\DRIVERS\loop.sys [2001-08-17 4992]
S3 RushTopDevice;RushTopDevice;c:\program files\MSI\Core Center\RushTop.sys [2005-05-02 37792]
*Newly Created Service* - CATCHME
*Newly Created Service* - COMHOST
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-11-09 13:38:46
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-11-09 13:43:04
ComboFix-quarantined-files.txt 2008-11-09 21:42:44
ComboFix2.txt 2008-11-09 07:16:47
ComboFix3.txt 2008-11-08 21:00:12
ComboFix4.txt 2008-11-08 01:43:12
Pre-Run: 104,164,462,592 bytes free
Post-Run: 104,150,380,544 bytes free
230 --- E O F --- 2008-10-24 07:59:17
--------------------------------------------------------------------
--------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:44:43 PM, on 11/9/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\imapi.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsu...?1126875435921
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
--
End of file - 5466 bytes