Thread: E-mails (WTF) 02
View Single Post
Old 12-08-2006, 03:20 AM   #4 (permalink)
antman112
Registered User
 
antman112's Avatar
 
Join Date: Dec 2005
Posts: 25
OS: XP pro


wakey wakey as the day starts so does my qest for a clean computer (one thing i pride myself in)

so here we go

panda
No viruses or other malicious software have been found!

Antony - 06-12-08 9:21:31.25 Service Pack 2
ComboFix 06-12-01W-BetaE - Running from: "C:\Documents and Settings\Antony\desktop"
Command switches used :: /v rpcc

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


d:\autorun.inf . . . . failed to delete


((((((((((((((((((((((((((((((( Files Created from 2006-11-08 to 2006-12-08 ))))))))))))))))))))))))))))))))))


2006-12-08 09:12 <DIR> d-------- C:\WINDOWS\temp
2006-12-08 09:11 <DIR> d-------- C:\WINNT
2006-12-08 09:10 <DIR> d-------- C:\WINDOWS\erdnt
2006-12-07 14:30 <DIR> d-------- C:\Program Files\InterMute
2006-12-07 13:29 <DIR> d-------- C:\Program Files\Alwil Software
2006-12-07 13:13 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-12-07 13:10 <DIR> d-------- C:\Program Files\GRISOFT
2006-12-07 12:53 <DIR> d-------- C:\Program Files\CleanUp!
2006-12-07 12:45 <DIR> d--hs---- C:\WINDOWS\CSC
2006-11-30 20:55 <DIR> d-------- C:\Documents and Settings\Antony\Application Data\Help
2006-11-28 17:22 <DIR> d-------- C:\Program Files\StarWarsGalaxies
2006-11-28 17:22 <DIR> d-------- C:\Program Files\Sony
2006-11-24 14:13 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2006-11-22 13:34 <DIR> d-------- C:\Program Files\Lionhead Studios
2006-11-20 20:32 <DIR> d-------- C:\WINDOWS\Performance
2006-11-20 20:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Corporation
2006-11-20 20:31 <DIR> d-------- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
2006-11-18 21:41 <DIR> d-------- C:\Program Files\Ventrilo
2006-11-18 21:41 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2006-11-18 21:41 <DIR> d-------- C:\Documents and Settings\Antony\Application Data\Ventrilo
2006-11-18 18:53 <DIR> d-------- C:\Program Files\X3 Sector Planner
2006-11-16 14:26 <DIR> d--h----- C:\WINDOWS\PIF
2006-11-15 17:56 <DIR> d-------- C:\WINDOWS\Hewlett-Packard
2006-11-13 19:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP
2006-11-13 19:21 <DIR> d-------- C:\Program Files\Common Files\HP
2006-11-13 19:20 <DIR> d-------- C:\Program Files\Hewlett-Packard
2006-11-13 19:20 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2006-11-13 19:19 <DIR> dr--s---- C:\WINDOWS\assembly
2006-11-13 19:19 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2006-11-13 19:19 <DIR> d-------- C:\WINDOWS\Microsoft.NET
2006-11-13 19:18 139,345 --a------ C:\WINDOWS\system32\hpzlnt12.dll
2006-11-13 19:17 98,304 -ra------ C:\WINDOWS\system32\hpzjsn01.dll
2006-11-13 19:17 73,728 -ra------ C:\WINDOWS\system32\hptcpmib.dll
2006-11-13 19:17 6,784 --a------ C:\WINDOWS\system32\drivers\serscan.sys
2006-11-13 19:17 581,632 -ra------ C:\WINDOWS\system32\hpotscl.dll
2006-11-13 19:17 28,672 -ra------ C:\WINDOWS\system32\hpzjfw01.dll
2006-11-13 19:17 278,528 -ra------ C:\WINDOWS\system32\hpgwiamd.dll
2006-11-13 19:17 274,432 -ra------ C:\WINDOWS\system32\HPZc3212.dll
2006-11-13 19:17 229,376 -ra------ C:\WINDOWS\system32\hpovst08.dll
2006-11-13 19:17 212,992 -ra------ C:\WINDOWS\system32\hptcpmui.dll
2006-11-13 19:17 139,264 --a------ C:\WINDOWS\system32\hpzjrd01.dll
2006-11-13 19:17 122,880 -ra------ C:\WINDOWS\system32\hptcpmon.dll
2006-11-13 19:15 <DIR> d-------- C:\TEMP
2006-11-13 19:13 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
2006-11-13 19:13 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe
2006-11-13 19:13 61,440 --a------ C:\WINDOWS\system32\HPZinw12.exe
2006-11-13 19:13 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
2006-11-13 19:13 278,584 --a------ C:\WINDOWS\system32\HPZidr12.dll
2006-11-13 19:13 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
2006-11-13 19:11 <DIR> d--h----- C:\Config.Msi
2006-11-13 19:11 <DIR> d-------- C:\Program Files\HP
2006-11-10 12:32 <DIR> d-------- C:\Documents and Settings\Antony\Phone Browser
2006-11-10 12:32 <DIR> d-------- C:\Documents and Settings\Antony\Application Data\Nokia Multimedia Player
2006-11-10 12:32 <DIR> d-------- C:\Documents and Settings\Antony\Application Data\Nokia
2006-11-10 12:32 <DIR> d-------- C:\Documents and Settings\Antony\Application Data\Datalayer
2006-11-10 12:29 <DIR> d-------- C:\Program Files\DIFX
2006-11-10 12:29 <DIR> d-------- C:\Program Files\Common Files\Nokia
2006-11-10 12:28 8,704 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2006-11-10 12:28 50,688 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2006-11-10 12:28 4,608 --a------ C:\WINDOWS\system32\nmwcdlog.dll
2006-11-10 12:28 30,720 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2006-11-10 12:28 13,312 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2006-11-10 12:28 13,312 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2006-11-10 12:28 127,488 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2006-11-10 12:28 <DIR> d-------- C:\Program Files\Nokia
2006-11-10 12:28 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2006-11-10 12:28 <DIR> d-------- C:\Documents and Settings\Antony\Application Data\PC Suite
2006-11-10 12:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-12-08 09:20 -------- d-------- C:\Documents and Settings\Antony\Application Data\Xfire
2006-12-08 09:19 -------- d-------- C:\Program Files\Common Files\Symantec Shared
2006-12-08 09:19 -------- d-------- C:\Program Files\Common Files
2006-12-08 09:13 -------- d-------- C:\Program Files\Mozilla Firefox
2006-12-04 22:27 -------- d-------- C:\Program Files\zprogram counter
2006-12-02 20:21 -------- d---s---- C:\Program Files\Xfire
2006-11-30 14:06 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-11-24 14:54 81920 --a------ C:\WINDOWS\system32\OpenAL32.dll
2006-11-24 14:54 221184 --a------ C:\WINDOWS\system32\wrap_oal.dll
2006-11-22 14:43 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2006-11-21 15:43 -------- d-------- C:\Documents and Settings\Antony\Application Data\teamspeak2
2006-11-18 21:48 -------- d---s---- C:\Documents and Settings\Antony\Application Data\Microsoft
2006-11-17 17:30 -------- d-------- C:\Program Files\Norton SystemWorks
2006-11-13 20:39 -------- d-------- C:\Program Files\Common Files\System
2006-11-13 19:19 -------- d-------- C:\Program Files\Internet Explorer
2006-11-10 12:52 8 --a------ C:\Documents and Settings\Antony\Application Data\NMM-MetaData.db
2006-11-03 09:17 -------- d-------- C:\Documents and Settings\Antony\Application Data\DivX
2006-10-30 20:37 -------- d-------- C:\Program Files\Teamspeak2_RC2
2006-10-29 17:27 -------- d-------- C:\Program Files\WinRAR
2006-10-22 12:22 888832 --a------ C:\WINDOWS\system32\nvmobls.dll
2006-10-22 12:22 86016 --a------ C:\WINDOWS\system32\nvmctray.dll
2006-10-22 12:22 81920 --a------ C:\WINDOWS\system32\nvwddi.dll
2006-10-22 12:22 794624 --a------ C:\WINDOWS\system32\nvcplui.exe
2006-10-22 12:22 7700480 --a------ C:\WINDOWS\system32\nvcpl.dll
2006-10-22 12:22 581632 --a------ C:\WINDOWS\system32\nvhwvid.dll
2006-10-22 12:22 5644288 --a------ C:\WINDOWS\system32\nvoglnt.dll
2006-10-22 12:22 5619712 --a------ C:\WINDOWS\system32\nvdisps.dll
2006-10-22 12:22 5255168 --a------ C:\WINDOWS\system32\nvdispsr.dll
2006-10-22 12:22 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2006-10-22 12:22 458752 --a------ C:\WINDOWS\system32\nvmccssr.dll
2006-10-22 12:22 4527488 --a------ C:\WINDOWS\system32\nv4_disp.dll
2006-10-22 12:22 45056 --a------ C:\WINDOWS\system32\nvmccsrs.dll
2006-10-22 12:22 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2006-10-22 12:22 425984 --a------ C:\WINDOWS\system32\keystone.exe
2006-10-22 12:22 3994624 --a------ C:\WINDOWS\system32\drivers\nv4_mini.sys
2006-10-22 12:22 35840 --a------ C:\WINDOWS\system32\nvcodins.dll
2006-10-22 12:22 35840 --a------ C:\WINDOWS\system32\nvcod.dll
2006-10-22 12:22 3203072 --a------ C:\WINDOWS\system32\nvgamesr.dll
2006-10-22 12:22 311296 --a------ C:\WINDOWS\system32\nvexpbar.dll
2006-10-22 12:22 3047424 --a------ C:\WINDOWS\system32\nvgames.dll
2006-10-22 12:22 2973696 --a------ C:\WINDOWS\system32\nvvitvsr.dll
2006-10-22 12:22 2924544 --a------ C:\WINDOWS\system32\nvvitvs.dll
2006-10-22 12:22 286720 --a------ C:\WINDOWS\system32\nvnt4cpl.dll
2006-10-22 12:22 2859008 --a------ C:\WINDOWS\system32\nvmoblsr.dll
2006-10-22 12:22 229376 --a------ C:\WINDOWS\system32\nvmccs.dll
2006-10-22 12:22 212992 --a------ C:\WINDOWS\system32\nvapi.dll
2006-10-22 12:22 188416 --a------ C:\WINDOWS\system32\nvmccss.dll
2006-10-22 12:22 1732608 --a------ C:\WINDOWS\system32\nvwssr.dll
2006-10-22 12:22 1662976 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2006-10-22 12:22 1622016 --a------ C:\WINDOWS\system32\nwiz.exe
2006-10-22 12:22 159810 --a------ C:\WINDOWS\system32\nvsvc32.exe
2006-10-22 12:22 147456 --a------ C:\WINDOWS\system32\nvcolor.exe
2006-10-22 12:22 1470464 --a------ C:\WINDOWS\system32\nview.dll
2006-10-22 12:22 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2006-10-22 12:22 1236992 --a------ C:\WINDOWS\system32\nvwss.dll
2006-10-22 12:22 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2006-10-22 12:22 1011712 --a------ C:\WINDOWS\system32\nvcpluir.dll
2006-10-20 13:16 -------- d-------- C:\Program Files\Lavasoft
2006-10-20 13:16 -------- d-------- C:\Documents and Settings\Antony\Application Data\Lavasoft
2006-10-20 12:57 -------- d-------- C:\Program Files\Electronic Arts
2006-10-19 19:32 -------- d-------- C:\Program Files\DivX
2006-10-18 15:33 -------- d-------- C:\Program Files\CENEGA
2006-10-13 17:37 -------- d-------- C:\Documents and Settings\Antony\Application Data\AdobeUM
2006-10-13 17:37 -------- d-------- C:\Documents and Settings\Antony\Application Data\Adobe
2006-10-13 17:28 -------- d-------- C:\Documents and Settings\Antony\Application Data\Symantec
2006-10-11 09:18 -------- d-------- C:\Program Files\EA GAMES
2006-10-08 18:25 -------- d-------- C:\Documents and Settings\Antony\Application Data\Apple Computer
2006-10-08 16:01 -------- d-------- C:\Program Files\Windows Media Player
2006-10-05 20:03 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2006-10-05 04:55 62 --ahs---- C:\Documents and Settings\Antony\Application Data\desktop.ini
2006-10-04 21:44 60416 --a------ C:\WINDOWS\ALCFDRTM.EXE
2006-10-04 21:01 0 -rahs---- C:\MSDOS.SYS
2006-10-04 21:01 0 -rahs---- C:\IO.SYS
2006-10-04 21:01 0 --a------ C:\CONFIG.SYS
2006-10-04 21:01 0 --a------ C:\AUTOEXEC.BAT
2006-10-02 19:04 806912 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2006-10-02 19:04 806912 --a------ C:\WINDOWS\system32\divx_xx07.dll
2006-10-02 19:04 790528 --a------ C:\WINDOWS\system32\divx_xx11.dll
2006-10-02 19:04 635486 --a------ C:\WINDOWS\system32\DivX.dll
2006-09-15 21:52 91904 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2006-09-15 15:39 208896 --a------ C:\WINDOWS\system32\nvusmb.exe
2006-09-15 15:39 208896 --a------ C:\WINDOWS\system32\nvunrm.exe
2006-09-15 15:39 208896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2006-09-15 15:39 208896 --a------ C:\WINDOWS\system32\nvuide.exe
2006-09-15 15:39 208896 --a------ C:\WINDOWS\system32\nvudisp.exe


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"Steam"="C:\\Program Files\\Valve\\Steam\\\\Steam.exe -silent"
"PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMan"="SOUNDMAN.EXE"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"ccApp"="C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"
"ccRegVfy"="C:\\Program Files\\Common Files\\Symantec Shared\\ccRegVfy.exe"
"GhostStartTrayApp"="C:\\Program Files\\Norton SystemWorks\\Norton Ghost\\GhostStartTrayApp.exe"
"Profiler"="C:\\Program Files\\Saitek\\Software\\Profiler.exe"
"SaiSmart"="C:\\Program Files\\Saitek\\Software\\SaiSmart.exe"
"Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
"AGEIA PhysX SysTray"="C:\\Program Files\\AGEIA Technologies\\TrayIcon.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"PCSuiteTrayApplication"="C:\\PROGRA~1\\Nokia\\NOKIAP~1\\LAUNCH~1.EXE -startup"
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,e6,00,00,00,00,00,00,00,9a,03,00,00,42,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,e6,00,00,00,00,00,00,00,9a,03,00,00,42,03,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,e6,00,00,00,00,00,00,00,9a,03,00,00,42,03,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
Usnsvc REG_MULTI_SZ usnsvc\0\0


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
C:\WINDOWS\tasks\Symantec NetDetect.job

Completion time: 06-12-08 9:24:12.01
C:\ComboFix2.txt ... 06-12-08 09:12

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 09:46:07 08/12/2006

+ Scan result:



Nothing found.



::Report end

Logfile of HijackThis v1.99.1
Scan saved at 10:15:34, on 08/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Saitek\Software\Profiler.exe
C:\Program Files\Saitek\Software\SaiSmart.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\AGEIA Technologies\TrayIcon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Antony\Desktop\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe
O4 - HKLM\..\Run: [SaiSmart] C:\Program Files\Saitek\Software\SaiSmart.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe


so some intersting stuff there for you
:D i allways love this stuff

anyway
there where no problems with the scans
"Please let me know how your system is behaving."
i posted this 1st so coz my internet is working right now (with no email attacks)
but i will rebot and tell you in two secs what and say happens then

ok so far not much happen
no slow down
no 1000's of scans

but i never rule out that it mite still be there so im disconecting form the network and not resarting my computer (today at lest)
i will be back on in a bit to see what to do next
thx for your help so far
antony cowley
__________________
im dyslexic so sorry for any speeling misstkes
Last edited by antman112; 12-08-2006 at 03:27 AM.
antman112 is offline