Seems like a common problem, but a lot of work to fix.... (Explorer redirects)

[peeteeuk]

Hi there, tried following instructions from other posts, but it didn't work. Explorer re-directs to rubbish sites, & my wife is threatening to throw the PC out of the window. To try & save time, I'm posting FixWareout, ComboFix & HijackThis logs. Hope you can help, & really appreciate any help that comes this way.
Regards, Petee


Username "Petee" - 10/08/2007 19:16:49 [Fixwareout edited 2007/07/05]

»»»»»Prerun check

Successfully flushed the DNS Resolver Cache.


System was rebooted successfully.

»»»»» Postrun check
HKLM\SOFTWARE\~\Winlogon\ "System"="kdpbk.exe"
....
....
»»»»» Misc files.
....
»»»»» Checking for older varients.
....

»»»»» Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVMixerTray"="\"C:\\Program Files\\NVIDIA Corporation\\NvMixer\\NVMixerTray.exe\""
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.2\\Apps\\apdproxy.exe\""
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"muBlinder"="C:\\\\muBlinder.exe -startup"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_02\\bin\\jusched.exe\""

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background"
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"BitTorrent"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized"
....
Hosts file was reset, If you use a custom hosts file please replace it
»»»»» End report »»»»»

_________________________________________________________________



ComboFix 07-08-10.8 - "Petee" 2007-08-10 20:31:12.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.164 [GMT 1:00]
* Created a new restore point


((((((((((((((((((((((((( Files Created from 2007-07-10 to 2007-08-10 )))))))))))))))))))))))))))))))


2007-08-10 20:30 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-10 17:40 <DIR> d-------- C:\Program Files\MSBuild
2007-08-10 17:37 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
2007-08-10 17:36 <DIR> d-------- C:\Program Files\Reference Assemblies
2007-08-09 16:19 <DIR> d-------- C:\Program Files\Windows Live
2007-08-09 16:19 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
2007-08-09 16:19 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
2007-08-08 19:15 <DIR> d-------- C:\DOCUME~1\Tracy\APPLIC~1\Leadertech
2007-08-08 16:33 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2007-08-08 16:33 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2007-08-08 16:33 453,120 --a------ C:\WINDOWS\system32\LTKRN13N.DLL
2007-08-08 16:33 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2007-08-08 16:33 420,352 --a------ C:\WINDOWS\system32\LFCMP13N.DLL
2007-08-08 16:33 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2007-08-08 16:33 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2007-08-08 16:33 153,600 --a------ C:\WINDOWS\system32\LTFIL13N.DLL
2007-08-07 23:24 <DIR> d-------- C:\DOCUME~1\Petee\APPLIC~1\Leadertech
2007-08-07 22:09 <DIR> d-------- C:\Program Files\Hp
2007-08-07 22:08 <DIR> d-------- C:\temp\FixEngine
2007-08-07 22:02 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2007-08-07 22:02 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2007-08-06 14:04 <DIR> d--hs---- C:\WINDOWS\CSC
2007-08-06 13:56 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-08-06 13:56 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2007-08-06 12:50 <DIR> d-------- C:\DOCUME~1\Carrie\APPLIC~1\Leadertech
2007-08-05 22:06 <DIR> d-------- C:\Program Files\Channel4
2007-08-05 22:06 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kontiki
2007-08-05 22:06 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Channel4
2007-08-04 17:00 <DIR> d-------- C:\Program Files\DivX
2007-07-28 09:46 <DIR> d-------- C:\DOCUME~1\Petee\APPLIC~1\Hewlett-Packard
2007-07-28 09:43 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2007-07-28 09:42 19,575 --a------ C:\WINDOWS\hpoins01.dat
2007-07-28 09:42 16,606 --------- C:\WINDOWS\hpomdl01.dat
2007-07-28 09:42 <DIR> d-------- C:\Program Files\Hewlett-Packard
2007-07-28 09:41 <DIR> d-------- C:\temp\HP All-in-One Series Web Release
2007-07-28 09:41 <DIR> d-------- C:\temp
2007-07-28 09:24 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2007-07-28 09:24 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-07-27 00:06 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-07-27 00:06 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-07-22 16:40 6,241 --a------ C:\dnsbak.reg
2007-07-22 14:57 <DIR> d-------- C:\DOCUME~1\Carrie\APPLIC~1\Apple Computer
2007-07-21 18:39 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2007-07-17 06:25 <DIR> d-------- C:\Completed Torrents
2007-07-14 08:22 <DIR> d-------- C:\DOCUME~1\Carrie\Contacts
2007-07-13 21:09 <DIR> d-------- C:\DOCUME~1\JOSH~1.POO\APPLIC~1\SecondLife
2007-07-13 21:04 <DIR> d-------- C:\DOCUME~1\JOSH~1.POO\Contacts
2007-07-13 20:43 <DIR> d-------- C:\DOCUME~1\JOSH~1.POO\APPLIC~1\Skype
2007-07-13 20:25 1,572,864 --a------ C:\DOCUME~1\JOSH~1.POO\NTUSER.DAT
2007-07-13 09:11 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2007-07-13 09:11 <DIR> d-------- C:\DOCUME~1\Tracy\APPLIC~1\Apple Computer
2007-07-13 08:24 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
2007-07-12 22:57 737,280 --a------ C:\WINDOWS\iun6002.exe
2007-07-12 22:57 <DIR> d-------- C:\Program Files\Codec Pack - All In 1
2007-07-12 22:24 <DIR> d-------- C:\DOCUME~1\Petee\APPLIC~1\uTorrent
2007-07-12 22:19 <DIR> d-------- C:\Program Files\BitTorrent
2007-07-12 22:19 <DIR> d-------- C:\DOCUME~1\Petee\APPLIC~1\BitTorrent
2007-07-11 08:34 <DIR> d-------- C:\ba1502e01a95e8306f1525
2007-07-11 08:32 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2007-07-11 08:32 <DIR> d-------- C:\Program Files\Winamp


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-10 20:33 --------- d-------- C:\DOCUME~1\Petee\APPLIC~1\Free Download Manager
2007-08-10 20:27 --------- d-------- C:\DOCUME~1\Petee\APPLIC~1\Skype
2007-08-10 20:26 143360 --a------ C:\ICSharpCode.SharpZipLib.dll
2007-07-26 17:49 --------- d-------- C:\Program Files\Picasa2
2007-07-25 05:52 --------- d-------- C:\Program Files\SplitCam
2007-07-08 10:58 --------- d-------- C:\DOCUME~1\Petee\APPLIC~1\SecondLife
2007-07-08 10:57 --------- d-------- C:\Program Files\SecondLife
2007-07-08 10:52 --------- d-------- C:\Program Files\iTunes
2007-07-08 10:52 --------- d-------- C:\Program Files\iPod
2007-07-08 10:52 --------- d-------- C:\DOCUME~1\Petee\APPLIC~1\Apple Computer
2007-07-08 10:51 --------- d-------- C:\Program Files\QuickTime
2007-07-08 10:51 --------- d-------- C:\Program Files\Common Files\Apple
2007-07-08 10:51 --------- d-------- C:\Program Files\Apple Software Update
2007-07-08 08:51 --------- d-------- C:\Program Files\Google
2007-07-08 08:51 --------- d-------- C:\DOCUME~1\Petee\APPLIC~1\Google
2007-07-07 23:41 13824 --a------ C:\WINDOWS\system32\drivers\splitcam.sys
2007-07-07 23:41 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-07-07 23:37 --------- d-------- C:\Program Files\Skype
2007-07-07 23:36 --------- d-------- C:\Program Files\Common Files\Skype
2007-07-07 23:33 --------- d-------- C:\Program Files\Free Download Manager
2007-07-07 23:04 1433600 --a------ C:\muBlinder.exe
2007-07-07 22:45 --------- d-------- C:\Program Files\NVIDIA Corporation
2007-07-07 22:45 --------- d-------- C:\Program Files\Common Files\NVIDIA Shared
2007-07-07 22:45 --------- d-------- C:\Program Files\Common Files\InstallShield
2007-07-07 22:42 --------- d-------- C:\Program Files\Lavasoft
2007-07-07 22:41 --------- d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-07-07 22:36 499712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-07-07 22:36 348160 --a------ C:\WINDOWS\system32\msvcr71.dll
2007-07-07 22:19 2722 --a------ C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
2007-07-07 22:18 8972 --a------ C:\WINDOWS\pchealth\helpctr\Config\Cntstore.bin
2007-07-07 22:08 0 -rahs---- C:\MSDOS.SYS
2007-07-07 22:08 --------- d-------- C:\Program Files\microsoft frontpage
2007-07-07 22:07 0 -rahs---- C:\IO.SYS
2007-07-07 22:07 0 --a------ C:\CONFIG.SYS
2007-07-07 22:07 0 --a------ C:\AUTOEXEC.BAT
2007-07-07 22:06 --------- d--h----- C:\Program Files\WindowsUpdate
2007-07-07 22:06 --------- d-------- C:\Program Files\Online Services
2007-07-07 22:05 --------- d-------- C:\Program Files\Movie Maker
2007-07-07 22:05 --------- d-------- C:\Program Files\Common Files\MSSoap
2007-07-07 22:03 --------- d-------- C:\Program Files\Windows NT
2007-07-07 22:03 --------- d-------- C:\Program Files\Windows Media Connect 2
2007-07-07 22:03 --------- d-------- C:\Program Files\MSN Gaming Zone
2007-07-07 22:03 --------- d-------- C:\Program Files\Messenger
2007-07-07 20:18 --------- d-------- C:\Program Files\Common Files\SpeechEngines
2007-07-07 20:18 --------- d-------- C:\Program Files\Common Files\ODBC
2007-06-24 08:48 86073 --a------ C:\WINDOWS\system32\usrfaxa.dll
2007-06-24 08:48 8192 --a------ C:\WINDOWS\system32\streamci.dll
2007-06-24 08:48 80128 --a------ C:\WINDOWS\system32\drivers\parport.sys
2007-06-24 08:48 77891 --a------ C:\WINDOWS\system32\usrmlnka.exe
2007-06-24 08:48 77890 --a------ C:\WINDOWS\system32\usrdpa.dll
2007-06-24 08:48 77883 --a------ C:\WINDOWS\system32\usrrtosa.dll
2007-06-24 08:48 72192 --a------ C:\WINDOWS\system32\sprio800.dll
2007-06-24 08:48 70656 --a------ C:\WINDOWS\system32\sprio600.dll
2007-06-24 08:48 69700 --a------ C:\WINDOWS\system32\usrshuta.exe
2007-06-24 08:48 69699 --a------ C:\WINDOWS\system32\usrcoina.dll
2007-06-24 08:48 69632 --a------ C:\WINDOWS\system32\spnike.dll
2007-06-24 08:48 63744 --a------ C:\WINDOWS\system32\drivers\mf.sys
2007-06-24 08:48 61824 --a------ C:\WINDOWS\system32\drivers\nic1394.sys
2007-06-24 08:48 61508 --a------ C:\WINDOWS\system32\usrprbda.exe
2007-06-24 08:48 61500 --a------ C:\WINDOWS\system32\usrcntra.dll
2007-06-24 08:48 60800 --a------ C:\WINDOWS\system32\drivers\arp1394.sys
2007-06-24 08:48 58112 --a------ C:\WINDOWS\system32\drivers\vdmindvd.sys
2007-06-24 08:48 55296 --a------ C:\WINDOWS\system32\dvdplay.exe
2007-06-24 08:48 53305 --a------ C:\WINDOWS\system32\usrlbva.dll
2007-06-24 08:48 52736 --a------ C:\WINDOWS\system32\wzcsapi.dll
2007-06-24 08:48 52224 --a------ C:\WINDOWS\system32\dmutil.dll
2007-06-24 08:48 51712 --a------ C:\WINDOWS\system32\drivers\tosdvd.sys
2007-06-24 08:48 49211 --a------ C:\WINDOWS\system32\usrvpa.dll
2007-06-24 08:48 49211 --a------ C:\WINDOWS\system32\usrsdpia.dll
2007-06-24 08:48 49209 --a------ C:\WINDOWS\system32\usrv80a.dll
2007-06-24 08:48 476160 --a------ C:\WINDOWS\system32\wzcsvc.dll
2007-06-24 08:48 47104 --a------ C:\WINDOWS\system32\cnbjmon.dll
2007-06-24 08:48 45116 --a------ C:\WINDOWS\system32\usrvoica.dll
2007-06-24 08:48 4352 --a------ C:\WINDOWS\system32\drivers\swenum.sys
2007-06-24 08:48 42496 --a------ C:\WINDOWS\system32\drivers\p3.sys
2007-06-24 08:48 41019 --a------ C:\WINDOWS\system32\usrsvpia.dll
2007-06-24 08:48 37376 --a------ C:\WINDOWS\system32\drivers\amdk7.sys
2007-06-24 08:48 36992 --a------ C:\WINDOWS\system32\drivers\amdk6.sys
2007-06-24 08:48 36480 --a------ C:\WINDOWS\system32\drivers\crusoe.sys
2007-06-24 08:48 35456 --a------ C:\WINDOWS\system32\drivers\processr.sys
2007-06-24 08:48 35328 --a------ C:\WINDOWS\system32\pid.dll
2007-06-24 08:48 323641 --a------ C:\WINDOWS\system32\usrdtea.dll
2007-06-24 08:48 3200 --a------ C:\WINDOWS\system32\wowfax.dll
2007-06-24 08:48 30080 --a------ C:\WINDOWS\system32\drivers\modem.sys
2007-06-24 08:48 262528 --a------ C:\WINDOWS\system32\drivers\cinemst2.sys
2007-06-24 08:48 25472 --a------ C:\WINDOWS\system32\drivers\sonydcam.sys
2007-06-24 08:48 23936 --a------ C:\WINDOWS\system32\drivers\usbcamd2.sys
2007-06-24 08:48 23808 --a------ C:\WINDOWS\system32\drivers\usbcamd.sys
2007-06-24 08:48 23040 --a------ C:\WINDOWS\system32\drivers\mouclass.sys
2007-06-24 08:48 21376 --a------ C:\WINDOWS\system32\drivers\tsbvcap.sys
2007-06-24 08:48 20992 --a------ C:\WINDOWS\system32\hid.dll
2007-06-24 08:48 18688 --a------ C:\WINDOWS\system32\drivers\cdaudio.sys
2007-06-24 08:48 16000 --a------ C:\WINDOWS\system32\drivers\usbintel.sys
2007-06-24 08:48 157696 --a------ C:\WINDOWS\system32\paqsp.dll
2007-06-24 08:48 15488 --a------ C:\WINDOWS\system32\drivers\mssmbios.sys
2007-06-24 08:48 15360 --a------ C:\WINDOWS\system32\pjlmon.dll
2007-06-24 08:48 147968 --a------ C:\WINDOWS\system32\mdwmdmsp.dll
2007-06-24 08:48 14592 --a------ C:\WINDOWS\system32\drivers\ndisuio.sys
2007-06-24 08:48 13824 --a------ C:\WINDOWS\system32\wowfaxui.dll
2007-06-24 08:48 12416 --a------ C:\WINDOWS\system32\drivers\tunmp.sys


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-06-03 20:51]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-19 13:26]
"nwiz"="nwiz.exe" [2007-04-19 13:26 C:\WINDOWS\system32\nwiz.exe]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-06-16 00:15]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-06-28 09:14]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-05-14 23:22]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-19 13:26]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-08-07 19:26]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"muBlinder"="C:\\muBlinder.exe" [2007-07-07 23:04]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-06-01 08:21]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-07-02 17:10]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2007-06-24 09:42]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"ShowDeskFix"=regsvr32 /s /n /i:u shell32

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-04-09 18:21:38]
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-09 18:11:12]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"System"="kdpbk.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"kdx"=C:\Program Files\Kontiki\KHost.exe -all

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"4oD"="C:\Program Files\Kontiki\KHost.exe" -all

R2 rspndr;Link-Layer Topology Discovery Responder;C:\WINDOWS\system32\DRIVERS\rspndr.sys
R3 NVENET;NVIDIA nForce Networking Controller Driver;C:\WINDOWS\system32\DRIVERS\NVENET.sys
R3 SPLITCAM;Splitcam, WDM Camera Stream Splitter;C:\WINDOWS\system32\DRIVERS\splitcam.sys
R3 STV680;USB Dual-mode Camera;C:\WINDOWS\system32\drivers\STV680.sys
R3 STV680m;USB Dual-mode Cameram;C:\WINDOWS\system32\drivers\STV680m.sys


Contents of the 'Scheduled Tasks' folder
2007-07-24 07:37:12 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
2007-08-07 21:04:08 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1185612332.job - C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe
2007-08-10 02:00:00 C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job - C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-10 20:34:13
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-08-10 20:35:17

--- E O F ---
_________________________________________________________________
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 20:28:45, on 10/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Downloads\HiJackThis_v2.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ig?hl=en
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [muBlinder] C:\\muBlinder.exe -startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/...lMgr_v01_6.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by137fd.bay137.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {BF6BBE9A-0656-4598-A0CD-32DAC03959B5} (Image Uploader 3.0 Control) - http://www.asda-photo.co.uk/wpp/asda...pcuploader.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Unknown owner - C:\Program Files\Kontiki\KService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
End of file - 9051 bytes

[Go The Power]

Please follow my advise form your other thread.