Trojan.Vundo virus

[playerofsoccer]

My computer seems to be infected with a virus that makes pop-ups appear and causes Internet Explorer to have an error and need to close. I ran Norton Anti-Virus and it alerted me to the Trojan.Vundo virus but its been pretty useless in removing it. I also noticed a lot of spyware in the logs from Norton. I removed Wild Tanget, Viewpoint Media Player, Target Saver from my programs. I ran the Panda ActiveScan. And the HijackThis thing. I have to post the Panda ActiveScan report on another post cause it says the message is too long....

Here's the HijackThis Log main.txt:
Deckard's System Scanner v20071014.68
Run by Judy on 2007-12-18 15:42:17
Computer is in Normal Mode.

System Restore
Successfully created a Deckard's System Scanner Restore Point.
Last 5 Restore Point(s)
52: 2007-12-18 20:42:25 UTC - RP512 - Deckard's System Scanner Restore Point
51: 2007-12-17 15:30:58 UTC - RP511 - System Checkpoint
50: 2007-12-16 13:31:05 UTC - RP510 - Last known good configuration
49: 2007-12-16 13:30:58 UTC - RP509 - System Checkpoint
48: 2007-12-16 13:30:58 UTC - RP508 - System Checkpoint
First Restore Point
1: 2007-12-16 13:30:47 UTC - RP461 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 510 MiB (512 MiB recommended).
HijackThis Clone
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-12-18 15:44:50
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\smqsliwh.exe
C:\WINDOWS\system32\lxdccoms.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Jrdoo\Dkorp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\exshow95.exe
C:\Program Files\Common Files\Symantec Shared\CCAPP.EXE
C:\Program Files\Lexmark 1300 Series\lxdcamon.exe
C:\WINDOWS\mrofinu72.exe
C:\Program Files\Messenger\qugezyt77798.exe
C:\WINDOWS\system32\service.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Judy\Application Data\WinTouch\WinTouch.exe
C:\Documents and Settings\Judy\Application Data\Microsoft\Windows\rayiou.exe
C:\Program Files\Router\Router.exe
C:\WINDOWS\system32\exshow.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Judy\Desktop\dss.exe
C:\Program Files\Messenger\msmsgs.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {0468389E-F348-490E-B554-21DDE9C205D2} - C:\WINDOWS\system32\agwgjxkc.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\Plugins\RazaWebHook.dll (file missing)
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: (no name) - {174D2177-0ADF-4F6D-9565-156E1B3A1538} - C:\WINDOWS\system32\agwgjxkc.dll
O2 - BHO: (no name) - {20D57A66-F7DF-467d-907B-9B7F4A118AB7} - C:\WINDOWS\system32\pmkhg.dll (file missing)
O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: BndShell3 BHO Class - {875A1348-7674-42aa-ADAC-B4F36A004A2D} - C:\Program Files\QdrDrive\QdrDrive8.dll
O2 - BHO: {f597064e-526a-e358-e104-442b0c1fb27a} - {a72bf1c0-b244-401e-853e-a625e460795f} - C:\WINDOWS\system32\dprkvubw.dll
O2 - BHO: XBTB04715 Class - {A8B0BDED-64A5-495b-97DA-42C0301E229B} - C:\PROGRA~1\TOOLBA~1\TOOLBA~1.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {BAA8AD40-37AA-5E4B-DE5A-4DE676815CC3} - C:\WINDOWS\system32\hbz.dll
O2 - BHO: (no name) - {BBB05D9E-0297-404D-A6BF-D8F2876B84A6} - C:\WINDOWS\system32\jkkihfg.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NAVShExt.dll
O2 - BHO: (no name) - {BFC869B9-1F9D-47C7-A248-AE1ADC1CE9D7} - C:\WINDOWS\Fonts\pacp.dll (file missing)
O2 - BHO: (no name) - {DD7C6FAC-6B86-46B3-AE38-E1159772C9E6} - C:\WINDOWS\system32\ssqrs.dll
O2 - BHO: (no name) - {E7D7E97A-C01A-40D9-8CCC-EC5A43FED353} - C:\WINDOWS\system32\agwgjxkc.dll
O2 - BHO: (no name) - {F22A1307-D914-4D05-8581-D56F27D93620} - C:\WINDOWS\system32\agwgjxkc.dll
O2 - BHO: (no name) - {F342AB91-BE9A-4A4B-A6DC-77858BD61F49} - C:\WINDOWS\system32\agwgjxkc.dll
O3 - Toolbar: (no name) - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NAVShExt.dll
O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Tmxncb] C:\Program Files\Jrdoo\Dkorp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EXSHOW95.EXE] EXSHOW95.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [lxdcmon.exe] "C:\Program Files\Lexmark 1300 Series\lxdcmon.exe"
O4 - HKLM\..\Run: [lxdcamon] "C:\Program Files\Lexmark 1300 Series\lxdcamon.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu72.exe 61A847B5BBF72815308B2B27128065E9C084320161C4661227A755E9C2933154389A
O4 - HKLM\..\Run: [qugezyt] C:\Program Files\Messenger\qugezyt77798.exe
O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
O4 - HKLM\..\Run: [004609fc] rundll32.exe "C:\WINDOWS\system32\mfokoxtj.dll",b
O4 - HKCU\..\Run: [OE_OEM] "C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Sen] "C:\WINDOWS\MANTEC~1\regedit.exe" -vt yazb
O4 - HKCU\..\Run: [QdrModule10] "C:\Program Files\QdrModule\QdrModule10.exe"
O4 - HKCU\..\Run: [Umndtab] C:\WINDOWS\??mbols\?poolsv.exe
O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe
O4 - HKCU\..\Run: [WinTouch] C:\Documents and Settings\Judy\Application Data\WinTouch\WinTouch.exe
O4 - HKCU\..\Run: [SfKg6w] C:\Documents and Settings\Judy\Application Data\Microsoft\Windows\rayiou.exe
O4 - HKCU\..\Run: [Router] C:\Program Files\Router\Router.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\Plugins\RazaWebHook.dll/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - CmdMapping - (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - (no file)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nwprovau.dll
O15 - Trusted Zone: http://www.pspad.com (HKCU)
O16 - DPF: {01016526-5E80-11D8-9E86-0007E96C65AE} (SmartAccess Ctl Class) - https://install.charter.com/diskless/bin/ssctlsma.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} () - http://ak.exe.imgfarm.com/images/noc...up1.0.0.15.cab
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} () - http://download.microsoft.com/downlo...0C/wmv9dmo.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub...sh/swflash.cab
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - Winlogon Notify: jkkihfg - C:\WINDOWS\system32\jkkihfg.dll
O20 - Winlogon Notify: pacp - C:\WINDOWS\Fonts\pacp.dll (file missing)
O20 - Winlogon Notify: pmkhg - C:\WINDOWS\system32\pmkhg.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPWDSVC.EXE
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\smqsliwh.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE
O23 - Service: lxdcCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdcserv.exe
O23 - Service: lxdc_device - Unknown owner - C:\WINDOWS\system32\lxdccoms.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\WINDOWS\system32
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Windows Overlay Components - Unknown owner - C:\WINDOWS\kbmnvgn.exe
O24 - Desktop Component 0: - C:\Program Files\Online Services\xuser.html

--
End of file - 16116 bytes

-- File Associations
.reg - regfile - shell\open\command - "regedit.exe" "%1"


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled

R1 OMCI - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>

S1 d_kmd - c:\windows\system32\drivers\d_kmd.sys (file missing)
S1 vspf - c:\windows\system32\drivers\vspf5.sys (file missing)
S1 vspf_hk - c:\windows\system32\drivers\vspf_hk5.sys (file missing)
S3 BLKWGU(Belkin) (Belkin Wireless G USB Network Adapter(Belkin)) - c:\windows\system32\drivers\blkwgu.sys <Not Verified; Belkin Corporation; Wireless G USB Network Adapter>
S3 LVUSBSta (Logitech USB Monitor Filter) - c:\windows\system32\drivers\lvusbsta.sys (file missing)
S3 PID_0928 (Labtec WebCam(PID_0928)) - c:\windows\system32\drivers\lv561av.sys (file missing)
S3 SDTHOOK - c:\windows\system32\drivers\sdthook.sys <Not Verified; Panda Software; Panda® Antivirus>
S3 ZDPSp50 (ZDPSp50 NDIS Protocol Driver) - c:\windows\system32\drivers\zdpsp50.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled

R2 DomainService - c:\windows\system32\smqsliwh.exe /service <Not Verified; ; DDC>

S2 AOL ACS (AOL Connectivity Service) - c:\progra~1\common~1\aol\acs\aolacsd.exe (file missing)
S2 Network Monitor -
S2 Windows Overlay Components - c:\windows\kbmnvgn.exe (file missing)


-- Device Manager: Disabled

No disabled devices found.


-- Scheduled Tasks

2007-12-07 20:00:00 546 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - Serena's ONLY.job
2007-11-25 17:59:20 480 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - Judy.job
2007-01-14 23:12:47 380 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job


-- Files created between 2007-11-18 and 2007-12-18

2007-12-18 14:42:13 0 d-------- C:\Program Files\SpywareBlaster
2007-12-18 11:03:33 44928 --a------ C:\WINDOWS\system32\drivers\SDTHOOK.SYS <Not Verified; Panda Software; Panda® Antivirus>
2007-12-18 11:02:17 8576 --a------ C:\WINDOWS\system32\drivers\deqywclctkbk.sys <Not Verified; Panda Software International; RKPavProc Driver>
2007-12-18 09:51:34 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-12-18 09:32:35 85568 --a------ C:\WINDOWS\system32\mfokoxtj.dll
2007-12-18 09:27:09 80448 --a------ C:\WINDOWS\system32\dprkvubw.dll
2007-12-18 09:27:05 74304 --a------ C:\WINDOWS\system32\woykmyrn.exe <Not Verified; ; DDC>
2007-12-17 09:25:01 17953 --ahs---- C:\WINDOWS\system32\srqss.ini2
2007-12-17 09:24:47 324608 --a------ C:\WINDOWS\system32\ssqrs.dll
2007-12-17 09:09:14 127578 --a------ C:\WINDOWS\system32\tsuninst.exe
2007-12-17 09:05:12 385024 --a------ C:\WINDOWS\system32\WinNB57.dll <Not Verified; ; MBar IES AFF ATD>
2007-12-17 09:05:12 90112 --a------ C:\WINDOWS\system32\service.exe <Not Verified; M i r a r; M i r a r ErrorDnsTest>
2007-12-17 08:59:06 0 d-------- C:\Program Files\Router
2007-12-17 08:41:32 80448 --a------ C:\WINDOWS\system32\yasqftit.dll
2007-12-17 08:33:57 0 d-------- C:\Program Files\InetGet2
2007-12-17 08:33:57 0 d-------- C:\Documents and Settings\Judy\Application Data\WinTouch
2007-12-17 08:32:30 74304 --a------ C:\WINDOWS\system32\smqsliwh.exe <Not Verified; ; DDC>
2007-12-16 16:09:35 85568 --a------ C:\WINDOWS\system32\dntbrnrj.dll
2007-12-16 16:09:30 80448 --a------ C:\WINDOWS\system32\cdikcghi.dll
2007-12-16 16:08:43 74304 --a------ C:\WINDOWS\system32\ymogaqac.exe <Not Verified; ; DDC>
2007-12-16 08:28:54 0 d-------- C:\Program Files\WinAble
2007-12-16 08:28:54 0 d-------- C:\Program Files\Temporary
2007-12-16 08:25:40 2 --a------ C:\WINDOWS\system32\wtsicom.exe
2007-12-16 08:25:38 39936 --a------ C:\WINDOWS\mrofinu72.exe
2007-12-16 08:25:37 0 d-------- C:\Program Files\Outerinfo
2007-12-16 08:25:36 0 d-------- C:\WINDOWS\??mbols
2007-12-16 08:25:34 60928 --a------ C:\WINDOWS\system32\hbz.dll
2007-12-16 08:25:28 36352 --a------ C:\WINDOWS\system32\jkkihfg.dll
2007-12-16 08:25:28 0 d-------- C:\Program Files\QdrModule
2007-12-16 08:25:26 0 d-------- C:\Program Files\QdrDrive
2007-12-16 08:25:25 0 d-------- C:\Program Files\ISM
2007-12-16 08:25:22 0 d-------- C:\WINDOWS\??mantec
2007-12-16 08:25:22 40183 ---hs---- C:\Program Files\Common Files\Yazzle1552OinUninstaller.exe
2007-12-14 23:11:19 0 d-------- C:\Documents and Settings\Guest\Application Data\Talkback
2007-12-14 23:10:54 0 d-------- C:\Documents and Settings\Guest\Application Data\Mozilla
2007-12-12 00:20:06 0 d-------- C:\Documents and Settings\Judy\Application Data\Apple Computer
2007-12-11 09:11:44 96256 --a------ C:\WINDOWS\b151.exe
2007-12-04 09:42:40 299008 --a------ C:\WINDOWS\b148.exe
2007-12-03 18:21:18 0 d-------- C:\Documents and Settings\Guest\Application Data\Teleca
2007-12-03 18:20:36 0 d-------- C:\Documents and Settings\Guest\Application Data\Sony Ericsson
2007-12-02 15:53:57 0 d-------- C:\Documents and Settings\Judy\Application Data\MySpace
2007-12-02 15:50:32 0 d-------- C:\Documents and Settings\Judy\Application Data\Teleca
2007-12-01 18:16:11 0 d------c- C:\WINDOWS\system32\DRVSTORE
2007-12-01 18:14:22 0 d-------- C:\Documents and Settings\Judy\Application Data\Sony Ericsson
2007-12-01 18:14:02 0 d-------- C:\Program Files\Common Files\Sony Ericsson Shared
2007-12-01 18:14:01 0 d-------- C:\Program Files\Common Files\Teleca Shared
2007-12-01 18:13:59 0 d-------- C:\Program Files\Sony Ericsson
2007-12-01 17:54:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Teleca
2007-12-01 17:54:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2007-11-27 14:53:30 0 d-------- C:\Documents and Settings\Judy\Application Data\PSpad
2007-11-27 14:53:23 0 d-------- C:\Program Files\PSPad editor
2007-11-27 14:08:20 0 d-------- C:\Documents and Settings\Judy\Application Data\Talkback
2007-11-27 14:08:09 0 d-------- C:\Documents and Settings\Judy\Application Data\Mozilla
2007-11-25 18:04:52 0 d-------- C:\Documents and Settings\Judy\Application Data\Symantec
2007-11-24 10:53:16 0 d-------- C:\Documents and Settings\Judy\Incomplete
2007-11-24 10:53:00 0 d-------- C:\Documents and Settings\Judy\Application Data\LimeWire
2007-11-23 18:44:48 0 d-------- C:\Program Files\LimeWire
2007-11-23 14:51:01 0 d-------- C:\Documents and Settings\Judy\Application Data\Lexmark Productivity Studio
2007-11-23 14:16:29 0 d-------- C:\Program Files\Lx_cats
2007-11-23 14:16:03 0 d-------- C:\logs
2007-11-23 14:11:41 0 d-------- C:\Program Files\Lexmark Toolbar
2007-11-23 14:11:15 0 d-------- C:\Program Files\Lexmark 1300 Series
2007-11-23 14:11:03 286720 --a------ C:\WINDOWS\system32\LXDCinst.dll
2007-11-23 14:11:02 323584 --a------ C:\WINDOWS\system32\LXDChcp.dll <Not Verified; ; Printer Communication System>


-- Find3M Report

2007-12-18 15:32:57 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-12-18 15:30:38 0 d-------- C:\Program Files\Online Services
2007-12-18 14:05:01 0 d-------- C:\Program Files\QuickTime
2007-12-18 14:04:01 0 d-------- C:\Program Files\Norton AntiVirus
2007-12-18 13:06:02 0 d-------- C:\Program Files\Messenger
2007-12-18 13:04:57 0 d-------- C:\Program Files\Jrdoo
2007-12-18 13:03:30 0 d-------- C:\Program Files\iTunes
2007-12-18 13:01:55 0 d-------- C:\Program Files\Google
2007-12-18 09:45:38 0 d-------- C:\Program Files\WildTangent
2007-12-18 09:40:00 0 d-------- C:\Program Files\Common Files\iifm
2007-12-17 08:35:30 10 --a------ C:\Program Files\.autoreg
2007-12-16 23:33:00 0 d-------- C:\Program Files\Common Files
2007-12-05 21:10:37 0 d-------- C:\Documents and Settings\Judy\Application Data\AdobeUM
2007-11-25 11:08:59 0 d-------- C:\Documents and Settings\Judy\Application Data\U3
2007-11-24 20:06:46 0 d-------- C:\Documents and Settings\Judy\Application Data\Google
2007-11-17 15:56:23 0 d-------- C:\Program Files\Common Files\Companion Wizard
2007-11-17 15:56:21 0 d-------- C:\Program Files\VSToolbar
2007-11-17 15:56:21 0 d-------- C:\Program Files\Common Files\WinAntiVirus Pro 2006
2007-11-17 15:56:20 0 d-------- C:\Program Files\Toolbar888
2007-11-17 15:56:19 0 d-------- C:\Program Files\Common Files\Windows
2007-11-17 15:56:19 0 d-------- C:\Program Files\Common Files\VCClient
2007-11-16 16:40:39 0 d-------- C:\Documents and Settings\Judy\Application Data\Adobe
2007-11-08 10:29:22 0 d-------- C:\Documents and Settings\Judy\Application Data\Macromedia
2007-11-08 10:28:55 0 dr-h----- C:\Documents and Settings\Judy\Application Data\yahoo!
2007-11-05 21:11:41 0 d-------- C:\Program Files\Common Files\SupportSoft
2007-11-05 21:11:38 0 d-------- C:\Program Files\CHARTER


-- Registry Dump

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0468389E-F348-490E-B554-21DDE9C205D2}]
06/13/2007 09:13 PM 0 --a------ C:\WINDOWS\system32\agwgjxkc.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{174D2177-0ADF-4F6D-9565-156E1B3A1538}]
06/13/2007 09:13 PM 0 --a------ C:\WINDOWS\system32\agwgjxkc.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{20D57A66-F7DF-467d-907B-9B7F4A118AB7}]
C:\WINDOWS\system32\pmkhg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{46A4E9D9-B30E-452A-8157-DBBEC8573B03}]
C:\Program Files\VSAdd-in\VSAdd-in.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{875A1348-7674-42aa-ADAC-B4F36A004A2D}]
10/27/2007 02:37 PM 192512 --a------ C:\Program Files\QdrDrive\QdrDrive8.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a72bf1c0-b244-401e-853e-a625e460795f}]
12/18/2007 09:27 AM 80448 --a------ C:\WINDOWS\system32\dprkvubw.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A8B0BDED-64A5-495b-97DA-42C0301E229B}]
C:\PROGRA~1\TOOLBA~1\TOOLBA~1.DLL

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BAA8AD40-37AA-5E4B-DE5A-4DE676815CC3}]
11/01/2007 08:44 AM 60928 --a------ C:\WINDOWS\system32\hbz.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BBB05D9E-0297-404D-A6BF-D8F2876B84A6}]
12/16/2007 08:25 AM 36352 --a------ C:\WINDOWS\system32\jkkihfg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BFC869B9-1F9D-47C7-A248-AE1ADC1CE9D7}]
C:\WINDOWS\Fonts\pacp.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DD7C6FAC-6B86-46B3-AE38-E1159772C9E6}]
12/17/2007 09:24 AM 324608 --a------ C:\WINDOWS\system32\ssqrs.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E7D7E97A-C01A-40D9-8CCC-EC5A43FED353}]
06/13/2007 09:13 PM 0 --a------ C:\WINDOWS\system32\agwgjxkc.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F22A1307-D914-4D05-8581-D56F27D93620}]
06/13/2007 09:13 PM 0 --a------ C:\WINDOWS\system32\agwgjxkc.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F342AB91-BE9A-4A4B-A6DC-77858BD61F49}]
06/13/2007 09:13 PM 0 --a------ C:\WINDOWS\system32\agwgjxkc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [12/20/2005 08:54 PM]
"Tmxncb"="C:\Program Files\Jrdoo\Dkorp.exe" [03/06/2006 03:26 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [02/15/2006 01:50 PM]
"EXSHOW95.EXE"="EXSHOW95.EXE" [09/07/2001 03:18 PM C:\WINDOWS\system32\exshow95.exe]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [01/09/2007 05:32 PM]
"lxdcmon.exe"="C:\Program Files\Lexmark 1300 Series\lxdcmon.exe" []
"lxdcamon"="C:\Program Files\Lexmark 1300 Series\lxdcamon.exe" [04/30/2007 03:19 AM]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [06/13/2007 08:16 AM]
"runner1"="C:\WINDOWS\mrofinu72.exe" [12/16/2007 08:25 AM]
"qugezyt"="C:\Program Files\Messenger\qugezyt77798.exe" [08/07/2007 03:30 PM]
"MDNS"="C:\WINDOWS\system32\service.exe" [12/17/2007 09:05 AM]
"004609fc"="C:\WINDOWS\system32\mfokoxtj.dll" [12/18/2007 09:32 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OE_OEM"="C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [11/08/2007 10:28 AM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 11:24 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 06:00 AM]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [03/01/2007 05:11 PM]
"Sen"="C:\WINDOWS\MANTEC~1\regedit.exe" []
"QdrModule10"="C:\Program Files\QdrModule\QdrModule10.exe" []
"Umndtab"="C:\WINDOWS\??mbols\?poolsv.exe" []
"WinAble"="C:\Program Files\WinAble\winable.exe" []
"WinTouch"="C:\Documents and Settings\Judy\Application Data\WinTouch\WinTouch.exe" [12/17/2007 08:34 AM]
"SfKg6w"="C:\Documents and Settings\Judy\Application Data\Microsoft\Windows\rayiou.exe" [12/17/2007 08:34 AM]
"Router"="C:\Program Files\Router\Router.exe" [12/17/2007 08:59 AM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [5/11/2005 11:23:26 PM]

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= C:\Program Files\Online Services\xuser.html
FriendlyName=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{20D57A66-F7DF-467d-907B-9B7F4A118AB7}"= C:\WINDOWS\system32\pmkhg.dll [ ]
"{BBB05D9E-0297-404D-A6BF-D8F2876B84A6}"= C:\WINDOWS\system32\jkkihfg.dll [12/16/2007 08:25 AM 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkihfg]
jkkihfg.dll 12/16/2007 08:25 AM 36352 C:\WINDOWS\system32\jkkihfg.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pacp]
C:\WINDOWS\Fonts\pacp.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmkhg]
pmkhg.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\ssqrs.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\d_kmd.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Belkin Wireless USB Utility.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Belkin Wireless USB Utility.lnk
backup=C:\WINDOWS\pss\Belkin Wireless USB Utility.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced Tools Check]
C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
"C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US ee://aol/imApp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\awtiqrsf]
C:\WINDOWS\system32\jpghzdqw.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]
"C:\Program Files\BearShare\BearShare.exe" /pause

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
C:\WINDOWS\system32\dla\tfswctrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DllRunning]
rundll32.exe "C:\WINDOWS\system32\njjaahsp.dll",setvm

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
C:\Program Files\Dell\Media Experience\DMXLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
"C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
C:\Program Files\Common Files\AOL\1137197965\ee\AOLSoftware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\WINDOWS\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
"C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaGateway]
C:\Program Files\MediaGateway\MediaGateway.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OE_OEM]
"C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pccguide.exe]
"C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PopUpStopperFreeEdition]
"C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tmxncb]
C:\Program Files\Jrdoo\Dkorp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave]
"C:\Program Files\Save\Save.exe"




-- End of Deckard's System Scanner: finished at 2007-12-18 15:46:52 ------------

[playerofsoccer]

Here's the Panda ActiveScan report, I attached it cause its too many characters.

[playerofsoccer]

********************bump******************************************

[tetonbob]

Hello, and Welcome to TSF.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

This machine is in a bit of a mess.

Is your Norton subscription current?

---------------------------------------------------------------------------------------------

1. Download this file - http://download.bleepingcomputer.com...a/ComboFix.exe
   
   * IMPORTANT !!! Place combofix.exe on your Desktop
   
   
   
2. Disconnect from the internet....pull the plug!
   
3. Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
   
4. Go to -> Run -> paste in the following single line command & click OK
   
   

   "%userprofile%\desktop\combofix.exe" /killall

   
   
   
   
5. Follow the prompts. Type "1" and press Enter to begin the scan.
6. Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
   
7. When finished, it shall produce a log for you. Post that log in your next reply
   
   Note:
   Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
   
   ---------------------------------------------------------------------------------------------
   
8. Ensure your AntiVirus and AntiSpyware applications are re-enabled. A reboot should have done this.
   
9. Re-establish an internet connection.
   
10. Open HijackThis and click on 'Do a System Scan and save a Logfile'. Save the log file and post it here.
    
    ---------------------------------------------------------------------------------------------

[playerofsoccer]

Here's the ComboFix log:

ComboFix 07-12-23.2 - Judy 2007-12-23 11:52:15.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.263 [GMT -5:00]
Running from: C:\Documents and Settings\Judy\desktop\combofix.exe
Command switches used :: /killall
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006
C:\Documents and Settings\Judy\Application Data\WinTouch
C:\Documents and Settings\Judy\Application Data\WinTouch\wintouch.cfg
C:\Documents and Settings\Judy\Application Data\WinTouch\WinTouch.exe
C:\Documents and Settings\Judy\Start Menu\Programs\Internet Speed Monitor
C:\Documents and Settings\Judy\Start Menu\Programs\Internet Speed Monitor\Check Now.lnk
C:\Documents and Settings\Judy\Start Menu\Programs\Internet Speed Monitor\Uninstall.lnk
C:\Documents and Settings\Judy\Start Menu\Programs\Outerinfo
C:\Documents and Settings\Judy\Start Menu\Programs\Outerinfo\Terms.lnk
C:\Documents and Settings\Judy\Start Menu\Programs\Outerinfo\Uninstall.lnk
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt
C:\Program Files\Common Files\companion wizard
C:\Program Files\Common Files\inetget
C:\Program Files\Common Files\vcclient
C:\Program Files\Common Files\vcclient\ICSharpCode.SharpZipLib.dll
C:\Program Files\Common Files\vcclient\temp.txt
C:\Program Files\Common Files\vcclient\Version.txt
C:\Program Files\Common Files\winantivirus pro 2006
C:\Program Files\Common Files\windows
C:\Program Files\Common Files\windows\AutoIt3.exe
C:\Program Files\Common Files\windows\psapi.dll
C:\Program Files\Common Files\Yazzle1552OinUninstaller.exe
C:\Program Files\inetget2
C:\Program Files\ISM
C:\Program Files\ISM\ism.exe
C:\Program Files\ISM\Uninstall.exe
C:\Program Files\MyWebSearch
C:\Program Files\network monitor
C:\Program Files\Online Services\xuser.html
C:\Program Files\outerinfo
C:\Program Files\outerinfo\FF\chrome.manifest
C:\Program Files\outerinfo\FF\components\OuterinfoAds.xpt
C:\Program Files\outerinfo\FF\install.rdf
C:\Program Files\outerinfo\Terms.rtf
C:\Program Files\outlook
C:\Program Files\outlook\p.zip
C:\Program Files\QdrDrive
C:\Program Files\QdrDrive\QdrDrive8.dll
C:\Program Files\QdrDrive\qdrloader.exe
C:\Program Files\QdrModule
C:\Program Files\QdrModule\dic.gz
C:\Program Files\QdrModule\kwd.gz
C:\Program Files\Temporary
C:\Program Files\toolbar888
C:\Program Files\toolbar888\basis.xml
C:\Program Files\toolbar888\basis.xmlold
C:\Program Files\toolbar888\icons.bmp
C:\Program Files\toolbar888\installed.html
C:\Program Files\toolbar888\logo.bmp
C:\Program Files\toolbar888\ToolBar888.crc
C:\Program Files\toolbar888\version.txt
C:\Program Files\vsadd-in
C:\Program Files\WinAble
C:\Redemption.ECF
C:\setup.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\mantec~1
C:\WINDOWS\mantec~1\??mantec\
C:\WINDOWS\mbols~1
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\system32\bvjbwflp.dll
C:\WINDOWS\system32\cfkpkqnc.exe
C:\WINDOWS\system32\ckbcglen.ini
C:\WINDOWS\system32\cmd.com
C:\WINDOWS\system32\ddaby.dll
C:\WINDOWS\system32\drbuveel.dll
C:\WINDOWS\system32\fgbtddgw.ini
C:\WINDOWS\system32\flmjxxii.dll
C:\WINDOWS\system32\hbz.dll
C:\WINDOWS\system32\ijjlm.ini
C:\WINDOWS\system32\ijjlm.ini2
C:\WINDOWS\system32\jkkihfg.dll
C:\WINDOWS\system32\jkklk.dll
C:\WINDOWS\system32\jnxjlnap.dll
C:\WINDOWS\system32\jnxsbwob.ini
C:\WINDOWS\system32\jrnrbtnd.ini
C:\WINDOWS\system32\jtxokofm.ini
C:\WINDOWS\system32\leevubrd.ini
C:\WINDOWS\system32\mljji.dll
C:\WINDOWS\system32\mviuflrf.exe
C:\WINDOWS\system32\netstat.com
C:\WINDOWS\system32\nshnyiyl.ini
C:\WINDOWS\system32\opqss.ini
C:\WINDOWS\system32\opqss.ini2
C:\WINDOWS\system32\ping.com
C:\WINDOWS\system32\plfwbjvb.ini
C:\WINDOWS\system32\pljfqgca.dll
C:\WINDOWS\system32\regedit.com
C:\WINDOWS\system32\service.exe
C:\WINDOWS\system32\ssqpo.dll
C:\WINDOWS\system32\ssqrs.dll
C:\WINDOWS\system32\stera.job
C:\WINDOWS\system32\stera.log
C:\WINDOWS\system32\syvbgwps.ini
C:\WINDOWS\system32\taskkill.com
C:\WINDOWS\system32\tasklist.com
C:\WINDOWS\system32\tracert.com
C:\WINDOWS\system32\uaoxlvji.ini
C:\WINDOWS\system32\uskeoilr.ini
C:\WINDOWS\system32\wtsicom.exe
C:\WINDOWS\system32\ybadd.ini
C:\WINDOWS\system32\ybadd.ini2
C:\WINDOWS\winsysupd121.dat

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_CMDSERVICE
-------\LEGACY_DOMAINSERVICE
-------\LEGACY_FOPN
-------\LEGACY_NETWORK_MONITOR
-------\LEGACY_VSPF
-------\LEGACY_VSPF_HK
-------\LEGACY_WINDOWS_OVERLAY_COMPONENTS
-------\DomainService
-------\Network Monitor
-------\nm
-------\vspf
-------\vspf_hk
-------\Windows Overlay Components


((((((((((((((((((((((((( Files Created from 2007-11-23 to 2007-12-23 )))))))))))))))))))))))))))))))
.

2007-12-21 13:29 . 2007-12-21 13:29 <DIR> d-------- C:\Program Files\MySQL
2007-12-20 15:29 . 2007-12-20 15:29 74,304 --a------ C:\WINDOWS\system32\pbrypnux.exe
2007-12-18 15:41 . 2007-12-18 15:41 <DIR> d-------- C:\Deckard
2007-12-18 14:44 . 2007-12-22 16:59 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-18 14:44 . 2007-12-18 14:44 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-18 14:42 . 2007-12-18 14:42 <DIR> d-------- C:\Program Files\SpywareBlaster
2007-12-18 11:03 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\system32\drivers\SDTHOOK.SYS
2007-12-18 11:02 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\system32\drivers\deqywclctkbk.sys
2007-12-18 09:51 . 2007-12-18 14:22 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-12-18 09:51 . 2007-12-18 10:58 30,590 --a------ C:\WINDOWS\system32\pavas.ico
2007-12-18 09:51 . 2007-12-18 10:58 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
2007-12-18 09:51 . 2007-12-18 10:58 1,406 --a------ C:\WINDOWS\system32\Help.ico
2007-12-17 09:05 . 2007-11-02 19:04 385,024 --a------ C:\WINDOWS\system32\WinNB57.dll
2007-12-17 08:59 . 2007-12-18 14:08 <DIR> d-------- C:\Program Files\Router
2007-12-14 23:11 . 2007-12-14 23:11 <DIR> d-------- C:\Documents and Settings\Guest\Application Data\Talkback
2007-12-12 00:20 . 2007-12-12 00:20 <DIR> d-------- C:\Documents and Settings\Judy\Application Data\Apple Computer
2007-12-11 08:45 . 2007-04-23 15:54 108,680 -ra------ C:\WINDOWS\system32\drivers\s115mdm.sys
2007-12-11 08:45 . 2007-04-23 15:54 100,488 -ra------ C:\WINDOWS\system32\drivers\s115mgmt.sys
2007-12-11 08:45 . 2007-04-23 15:54 98,568 -ra------ C:\WINDOWS\system32\drivers\s115obex.sys
2007-12-11 08:45 . 2007-04-23 15:54 83,208 -ra------ C:\WINDOWS\system32\drivers\s115bus.sys
2007-12-11 08:45 . 2007-04-23 15:54 15,112 -ra------ C:\WINDOWS\system32\drivers\s115mdfl.sys
2007-12-11 08:45 . 2007-04-23 15:54 12,424 -ra------ C:\WINDOWS\system32\drivers\s115whnt.sys
2007-12-11 08:45 . 2007-04-23 15:54 12,424 -ra------ C:\WINDOWS\system32\drivers\s115wh.sys
2007-12-11 08:45 . 2007-04-23 15:54 12,424 -ra------ C:\WINDOWS\system32\drivers\s115cmnt.sys
2007-12-11 08:45 . 2007-04-23 15:54 12,424 -ra------ C:\WINDOWS\system32\drivers\s115cm.sys
2007-12-03 18:21 . 2007-12-14 00:03 <DIR> d-------- C:\Documents and Settings\Guest\Application Data\Teleca
2007-12-03 18:20 . 2007-12-03 18:20 <DIR> d-------- C:\Documents and Settings\Guest\Application Data\Sony Ericsson
2007-12-02 15:53 . 2007-12-02 15:53 <DIR> d-------- C:\Documents and Settings\Judy\Application Data\MySpace
2007-12-02 15:50 . 2007-12-11 08:45 <DIR> d-------- C:\Documents and Settings\Judy\Application Data\Teleca
2007-12-01 18:16 . 2007-12-01 18:16 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2007-12-01 18:14 . 2007-12-18 13:01 <DIR> d-------- C:\Program Files\Common Files\Teleca Shared
2007-12-01 18:14 . 2007-12-18 13:00 <DIR> d-------- C:\Program Files\Common Files\Sony Ericsson Shared
2007-12-01 18:14 . 2007-12-01 18:14 <DIR> d-------- C:\Documents and Settings\Judy\Application Data\Sony Ericsson
2007-12-01 18:13 . 2007-12-01 18:13 <DIR> d-------- C:\Program Files\Sony Ericsson
2007-12-01 17:54 . 2007-12-01 18:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Teleca
2007-12-01 17:54 . 2007-12-01 18:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2007-11-27 14:53 . 2007-12-18 14:04 <DIR> d-------- C:\Program Files\PSPad editor
2007-11-27 14:53 . 2007-11-27 14:53 <DIR> d-------- C:\Documents and Settings\Judy\Application Data\PSpad
2007-11-27 14:08 . 2007-11-27 14:08 <DIR> d-------- C:\Documents and Settings\Judy\Application Data\Talkback
2007-11-25 18:04 . 2007-11-25 18:04 <DIR> d-------- C:\Documents and Settings\Judy\Application Data\Symantec
2007-11-24 10:53 . 2007-11-24 10:53 <DIR> d-------- C:\Documents and Settings\Judy\Incomplete
2007-11-24 10:53 . 2007-12-22 17:08 <DIR> d-------- C:\Documents and Settings\Judy\Application Data\LimeWire
2007-11-23 18:44 . 2007-11-24 10:52 <DIR> d-------- C:\Program Files\LimeWire
2007-11-23 14:51 . 2007-11-23 14:51 <DIR> d-------- C:\Documents and Settings\Judy\Application Data\Lexmark Productivity Studio
2007-11-23 14:16 . 2007-12-23 00:27 <DIR> d-------- C:\Program Files\Lx_cats
2007-11-23 14:16 . 2007-11-23 14:16 <DIR> d-------- C:\logs
2007-11-23 14:15 . 2007-03-28 08:16 344,064 --a------ C:\WINDOWS\system32\lxdccoin.dll
2007-11-23 14:15 . 2006-05-17 21:47 40,960 --a------ C:\WINDOWS\system32\lxdcvs.dll
2007-11-23 14:11 . 2007-12-18 13:05 <DIR> d-------- C:\Program Files\Lexmark Toolbar
2007-11-23 14:11 . 2007-12-18 13:05 <DIR> d-------- C:\Program Files\Lexmark 1300 Series
2007-11-23 14:11 . 2007-05-17 09:17 1,232,896 --a------ C:\WINDOWS\system32\lxdcserv.dll
2007-11-23 14:11 . 2007-05-17 08:58 999,424 --a------ C:\WINDOWS\system32\lxdcusb1.dll
2007-11-23 14:11 . 2007-05-23 23:05 507,904 --a------ C:\WINDOWS\system32\lxdcutil.dll
2007-11-23 14:11 . 2007-05-17 08:59 413,696 --a------ C:\WINDOWS\system32\lxdcinpa.dll
2007-11-23 14:11 . 2007-05-17 09:08 397,312 --a------ C:\WINDOWS\system32\lxdciesc.dll
2007-11-23 14:11 . 2007-05-17 08:54 323,584 --a------ C:\WINDOWS\system32\LXDChcp.dll
2007-11-23 14:11 . 2007-05-17 09:09 286,720 --a------ C:\WINDOWS\system32\LXDCinst.dll
2007-11-23 14:11 . 2007-11-23 14:16 132,002 --a------ C:\WINDOWS\system32\LexFiles.ulf
2007-11-23 14:11 . 2006-12-05 23:19 44 --a------ C:\WINDOWS\system32\lxdcrwrd.ini

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-23 16:43 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-12-22 01:45 --------- d-----w C:\Documents and Settings\Judy\Application Data\AdobeUM
2007-12-18 19:05 --------- d-----w C:\Program Files\QuickTime
2007-12-18 19:04 --------- d-----w C:\Program Files\Norton AntiVirus
2007-12-18 18:04 --------- d-----w C:\Program Files\Jrdoo
2007-12-18 18:03 --------- d-----w C:\Program Files\iTunes
2007-12-18 18:01 --------- d-----w C:\Program Files\Google
2007-12-18 14:45 --------- d-----w C:\Program Files\WildTangent
2007-12-18 14:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2007-12-18 14:40 --------- d-----w C:\Program Files\Common Files\iifm
2007-12-17 13:35 10 ----a-w C:\Program Files\.autoreg
2007-11-25 16:08 --------- d-----w C:\Documents and Settings\Judy\Application Data\U3
2007-11-17 20:56 --------- d-----w C:\Program Files\VSToolbar
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-12 13:49 --------- d--h--r C:\Documents and Settings\puppy\Application Data\yahoo!
2007-11-08 15:28 --------- d--h--r C:\Documents and Settings\Judy\Application Data\yahoo!
2007-11-06 02:11 --------- d-----w C:\Program Files\Common Files\SupportSoft
2007-11-06 02:11 --------- d-----w C:\Program Files\CHARTER
2007-03-01 17:23 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2007-01-15 03:40 829,980 --sh--w C:\WINDOWS\Fonts\pcap.bak1
2007-01-12 17:14 56 --sh--r C:\WINDOWS\system32\695738DC42.sys
2007-01-12 17:14 3,350 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0468389E-F348-490E-B554-21DDE9C205D2}]
2007-06-13 21:13 0 --a------ C:\WINDOWS\system32\agwgjxkc.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{174D2177-0ADF-4F6D-9565-156E1B3A1538}]
2007-06-13 21:13 0 --a------ C:\WINDOWS\system32\agwgjxkc.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A8B0BDED-64A5-495b-97DA-42C0301E229B}]
C:\PROGRA~1\TOOLBA~1\TOOLBA~1.DLL

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BFC869B9-1F9D-47C7-A248-AE1ADC1CE9D7}]
C:\WINDOWS\Fonts\pacp.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E7D7E97A-C01A-40D9-8CCC-EC5A43FED353}]
2007-06-13 21:13 0 --a------ C:\WINDOWS\system32\agwgjxkc.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F22A1307-D914-4D05-8581-D56F27D93620}]
2007-06-13 21:13 0 --a------ C:\WINDOWS\system32\agwgjxkc.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F342AB91-BE9A-4A4B-A6DC-77858BD61F49}]
2007-06-13 21:13 0 --a------ C:\WINDOWS\system32\agwgjxkc.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OE_OEM"="C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-08 10:28]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-03-01 17:11]
"Sen"="C:\WINDOWS\MANTEC~1\regedit.exe" []
"QdrModule10"="C:\Program Files\QdrModule\QdrModule10.exe" []
"Umndtab"="C:\WINDOWS\??mbols\?poolsv.exe" []
"Router"="C:\Program Files\Router\Router.exe" [2007-12-17 08:59]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-02-15 13:50]
"Tmxncb"="C:\Program Files\Jrdoo\Dkorp.exe" [2006-03-06 03:26]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-12-20 20:54]
"Tmxncb"="C:\Program Files\Jrdoo\Dkorp.exe" [2006-03-06 03:26]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-02-15 13:50]
"EXSHOW95.EXE"="EXSHOW95.EXE" [2001-09-07 15:18 C:\WINDOWS\system32\exshow95.exe]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 17:32]
"lxdcmon.exe"="C:\Program Files\Lexmark 1300 Series\lxdcmon.exe" []
"lxdcamon"="C:\Program Files\Lexmark 1300 Series\lxdcamon.exe" [2007-04-30 03:19]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-06-13 08:16]
"qugezyt"="C:\Program Files\Messenger\qugezyt77798.exe" [2007-08-07 15:30]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-12-07 02:33]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pacp]
C:\WINDOWS\Fonts\pacp.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmkhg]
pmkhg.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\d_kmd.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Belkin Wireless USB Utility.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Belkin Wireless USB Utility.lnk
backup=C:\WINDOWS\pss\Belkin Wireless USB Utility.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced Tools Check]
2004-08-18 07:44 78976 --a------ C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe /d locale=en-US ee://aol/imApp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\awtiqrsf]
C:\WINDOWS\system32\jpghzdqw.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]
C:\Program Files\BearShare\BearShare.exe /pause

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
2007-01-09 17:32 58984 --a------ C:\Program Files\Common Files\Symantec Shared\ccApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
2004-12-06 02:05 127035 --a--c--- C:\WINDOWS\system32\dla\tfswctrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DllRunning]
rundll32.exe C:\WINDOWS\system32\njjaahsp.dll,setvm

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
2005-01-27 02:02 86016 --a--c--- C:\Program Files\Dell\Media Experience\DMXLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2005-02-23 17:19 53248 -----c--- C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
C:\Program Files\Common Files\AOL\1137197965\ee\AOLSoftware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2005-09-20 08:32 77824 --a------ C:\WINDOWS\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-05-11 23:12 49152 --a--c--- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2005-09-20 08:32 77824 --a------ C:\WINDOWS\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-09-20 08:36 114688 --a------ C:\WINDOWS\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2005-09-20 08:35 94208 --a------ C:\WINDOWS\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
2005-01-19 10:45 458752 --a------ C:\Program Files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
2005-01-19 10:39 217088 --a------ C:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaGateway]
C:\Program Files\MediaGateway\MediaGateway.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OE_OEM]
C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pccguide.exe]
C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2005-09-20 08:36 114688 --a------ C:\WINDOWS\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PopUpStopperFreeEdition]
2003-04-29 10:40 524288 --a--c--- C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2004-10-14 20:42 1404928 --a--c--- C:\Program Files\Analog Devices\Core\smax4pnp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2005-11-10 12:03 36975 --a------ C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tmxncb]
2006-03-06 03:26 37512 --a------ C:\Program Files\Jrdoo\Dkorp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave]
C:\Program Files\Save\Save.exe

R2 lxdc_device;lxdc_device;C:\WINDOWS\system32\lxdccoms.exe -service []
R3 KMW_SYS;Kensington MouseWorks Mouse filter driver;C:\WINDOWS\system32\DRIVERS\KMW_SYS.sys [2001-09-07 16:10]
R3 NPDriver;Norton Unerase Protection Driver;C:\WINDOWS\system32\Drivers\NPDRIVER.SYS [2002-08-14 06:03]
S1 d_kmd;d_kmd;C:\WINDOWS\system32\drivers\d_kmd.sys []
S2 lxdcCATSCustConnectService;lxdcCATSCustConnectService;C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdcserv.exe [2007-05-25 04:38]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);C:\WINDOWS\system32\DRIVERS\s115bus.sys [2007-04-23 15:54]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s115mdfl.sys [2007-04-23 15:54]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s115mdm.sys [2007-04-23 15:54]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s115mgmt.sys [2007-04-23 15:54]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s115obex.sys [2007-04-23 15:54]
S3 SDTHOOK;SDTHOOK;C:\WINDOWS\system32\DRIVERS\SDTHOOK.sys [2007-06-05 10:56]

.
Contents of the 'Scheduled Tasks' folder
"2007-11-25 22:59:20 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - Judy.job"
- C:\PROGRA~1\NORTON~1\Navw32.exeh/task:
"2007-12-22 01:00:01 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - Serena's ONLY.job"
- C:\PROGRA~1\NORTON~1\Navw32.exeh/task:
"2007-01-15 04:12:47 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-23 12:10:11
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-23 12:11:41 - machine was rebooted
.
2007-12-13 00:16:11 --- E O F ---

Here's the HijackThis Logfile:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:06 PM, on 12/23/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\lxdccoms.exe
C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Jrdoo\Dkorp.exe
C:\WINDOWS\system32\EXSHOW95.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark 1300 Series\lxdcamon.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Messenger\qugezyt77798.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Router\Router.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Jrdoo\Dkorp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\EXSHOW.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {0468389E-F348-490E-B554-21DDE9C205D2} - C:\WINDOWS\system32\agwgjxkc.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\Plugins\RazaWebHook.dll (file missing)
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: (no name) - {174D2177-0ADF-4F6D-9565-156E1B3A1538} - C:\WINDOWS\system32\agwgjxkc.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: XBTB04715 Class - {A8B0BDED-64A5-495b-97DA-42C0301E229B} - C:\PROGRA~1\TOOLBA~1\TOOLBA~1.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {BFC869B9-1F9D-47C7-A248-AE1ADC1CE9D7} - C:\WINDOWS\Fonts\pacp.dll (file missing)
O2 - BHO: (no name) - {E7D7E97A-C01A-40D9-8CCC-EC5A43FED353} - C:\WINDOWS\system32\agwgjxkc.dll
O2 - BHO: (no name) - {F22A1307-D914-4D05-8581-D56F27D93620} - C:\WINDOWS\system32\agwgjxkc.dll
O2 - BHO: (no name) - {F342AB91-BE9A-4A4B-A6DC-77858BD61F49} - C:\WINDOWS\system32\agwgjxkc.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Tmxncb] C:\Program Files\Jrdoo\Dkorp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EXSHOW95.EXE] EXSHOW95.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [lxdcmon.exe] "C:\Program Files\Lexmark 1300 Series\lxdcmon.exe"
O4 - HKLM\..\Run: [lxdcamon] "C:\Program Files\Lexmark 1300 Series\lxdcamon.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [qugezyt] C:\Program Files\Messenger\qugezyt77798.exe
O4 - HKCU\..\Run: [OE_OEM] "C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Sen] "C:\WINDOWS\MANTEC~1\regedit.exe" -vt yazb
O4 - HKCU\..\Run: [QdrModule10] "C:\Program Files\QdrModule\QdrModule10.exe"
O4 - HKCU\..\Run: [Umndtab] C:\WINDOWS\??mbols\?poolsv.exe
O4 - HKCU\..\Run: [Router] C:\Program Files\Router\Router.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Tmxncb] C:\Program Files\Jrdoo\Dkorp.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\Plugins\RazaWebHook.dll/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://www.pspad.com
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...up1.0.0.15.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O20 - Winlogon Notify: pacp - C:\WINDOWS\Fonts\pacp.dll (file missing)
O20 - Winlogon Notify: pmkhg - pmkhg.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: lxdcCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdcserv.exe
O23 - Service: lxdc_device - - C:\WINDOWS\system32\lxdccoms.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service