[Antivirus Deleted & More Problems[RESOLVED]]

Thanks for looking this up MoNsTeReNeRgY22.

Didn't have time to reply yesterday, but I solved the wireless problem.

It was one value in a register =).

I'm still gonna try this program you suggested, in case other stuff got changed.

Like I said, I'm saving this thread, a lot of good solutions in here .

Thanks a lot for helping me solve this problem without having to reinstall from scratch.

And also for the fast replies.

Thx, El Cool.

[Antivirus Deleted & More Problems[RESOLVED]]

Thanks a lot. It seems all the symptoms of the virus are gone!

No more popups, and I can use some programs I couldn't before.

I have Avast installed now and I've reinstalled Sygate Firewall.

Both are working.

But... I still can't use my wireless network, so I cross-checked services with a working WinXP and saw that I had services disabled and stopped in my laptop, so I started them.

The main service for this to be Wireless Zero Configuation, and is the one I still can't turn on.

This two I need on, and are giving me the following erros:

• IPSEC Services. error 10048
  
• Wireless Zero Configuartion. error 1068
  

I don't know if you provide help for this, or where should I ask.

Everything else seems to be in working condition.

I have bookmarked this thread for future reference.

Again, thanks for your knowledge and the virus help, i'll await a reply on the other problem.

Thx.

[Antivirus Deleted & More Problems[RESOLVED]]

Kaspersky Log

-------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER REPORT

Monday, November 05, 2007 8:04:05 PM

Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.98.0

Kaspersky Anti-Virus database last update: 5/11/2007

Kaspersky Anti-Virus database records: 451806

-------------------------------------------------------------------------------

Scan Settings:

Scan using the following antivirus database: extended

Scan Archives: true

Scan Mail Bases: true

Scan Target - My Computer:

C:\

D:\

E:\

Scan Statistics:

Total number of scanned objects: 367772

Number of viruses found: 6

Number of infected objects: 34

Number of suspicious objects: 0

Duration of the scan process: 09:09:54

Infected Object Name / Virus Name / Last Action

C:\Documents and Settings\Administrator\Application Data\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Intuit\Quicken\Log\qw.log Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001\www.orkut.com\gtalksettings.sol Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Macromedia\Shockwave Player\Shockwave Log Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Address Book\Administrator.wab Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Address Book\Administrator.wab~ Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\CLR Security Config\v1.1.4322\security.config Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\CLR Security Config\v1.1.4322\security.config.cch Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{6815FCDD-401D-481E-BA88-31B4754C2B46}\ARPPRODUCTICON.exe Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{DB7E00C9-6DEF-489A-8112-D8F81614F45A}\ARPPRODUCTICON.exe Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{DB7E00C9-6DEF-489A-8112-D8F81614F45A}\NewShortcut11_DB7E00C96DEF489A8112D8F81614F45A.exe Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{DB7E00C9-6DEF-489A-8112-D8F81614F45A}\NewShortcut1_DB7E00C96DEF489A8112D8F81614F45A.exe Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{DB7E00C9-6DEF-489A-8112-D8F81614F45A}\NewShortcut2_DB7E00C96DEF489A8112D8F81614F45A.exe Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{DB7E00C9-6DEF-489A-8112-D8F81614F45A}\NewShortcut3_DB7E00C96DEF489A8112D8F81614F45A.exe Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{DB7E00C9-6DEF-489A-8112-D8F81614F45A}\NewShortcut4_DB7E00C96DEF489A8112D8F81614F45A.exe Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{DB7E00C9-6DEF-489A-8112-D8F81614F45A}\NewShortcut5_DB7E00C96DEF489A8112D8F81614F45A.exe Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{DB7E00C9-6DEF-489A-8112-D8F81614F45A}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\brndlog.bak Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\brndlog.txt Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Desktop.htt Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\My HP Games.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Netscape Browser.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\CREDHIST Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\S-1-5-21-1960408961-1580436667-839522115-500\794683b1-4d4e-4bef-a1f9-78789a3606b7 Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\S-1-5-21-1960408961-1580436667-839522115-500\Preferred Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\S-1-5-21-2884375415-3876599502-1020652433-500\8ab480b5-2343-4207-a72d-e3bc0fcb7fdf Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\S-1-5-21-2884375415-3876599502-1020652433-500\Preferred Object is locked skipped

C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Administrator\Desktop\3 Month Trial AOL Music Now.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Desktop\Help and Support.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Desktop\Windows Media Player.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Accessories.URL Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\eBay.URL Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Home.URL Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Links\Customize Links.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Links\Free Hotmail.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Links\Windows Marketplace.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Links\Windows Media.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Links\Windows.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\MSN.com.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Online Photos First 25 Free.URL Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Radio Station Guide.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Search.URL Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Shop.URL Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Sonic Solutions.URL Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Symantec Security.URL Object is locked skipped

C:\Documents and Settings\Administrator\History\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\History\History.IE5\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Administrator\History\History.IE5\MSHist012007031820070319\index.dat Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\ApplicationHistory\csc.exe.3e4ac0af.ini Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\ApplicationHistory\hpqthb08.exe.a935d1e0.ini Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\ApplicationHistory\IEActivex.exe.cccdbce.ini Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\ApplicationHistory\ngen.exe.2c05686e.ini Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\ApplicationHistory\SL1E7.tmp.e45845ec.ini Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\ApplicationHistory\SL70.tmp.a0a11ca2.ini Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\ApplicationHistory\SL84.tmp.c67ef9e5.ini Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\AtStart.txt Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\DSwitch.txt Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\cache\LastWrite.txt Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.cdx Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.dbf Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\handle.dat Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\HP\Digital Imaging\oov1_skindefV3.dat Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\IsolatedStorage\5ipgvyxa.22c\jaeew141.voz\StrongName.xitmqsrqvpqpovqi5kx5u3ghwej4ru23\AssemFiles\hpqedit.settings Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\IsolatedStorage\5ipgvyxa.22c\jaeew141.voz\StrongName.xitmqsrqvpqpovqi5kx5u3ghwej4ru23\identity.dat Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\IsolatedStorage\5ipgvyxa.22c\jaeew141.voz\StrongName.xitmqsrqvpqpovqi5kx5u3ghwej4ru23\info.dat Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNS.DTD Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNS.XML Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Works\Portfolio\wsbsamp.wsb Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\QSwitch.txt Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\Wildtangent\Cdacache\cdacache.odds Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}\1033.MST Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}\J2SE Runtime Environment 5.0 Update 6.msi Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Temp\CFG3F.tmp Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Temp\CFG44.tmp Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Temp\CFG49.tmp Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Temp\CFG4E.tmp Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Temp\MSI8eaa6.LOG Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Temp\MSI8eaa7.LOG Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Temp\MSI8eaa8.LOG Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Temp\PDFCreator\PDFCreatorSpool\~PS77.inf Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Temp\PDFCreator\PDFCreatorSpool\~PS77.tmp Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Temp\~DF8DF5.tmp Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Administrator\My Documents\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\My Documents\My Music\Desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\My Documents\My Music\Sample Music.lnk Object is locked skipped

C:\Documents and Settings\Administrator\My Documents\My Music\Samples.lnk Object is locked skipped

C:\Documents and Settings\Administrator\My Documents\My Pictures\Desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\My Documents\My Pictures\Sample Pictures.lnk Object is locked skipped

C:\Documents and Settings\Administrator\My Documents\My Pictures\Samples.lnk Object is locked skipped

C:\Documents and Settings\Administrator\My Documents\My Videos\Desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\My Documents\My Videos\Samples.lnk Object is locked skipped

C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Administrator\ntuser.ini Object is locked skipped

C:\Documents and Settings\Administrator\Recent\Desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\SendTo\Compressed (zipped) Folder.ZFSendToTarget Object is locked skipped

C:\Documents and Settings\Administrator\SendTo\Desktop (create shortcut).DeskLink Object is locked skipped

C:\Documents and Settings\Administrator\SendTo\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\SendTo\Mail Recipient.MAPIMail Object is locked skipped

C:\Documents and Settings\Administrator\SendTo\My Documents.mydocs Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Program Updates.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Address Book.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Command Prompt.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Entertainment\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Entertainment\Windows Media Player.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Notepad.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Program Compatibility Wizard.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Synchronize.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Tour Windows XP.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Windows Explorer.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Templates\amipro.sam Object is locked skipped

C:\Documents and Settings\Administrator\Templates\excel.xls Object is locked skipped

C:\Documents and Settings\Administrator\Templates\excel4.xls Object is locked skipped

C:\Documents and Settings\Administrator\Templates\lotus.wk4 Object is locked skipped

C:\Documents and Settings\Administrator\Templates\powerpnt.ppt Object is locked skipped

C:\Documents and Settings\Administrator\Templates\presenta.shw Object is locked skipped

C:\Documents and Settings\Administrator\Templates\quattro.wb2 Object is locked skipped

C:\Documents and Settings\Administrator\Templates\sndrec.wav Object is locked skipped

C:\Documents and Settings\Administrator\Templates\winword.doc Object is locked skipped

C:\Documents and Settings\Administrator\Templates\winword2.doc Object is locked skipped

C:\Documents and Settings\Administrator\Templates\wordpfct.wpd Object is locked skipped

C:\Documents and Settings\Administrator\Templates\wordpfct.wpg Object is locked skipped

C:\Documents and Settings\Administrator\Temporary Internet Files\Content.IE5\9HMLFV0L\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Temporary Internet Files\Content.IE5\CMJU4A8C\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Temporary Internet Files\Content.IE5\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Administrator\Temporary Internet Files\Content.IE5\PROXEY6F\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Temporary Internet Files\Content.IE5\U1AJWFEX\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Temporary Internet Files\desktop.ini Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\PET3R\.housecall6.6\Quarantine\14688046.exe.vir.bac_a00152 Infected: Trojan-Downloader.Win32.Bagle.fh skipped

C:\Documents and Settings\PET3R\.housecall6.6\Quarantine\14717500.exe.vir.bac_a00152 Infected: Trojan-Downloader.Win32.Bagle.fh skipped

C:\Documents and Settings\PET3R\.housecall6.6\Quarantine\14726281.exe.vir.bac_a00152 Infected: Trojan-Downloader.Win32.Bagle.fh skipped

C:\Documents and Settings\PET3R\.housecall6.6\Quarantine\18132046.exe.vir.bac_a00152 Infected: Trojan-Downloader.Win32.Bagle.fh skipped

C:\Documents and Settings\PET3R\.housecall6.6\Quarantine\258203.exe.vir.bac_a00152 Infected: Trojan-Downloader.Win32.Bagle.fh skipped

C:\Documents and Settings\PET3R\.housecall6.6\Quarantine\270937.exe.vir.bac_a00152 Infected: Trojan-Downloader.Win32.Bagle.fh skipped

C:\Documents and Settings\PET3R\.housecall6.6\Quarantine\29126000.exe.vir.bac_a00152 Infected: Trojan-Downloader.Win32.Bagle.fh skipped

C:\Documents and Settings\PET3R\.housecall6.6\Quarantine\29168406.exe.vir.bac_a00152 Infected: Trojan-Downloader.Win32.Bagle.fh skipped

C:\Documents and Settings\PET3R\.housecall6.6\Quarantine\295093.exe.vir.bac_a00152 Infected: Trojan-Downloader.Win32.Bagle.fh skipped

C:\Documents and Settings\PET3R\.housecall6.6\Quarantine\29866015.exe.vir.bac_a00152 Infected: Trojan-Downloader.Win32.Bagle.fh skipped

C:\Documents and Settings\PET3R\.housecall6.6\Quarantine\310031.exe.vir.bac_a00152 Infected: Trojan-Downloader.Win32.Bagle.fh skipped

C:\Documents and Settings\PET3R\.housecall6.6\Quarantine\3714578.exe.vir.bac_a00152 Infected: Trojan-Downloader.Win32.Bagle.fh skipped

C:\Documents and Settings\PET3R\.housecall6.6\Quarantine\919875.exe.vir.bac_a00152 Infected: Trojan-Downloader.Win32.Bagle.fh skipped

C:\Documents and Settings\PET3R\.housecall6.6\Quarantine\hidr.exe.vir.bac_a00152 Infected: Trojan-Downloader.Win32.Bagle.fc skipped

C:\Documents and Settings\PET3R\.housecall6.6\Quarantine\srosa.sys.vir.bac_a00152 Infected: Trojan-Downloader.Win32.Bagle.fc skipped

C:\Documents and Settings\PET3R\.housecall6.6\Quarantine\wintems.exe.vir.bac_a00152 Infected: Trojan-Downloader.Win32.Bagle.fh skipped

C:\Documents and Settings\PET3R\.housecall6.6\Quarantine\wmpnscfg.exe.bac_a00152 Infected: Trojan-Downloader.Win32.Bagle.fc skipped

C:\Documents and Settings\PET3R\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\PET3R\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\PET3R\History\History.IE5\MSHist012007110520071106\index.dat Object is locked skipped

C:\Documents and Settings\PET3R\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\PET3R\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\PET3R\Local Settings\Temp\jar_cache64323.tmp Object is locked skipped

C:\Documents and Settings\PET3R\Local Settings\Temp\jar_cache64324.tmp Object is locked skipped

C:\Documents and Settings\PET3R\Local Settings\Temp\Perflib_Perfdata_35c.dat Object is locked skipped

C:\Documents and Settings\PET3R\Local Settings\Temp\Perflib_Perfdata_420.dat Object is locked skipped

C:\Documents and Settings\PET3R\Local Settings\Temp\~._cmt57630.tmp Object is locked skipped

C:\Documents and Settings\PET3R\Local Settings\Temp\~._cmt57630.tmp.lck Object is locked skipped

C:\Documents and Settings\PET3R\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\PET3R\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\PET3R\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Downloads\vnc-4_1_2-x86_win32.exe/file1 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped

C:\Downloads\vnc-4_1_2-x86_win32.exe/file2 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped

C:\Downloads\vnc-4_1_2-x86_win32.exe/file3 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped

C:\Downloads\vnc-4_1_2-x86_win32.exe/file5 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped

C:\Downloads\vnc-4_1_2-x86_win32.exe Inno: infected - 4 skipped

C:\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.621 skipped

C:\mIRC\mirc621.exe/stream/data0008 Infected: not-a-virus:Client-IRC.Win32.mIRC.621 skipped

C:\mIRC\mirc621.exe/stream Infected: not-a-virus:Client-IRC.Win32.mIRC.621 skipped

C:\mIRC\mirc621.exe NSIS: infected - 2 skipped

C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\report\Resident protection.txt Object is locked skipped

C:\Program Files\IBM\Client Access\eclipse\configuration\org.eclipse.core.runtime\.manager\.tmp64320.instance Object is locked skipped

C:\Program Files\IBM\Client Access\eclipse\workspace\.metadata\.applicationlock Object is locked skipped

C:\Program Files\IBM\Client Access\eclipse\workspace\.metadata\.plugins\org.eclipse.tomcat\catalina.2007-11-05.log Object is locked skipped

C:\Program Files\IBM\Rational\SDP\6.0\eclipse\configuration\org.eclipse.core.runtime\.manager\.tmp57629.instance Object is locked skipped

C:\Program Files\IBM\Rational\SDP\6.0\runtimes\base_v6\profiles\default\logs\server1\native_stderr.log Object is locked skipped

C:\Program Files\IBM\Rational\SDP\6.0\runtimes\base_v6\profiles\default\logs\server1\native_stdout.log Object is locked skipped

C:\Program Files\IBM\Rational\SDP\6.0\runtimes\base_v6\profiles\default\logs\server1\SystemErr.log Object is locked skipped

C:\Program Files\IBM\Rational\SDP\6.0\runtimes\base_v6\profiles\default\logs\server1\SystemOut.log Object is locked skipped

C:\Program Files\IBM\Rational\SDP\6.0\runtimes\base_v6\profiles\default\logs\server1\trace.log Object is locked skipped

C:\Program Files\IBM\Rational\SDP\6.0\runtimes\base_v6\profiles\default\tranlog\PeterLappyNode01Cell\PeterLappyNode01\server1\transaction\partnerlog\log1 Object is locked skipped

C:\Program Files\IBM\Rational\SDP\6.0\runtimes\base_v6\profiles\default\tranlog\PeterLappyNode01Cell\PeterLappyNode01\server1\transaction\partnerlog\log2 Object is locked skipped

C:\Program Files\IBM\Rational\SDP\6.0\runtimes\base_v6\profiles\default\tranlog\PeterLappyNode01Cell\PeterLappyNode01\server1\transaction\tranlog\log1 Object is locked skipped

C:\Program Files\IBM\Rational\SDP\6.0\runtimes\base_v6\profiles\default\tranlog\PeterLappyNode01Cell\PeterLappyNode01\server1\transaction\tranlog\log2 Object is locked skipped

C:\Program Files\IBM\Rational\SDP\6.0\runtimes\base_v6\profiles\default\wstemp\events\eventbuffer0.ser Object is locked skipped

C:\Program Files\IBM\Rational\SDP\6.0\runtimes\base_v6\profiles\default\wstemp\events\eventbuffer1.ser Object is locked skipped

C:\Program Files\IBM\Rational\SDP\6.0\runtimes\base_v6\profiles\default\wstemp\events\eventbuffer2.ser Object is locked skipped

C:\Program Files\MySQL\MySQL Server 5.0\data\ibdata1 Object is locked skipped

C:\Program Files\MySQL\MySQL Server 5.0\data\ib_logfile0 Object is locked skipped

C:\Program Files\MySQL\MySQL Server 5.0\data\ib_logfile1 Object is locked skipped

C:\Program Files\MySQL\MySQL Server 5.0\data\PeterLappy.err Object is locked skipped

C:\Program Files\RealVNC\VNC4\vncconfig.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped

C:\Program Files\RealVNC\VNC4\vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped

C:\Program Files\RealVNC\VNC4\winvnc4.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped

C:\Program Files\RealVNC\VNC4\wm_hooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped

C:\qoobox\Quarantine\C\Program Files\Screensavers.com\SSSInstaller\bin\sinstaller3.exe.vir/data0002 Infected: not-a-virus:AdWare.Win32.Comet.bl skipped

C:\qoobox\Quarantine\C\Program Files\Screensavers.com\SSSInstaller\bin\sinstaller3.exe.vir NSIS: infected - 1 skipped

C:\qoobox\Quarantine\C\Program Files\Screensavers.com\SSSInstaller\bin\SSSInstaller.dll.vir Infected: not-a-virus:AdWare.Win32.Comet.bl skipped

C:\qoobox\Quarantine\C\WINDOWS\exefld\271250.exe.vir Infected: Trojan-Spy.Win32.Banker.fon skipped

C:\RECYCLER\NPROTECT\NPROTECT.LOG Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{92C59AFD-37DD-4258-9A65-0C972A6EBD14}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped

C:\WINDOWS\system32\config\OSession.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\MsDtc\MSDTC.LOG Object is locked skipped

C:\WINDOWS\system32\MsDtc\Trace\dtctrace.log Object is locked skipped

C:\WINDOWS\system32\msmq\storage\QMLog Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\TEMP\ib2 Object is locked skipped

C:\WINDOWS\TEMP\ib3 Object is locked skipped

C:\WINDOWS\TEMP\ib4 Object is locked skipped

C:\WINDOWS\TEMP\ib5 Object is locked skipped

C:\WINDOWS\TEMP\ib6 Object is locked skipped

C:\WINDOWS\TEMP\Perflib_Perfdata_278.dat Object is locked skipped

C:\WINDOWS\TEMP\_avast4_\Webshlock.txt Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

[Antivirus Deleted & More Problems[RESOLVED]]

Avast has finished.

Since I ran it from Safe Mode, the file aswBoot.txt is empty. I'm still looking around if it has a way of making a report of this.

It found and moved and deleted some threats. Most I had to delete them, because it wouldn't move them to the chest.

I registered Avast now... before it wouldn't take me to the site, just keep getting error messages.

I now have Avast running in Normal Mode, which I couldn't do before.

I also installed the Sygate Firewall I had before, finally!

I'm not getting any popups for now, but I've been on for about half an hour only.

And the wireless is still not working.

Here's the HiJack This Log:

HiJack This

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 9:22:45 AM, on 11/5/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\NetScreen\NetScreen-Remote\IreIKE.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Google\Google Talk\googletalk.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Lexmark 9300 Series\lxcqmon.exe

C:\Program Files\Lexmark 9300 Series\ezprint.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe

C:\Program Files\NetScreen\NetScreen-Remote\SafeCfg.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHALDCS.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\NetScreen\NetScreen-Remote\IPSecMon.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\mqsvc.exe

C:\WINDOWS\system32\mqtgsvc.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\WINDOWS\system32\msiexec.exe

C:\WINDOWS\system32\lxcqcoms.exe

C:\Program Files\Alwil Software\Avast4\ashSimpl.exe

C:\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://localhost:9080/RAPID

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...o&pf=laptop

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll

O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll

O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"

O4 - HKLM\..\Run: [lxcqmon.exe] "C:\Program Files\Lexmark 9300 Series\lxcqmon.exe"

O4 - HKLM\..\Run: [Lexmark 9300 Series Fax Server] "C:\Program Files\Lexmark 9300 Series\fm3032.exe" /s

O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 9300 Series\ezprint.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [LXCQCATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCQtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\RunOnce: [] C:\Program Files\Internet Explorer\IEXPLORE.EXE http://www.symantec.com/techsupp/servlet/P...00001f.0000005e

O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe

O4 - Global Startup: NetScreen-Remote.lnk = C:\Program Files\NetScreen\NetScreen-Remote\SafeCfg.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Edit with Altova X&MLSpy - C:\Program Files\Altova\XMLSpy2007\spy.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2007\spy.htm

O9 - Extra 'Tools' menuitem: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2007\spy.htm

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)

O12 - Plugin for .NPSSView: C:\Program Files\Seagate Software\Viewers\ActiveXViewer\\NPssView.dll

O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop

O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {71C140F3-1A84-430B-9035-68815582DC79} (Crystal Report Prompt Info Control) - http://192.168.3.187/viewer/activeXViewer/...meterdialog.cab

O16 - DPF: {B0882EB7-81A5-4A11-8D45-71888F973933} (fortisslvpn Class) - https://207.150.244.172/sslvpn.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL

O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apache2 - Apache Software Foundation - C:\Program Files\Apache Group\Apache2\bin\Apache.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Crystal Cache Server (CacheServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\cacheserver.exe

O23 - Service: Crystal APS (CrystalAPS) - Seagate Software, Inc. - C:\Program Files\Seagate Software\Enterprise\x86\CrystalAPS.exe

O23 - Service: Crystal Input File Repository Server (CrystalInputFileServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\Enterprise\x86\inputfileserver.exe

O23 - Service: Crystal Output File Repository Server (CrystalOutputFileServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\Enterprise\x86\outputfileserver.exe

O23 - Service: CVSNT Locking Service 2.5.03.2382 (cvslock) - Unknown owner - C:\Program Files\CVSNT\cvslock.exe

O23 - Service: CVSNT Dispatch service 2.5.03.2382 (cvsnt) - March Hare Software Ltd - C:\Program Files\CVSNT\cvsservice.exe

O23 - Service: iSeries Access for Windows Remote Command (Cwbrxd) - IBM Corporation - C:\WINDOWS\CWBRXD.EXE

O23 - Service: DCS Loader (DCSLoader) - Oki Data Corporation - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHALDCS.EXE

O23 - Service: FortiSslvpnDaemon - Fortinet Inc. - C:\WINDOWS\system32\FortiSslvpnDaemon.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildTangent\Apps\My HP Game Console\GameConsoleService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: SafeNet Monitor Service (IPSECMON) - SafeNet - C:\Program Files\NetScreen\NetScreen-Remote\IPSecMon.exe

O23 - Service: SafeNet IKE Service (IREIKE) - SafeNet - C:\Program Files\NetScreen\NetScreen-Remote\IreIKE.exe

O23 - Service: Crystal Report Job Server (JobServer_Report) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\JobServer.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: lxcq_device - - C:\WINDOWS\system32\lxcqcoms.exe

O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)

O23 - Service: Crystal Page Server (pageserver) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\pageserver.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

O23 - Service: Crystal Web Component Server (WebCompServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\WebCompServer.exe

--

End of file - 13746 bytes

[Antivirus Deleted & More Problems[RESOLVED]]

Step 1 - I uninstalled norton with the removal tool. Folders were deleted in the process.

Step 2 - Ran housecall. It took a while and 3 times my browser closed on its own and I had to start it again, but it finished. Deleted some worms and trojans.

Step 3 - I'm currently running the scanning. After the first installation and restart, the .exe was deleted upon entering Windows. So I tried running in Safe mode, but couldn't get in it. So I ran ComboFix again, then updated the registry with the fix you gave me, installed Avast again, and now I'm in Safe Mode running a Thorough Scan.

I'll update the post when its done. Just letting you now my status.

[Antivirus Deleted & More Problems[RESOLVED]]

OK. Done.

Did Step 1, Step 2, and Step 3 of your last post.

I am still not able to run an AntiVirus. I tried reinstalling Norton but it gets cancelled due to missing files and Panda says I don't have permissions to install ActiveX.

Anyways, I uninstalled Norton, got an error in the process of a missing file, but it still uninstalled.

I did the Jotti procedure but the file C:\Program.exe does not exist, so nothing happened.

This is what I got back from www.virustotal.com:

0 bytes size received / Se ha recibido un archivo vacio

Here is the new HJT log:

HiJackThis log

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 3:23:41 PM, on 11/3/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\NetScreen\NetScreen-Remote\IreIKE.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Google\Google Talk\googletalk.exe

C:\Program Files\Lexmark 9300 Series\lxcqmon.exe

C:\Program Files\Lexmark 9300 Series\ezprint.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\NetScreen\NetScreen-Remote\SafeCfg.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHALDCS.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\NetScreen\NetScreen-Remote\IPSecMon.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\WINDOWS\system32\lxcqcoms.exe

C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\mqsvc.exe

C:\WINDOWS\system32\mqtgsvc.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\HiJackThis\HiJackThis.exe

C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://localhost:9080/RAPID

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...o&pf=laptop

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll

O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll

O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"

O4 - HKLM\..\Run: [lxcqmon.exe] "C:\Program Files\Lexmark 9300 Series\lxcqmon.exe"

O4 - HKLM\..\Run: [Lexmark 9300 Series Fax Server] "C:\Program Files\Lexmark 9300 Series\fm3032.exe" /s

O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 9300 Series\ezprint.exe"

O4 - HKLM\..\Run: [LXCQCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCQtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe

O4 - Global Startup: NetScreen-Remote.lnk = C:\Program Files\NetScreen\NetScreen-Remote\SafeCfg.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Edit with Altova X&MLSpy - C:\Program Files\Altova\XMLSpy2007\spy.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2007\spy.htm

O9 - Extra 'Tools' menuitem: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2007\spy.htm

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)

O12 - Plugin for .NPSSView: C:\Program Files\Seagate Software\Viewers\ActiveXViewer\\NPssView.dll

O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop

O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {71C140F3-1A84-430B-9035-68815582DC79} (Crystal Report Prompt Info Control) - http://192.168.3.187/viewer/activeXViewer/...meterdialog.cab

O16 - DPF: {B0882EB7-81A5-4A11-8D45-71888F973933} (fortisslvpn Class) - https://207.150.244.172/sslvpn.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL

O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apache2 - Apache Software Foundation - C:\Program Files\Apache Group\Apache2\bin\Apache.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Crystal Cache Server (CacheServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\cacheserver.exe

O23 - Service: Crystal APS (CrystalAPS) - Seagate Software, Inc. - C:\Program Files\Seagate Software\Enterprise\x86\CrystalAPS.exe

O23 - Service: Crystal Input File Repository Server (CrystalInputFileServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\Enterprise\x86\inputfileserver.exe

O23 - Service: Crystal Output File Repository Server (CrystalOutputFileServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\Enterprise\x86\outputfileserver.exe

O23 - Service: CVSNT Locking Service 2.5.03.2382 (cvslock) - Unknown owner - C:\Program Files\CVSNT\cvslock.exe

O23 - Service: CVSNT Dispatch service 2.5.03.2382 (cvsnt) - March Hare Software Ltd - C:\Program Files\CVSNT\cvsservice.exe

O23 - Service: iSeries Access for Windows Remote Command (Cwbrxd) - IBM Corporation - C:\WINDOWS\CWBRXD.EXE

O23 - Service: DCS Loader (DCSLoader) - Oki Data Corporation - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHALDCS.EXE

O23 - Service: FortiSslvpnDaemon - Fortinet Inc. - C:\WINDOWS\system32\FortiSslvpnDaemon.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildTangent\Apps\My HP Game Console\GameConsoleService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: SafeNet Monitor Service (IPSECMON) - SafeNet - C:\Program Files\NetScreen\NetScreen-Remote\IPSecMon.exe

O23 - Service: SafeNet IKE Service (IREIKE) - SafeNet - C:\Program Files\NetScreen\NetScreen-Remote\IreIKE.exe

O23 - Service: Crystal Report Job Server (JobServer_Report) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\JobServer.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: lxcq_device - - C:\WINDOWS\system32\lxcqcoms.exe

O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)

O23 - Service: Crystal Page Server (pageserver) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\pageserver.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Crystal Web Component Server (WebCompServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\WebCompServer.exe

--

End of file - 12435 bytes

[Antivirus Deleted & More Problems[RESOLVED]]

Oh. Interesting. =)

Ok. Here it is:

Step 1 List:

ABBYY FineReader 6.0 Sprint

Adobe Bridge 1.0

Adobe Common File Installer

Adobe Flash Player 9 ActiveX

Adobe Help Center 1.0

Adobe Photoshop CS2

Adobe Reader 8.1.1

Adobe Stock Photos 1.0

Adobe® Photoshop® Album Starter Edition 3.2

Altova MissionKit for Enterprise XML Developers

Antechinus JavaScript Editor v9.0

Apache HTTP Server 2.0.59

Apple Mobile Device Support

Apple Software Update

AtomixMP3 v2.1

BitTornado 0.3.17

ccCommon

Conexant HD Audio

Crystal Enterprise

Crystal Enterprise APS Admin Plugin

Crystal Enterprise Favorites Folder Plugin

Customer Experience Enhancement

CVSNT 2.5.03.2382

DivX

eMule

Enterprise Information Portal for Multiplatforms

exPressit S.E. 2.1

ffdshow (remove only)

FutureDecks Pro 1.0.0

Google Talk (remove only)

HijackThis 2.0.2

Hotfix for Microsoft .NET Framework 3.0 (KB932471)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB896256)

Hotfix for Windows XP (KB896344)

Hotfix for Windows XP (KB909095)

Hotfix for Windows XP (KB910728)

Hotfix for Windows XP (KB912436)

Hotfix for Windows XP (KB914440)

Hotfix for Windows XP (KB914906)

Hotfix for Windows XP (KB915326)

Hotfix for Windows XP (KB915865)

Hotfix for Windows XP (KB918005)

Hotfix for Windows XP (KB926239)

HP Help and Support

HP Imaging Device Functions 6.0

HP Photosmart Premier Software 6.0

HP Quick Launch Buttons 6.10 A2

HP QuickPlay 2.3

HP Update

HP User Guides 0035

HP Wireless Assistant 2.00 G2

IBM Content Manager for iSeries Client for Windows

IBM iSeries Access for Windows

IBM WebSphere Development Studio Client for iSeries V6.0

IBM WebSphere Studio Application Developer 5.1

Image Page Procesor

Intel® Graphics Media Accelerator Driver

Intel® PRO Network Connections Drivers

Internet Worm Protection

iTunes

J2SE Runtime Environment 5.0 Update 11

Java 6 Update 3

Java SE Runtime Environment 6 Update 1

Karaoke Builder CD+G Player

Lemonade Tycoon

Lexmark 9300 Series

LiveReg (Symantec Corporation)

LiveUpdate 3.0 (Symantec Corporation)

Macromedia Contribute 3.11

Macromedia Dreamweaver 8

Macromedia Extension Manager

Macromedia Fireworks 8

Macromedia Flash 8

Macromedia Flash 8 Video Encoder

Macromedia Flash Player 8

Macromedia Flash Player 8

Macromedia Flash Player 8 Plugin

Macromedia Shockwave Player

Magic ISO Maker v5.4 (build 0239)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Hotfix (KB928366)

Microsoft .NET Framework 2.0

Microsoft .NET Framework 3.0

Microsoft .NET Framework 3.0

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Project MUI (English) 2007

Microsoft Office Project Professional 2007

Microsoft Office Project Professional 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Visio MUI (English) 2007

Microsoft Office Visio Professional 2007

Microsoft Office Visio Professional 2007

Microsoft Office Word MUI (English) 2007

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Works

mIRC

Mozilla Firefox (2.0.0.8)

MSRedist

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 6.0 Parser (KB933579)

MSXML4 Parser

My HP Games

MySQL Connector/ODBC 3.51

MySQL Server 5.0

MySQL Tools for 5.0

NetScreen Remote Login

NetScreen-Remote

NetWaiting

No-IP.com DUC (remove only)

Norton AntiVirus 2005

Norton AntiVirus Parent MSI

Norton CleanSweep

Norton SystemWorks

Norton SystemWorks 2005 (Symantec Corporation)

Norton Utilities

Norton WMI Update

NoteTab Light (Remove only)

NSW_DRM_COLLECTION

Office 2003 Trial Assistant

PDFCreator

PDFCreator Toolbar

PowerISO

Presto! Forms 3.50.02

Presto! PageManager 7.12.10

QuickTime

RealPlayer

REM 1.2.2

Rise of Nations

Roxio Easy Media Creator 7

Sandlot Games Client Services

Security Update for Microsoft .NET Framework 2.0 (KB928365)

Security Update for Step By Step Interactive Training (KB898458)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 7 (KB937143)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB939653)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows Media Player 9 (KB911565)

Security Update for Windows XP (KB893066)

Security Update for Windows XP (KB893756)

Security Update for Windows XP (KB896358)

Security Update for Windows XP (KB896422)

Security Update for Windows XP (KB896423)

Security Update for Windows XP (KB896424)

Security Update for Windows XP (KB896428)

Security Update for Windows XP (KB899587)

Security Update for Windows XP (KB899591)

Security Update for Windows XP (KB900725)

Security Update for Windows XP (KB901017)

Security Update for Windows XP (KB901190)

Security Update for Windows XP (KB901214)

Security Update for Windows XP (KB902400)

Security Update for Windows XP (KB903235)

Security Update for Windows XP (KB904706)

Security Update for Windows XP (KB905414)

Security Update for Windows XP (KB905749)

Security Update for Windows XP (KB908519)

Security Update for Windows XP (KB911562)

Security Update for Windows XP (KB911927)

Security Update for Windows XP (KB912919)

Security Update for Windows XP (KB913446)

Security Update for Windows XP (KB913580)

Security Update for Windows XP (KB914388)

Security Update for Windows XP (KB914389)

Security Update for Windows XP (KB917344)

Security Update for Windows XP (KB917422)

Security Update for Windows XP (KB917537)

Security Update for Windows XP (KB917953)

Security Update for Windows XP (KB918118)

Security Update for Windows XP (KB918439)

Security Update for Windows XP (KB919007)

Security Update for Windows XP (KB920213)

Security Update for Windows XP (KB920670)

Security Update for Windows XP (KB920683)

Security Update for Windows XP (KB920685)

Security Update for Windows XP (KB921398)

Security Update for Windows XP (KB921503)

Security Update for Windows XP (KB922616)

Security Update for Windows XP (KB922819)

Security Update for Windows XP (KB923191)

Security Update for Windows XP (KB923414)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB923694)

Security Update for Windows XP (KB923980)

Security Update for Windows XP (KB924191)

Security Update for Windows XP (KB924270)

Security Update for Windows XP (KB924496)

Security Update for Windows XP (KB924667)

Security Update for Windows XP (KB925454)

Security Update for Windows XP (KB925902)

Security Update for Windows XP (KB926255)

Security Update for Windows XP (KB926436)

Security Update for Windows XP (KB927779)

Security Update for Windows XP (KB927802)

Security Update for Windows XP (KB928090)

Security Update for Windows XP (KB928255)

Security Update for Windows XP (KB928843)

Security Update for Windows XP (KB929123)

Security Update for Windows XP (KB929969)

Security Update for Windows XP (KB930178)

Security Update for Windows XP (KB931261)

Security Update for Windows XP (KB931768)

Security Update for Windows XP (KB931784)

Security Update for Windows XP (KB932168)

Security Update for Windows XP (KB933566)

Security Update for Windows XP (KB933729)

Security Update for Windows XP (KB935839)

Security Update for Windows XP (KB935840)

Security Update for Windows XP (KB936021)

Security Update for Windows XP (KB937143)

Security Update for Windows XP (KB938127)

Security Update for Windows XP (KB938829)

Security Update for Windows XP (KB939373)

Security Update for Windows XP (KB941202)

SmartFTP Client 2.0

SnagIt 8

Soft Data Fax Modem with SmartCP

Sonic Audio Module

Sonic Copy Module

Sonic Data Module

Sonic Express Labeler

Sonic MyDVD Plus

Sonic Update Manager

SPBBC

Super Mp3 Editor 5.0

Symantec KB-DocID:2003093015493306

Symantec Script Blocking Installer

SymNet

Synaptics Pointing Device Driver

Tank-o-Box

TortoiseCVS 1.8.30

Trillian

Update for Windows XP (KB894391)

Update for Windows XP (KB896727)

Update for Windows XP (KB898461)

Update for Windows XP (KB900485)

Update for Windows XP (KB904942)

Update for Windows XP (KB908531)

Update for Windows XP (KB910437)

Update for Windows XP (KB911280)

Update for Windows XP (KB916595)

Update for Windows XP (KB920872)

Update for Windows XP (KB922582)

Update for Windows XP (KB925720)

Update for Windows XP (KB925876)

Update for Windows XP (KB927891)

Update for Windows XP (KB929338)

Update for Windows XP (KB930916)

Update for Windows XP (KB931836)

Update for Windows XP (KB933360)

Update for Windows XP (KB936357)

Update for Windows XP (KB938828)

VNC Free Edition 4.1.2

Vongo

WildTangent Web Driver

Windows Communication Foundation

Windows Imaging Component

Windows Installer 3.1 (KB893803)

Windows Internet Explorer 7

Windows Live Messenger

Windows Media Connect

Windows Media Format 11 runtime

Windows Media Format 11 runtime

Windows Media Player 11

Windows Media Player 11

Windows Presentation Foundation

Windows Workflow Foundation

Windows XP Hotfix - KB873333

Windows XP Hotfix - KB873339

Windows XP Hotfix - KB884575

Windows XP Hotfix - KB885250

Windows XP Hotfix - KB885464

Windows XP Hotfix - KB885835

Windows XP Hotfix - KB885836

Windows XP Hotfix - KB885855

Windows XP Hotfix - KB885884

Windows XP Hotfix - KB886185

Windows XP Hotfix - KB887472

Windows XP Hotfix - KB888113

Windows XP Hotfix - KB888239

Windows XP Hotfix - KB888302

Windows XP Hotfix - KB888402

Windows XP Hotfix - KB889673

Windows XP Hotfix - KB890859

Windows XP Hotfix - KB891781

Windows XP Hotfix - KB892559

WinMerge 2.2.4.0

WinRAR archiver

Wireless Home Network Setup

Ok..

In Step 2, the first two O2 on the list are not in the scan.

I do have one listed from the previous scan: O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)

The third O2 is there for checking and so is O3.

I want to note that the O16 one, fortisslvpn, I remember it being installed in summer for work. It allows me to connect to a vpn. If you believe it has to be fixed, i'll click it and have them install it again later on.

I kept on reading to see if I could do anything else, but I think I shouldn't. I didn't click Fix Checked yet, since this situation came up, so I'll wait until you give me the go.

Here is the HiJackThis I'm getting now.

HiJackThis

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 4:20:07 PM, on 11/2/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\NetScreen\NetScreen-Remote\IreIKE.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Google\Google Talk\googletalk.exe

C:\Program Files\Lexmark 9300 Series\lxcqmon.exe

C:\Program Files\Lexmark 9300 Series\ezprint.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\NetScreen\NetScreen-Remote\SafeCfg.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHALDCS.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\NetScreen\NetScreen-Remote\IPSecMon.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\WINDOWS\system32\lxcqcoms.exe

C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\mqsvc.exe

C:\WINDOWS\system32\mqtgsvc.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\IBM\Rational\SDP\6.0\eclipse\eclipse.exe

C:\Program Files\IBM\Rational\SDP\6.0\eclipse\jre\bin\javaw.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\IBM\Rational\SDP\6.0\runtimes\base_v6\java\bin\java.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\IBM\Client Access\cwbunnav.exe

C:\Program Files\IBM\Client Access\jre\bin\javaw.exe

C:\Program Files\iTunes\iTunes.exe

C:\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://localhost:9080/RAPID

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...o&pf=laptop

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll

O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll

O3 - Toolbar: Starware Screensavers Toolbar - {1962c5bc-e475-465b-823b-133e711bceb9} - C:\Program Files\Starware316\bin\Starware316.dll (file missing)

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"

O4 - HKLM\..\Run: [lxcqmon.exe] "C:\Program Files\Lexmark 9300 Series\lxcqmon.exe"

O4 - HKLM\..\Run: [Lexmark 9300 Series Fax Server] "C:\Program Files\Lexmark 9300 Series\fm3032.exe" /s

O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 9300 Series\ezprint.exe"

O4 - HKLM\..\Run: [LXCQCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCQtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe

O4 - Global Startup: NetScreen-Remote.lnk = C:\Program Files\NetScreen\NetScreen-Remote\SafeCfg.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Edit with Altova X&MLSpy - C:\Program Files\Altova\XMLSpy2007\spy.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2007\spy.htm

O9 - Extra 'Tools' menuitem: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2007\spy.htm

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)

O12 - Plugin for .NPSSView: C:\Program Files\Seagate Software\Viewers\ActiveXViewer\\NPssView.dll

O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop

O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {71C140F3-1A84-430B-9035-68815582DC79} (Crystal Report Prompt Info Control) - http://192.168.3.187/viewer/activeXViewer/...meterdialog.cab

O16 - DPF: {B0882EB7-81A5-4A11-8D45-71888F973933} (fortisslvpn Class) - https://207.150.244.172/sslvpn.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL

O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apache2 - Apache Software Foundation - C:\Program Files\Apache Group\Apache2\bin\Apache.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Crystal Cache Server (CacheServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\cacheserver.exe

O23 - Service: Crystal APS (CrystalAPS) - Seagate Software, Inc. - C:\Program Files\Seagate Software\Enterprise\x86\CrystalAPS.exe

O23 - Service: Crystal Input File Repository Server (CrystalInputFileServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\Enterprise\x86\inputfileserver.exe

O23 - Service: Crystal Output File Repository Server (CrystalOutputFileServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\Enterprise\x86\outputfileserver.exe

O23 - Service: CVSNT Locking Service 2.5.03.2382 (cvslock) - Unknown owner - C:\Program Files\CVSNT\cvslock.exe

O23 - Service: CVSNT Dispatch service 2.5.03.2382 (cvsnt) - March Hare Software Ltd - C:\Program Files\CVSNT\cvsservice.exe

O23 - Service: iSeries Access for Windows Remote Command (Cwbrxd) - IBM Corporation - C:\WINDOWS\CWBRXD.EXE

O23 - Service: DCS Loader (DCSLoader) - Oki Data Corporation - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHALDCS.EXE

O23 - Service: FortiSslvpnDaemon - Fortinet Inc. - C:\WINDOWS\system32\FortiSslvpnDaemon.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildTangent\Apps\My HP Game Console\GameConsoleService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: SafeNet Monitor Service (IPSECMON) - SafeNet - C:\Program Files\NetScreen\NetScreen-Remote\IPSecMon.exe

O23 - Service: SafeNet IKE Service (IREIKE) - SafeNet - C:\Program Files\NetScreen\NetScreen-Remote\IreIKE.exe

O23 - Service: Crystal Report Job Server (JobServer_Report) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\JobServer.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: lxcq_device - - C:\WINDOWS\system32\lxcqcoms.exe

O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)

O23 - Service: Crystal Page Server (pageserver) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\pageserver.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE

O23 - Service: Crystal Web Component Server (WebCompServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\WebCompServer.exe

--

End of file - 13571 bytes

[Antivirus Deleted & More Problems[RESOLVED]]

Done.

I fixed the registry, and I am now able to boot in Safe Mode.

*Awaiting further instructions*

Just curious, where do you find out the original/correct values for each registry ?

[Antivirus Deleted & More Problems[RESOLVED]]

Thx MoNsTeReNeRgY22

Downloaded HiJackThis and Combofix. Here are the logs:

HiJack This log:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 3:57:07 PM, on 11/1/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\NetScreen\NetScreen-Remote\IreIKE.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Google\Google Talk\googletalk.exe

C:\Program Files\Lexmark 9300 Series\lxcqmon.exe

C:\Program Files\Lexmark 9300 Series\ezprint.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\NetScreen\NetScreen-Remote\SafeCfg.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHALDCS.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\NetScreen\NetScreen-Remote\IPSecMon.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\mqsvc.exe

C:\WINDOWS\system32\mqtgsvc.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\lxcqcoms.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Program Files\IBM\Rational\SDP\6.0\eclipse\eclipse.exe

C:\Program Files\IBM\Rational\SDP\6.0\eclipse\jre\bin\javaw.exe

C:\Program Files\IBM\Rational\SDP\6.0\runtimes\base_v6\java\bin\java.exe

C:\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...o&pf=laptop

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://localhost:9080/RAPID

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...o&pf=laptop

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O1 - Hosts: 176.185.1.1 iseries

O1 - Hosts: 98.19.1.11 odysseus

O1 - Hosts: 98.19.1.4 aux400

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {18AA4575-67E5-4807-92AF-A4923D98E974} - (no file)

O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)

O2 - BHO: (no name) - {5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e} - C:\Program Files\Starware316\bin\Starware316.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll

O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll

O3 - Toolbar: Starware Screensavers Toolbar - {1962c5bc-e475-465b-823b-133e711bceb9} - C:\Program Files\Starware316\bin\Starware316.dll

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"

O4 - HKLM\..\Run: [lxcqmon.exe] "C:\Program Files\Lexmark 9300 Series\lxcqmon.exe"

O4 - HKLM\..\Run: [Lexmark 9300 Series Fax Server] "C:\Program Files\Lexmark 9300 Series\fm3032.exe" /s

O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 9300 Series\ezprint.exe"

O4 - HKLM\..\Run: [LXCQCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCQtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe

O4 - Global Startup: NetScreen-Remote.lnk = C:\Program Files\NetScreen\NetScreen-Remote\SafeCfg.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Edit with Altova X&MLSpy - C:\Program Files\Altova\XMLSpy2007\spy.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2007\spy.htm

O9 - Extra 'Tools' menuitem: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2007\spy.htm

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)

O12 - Plugin for .NPSSView: C:\Program Files\Seagate Software\Viewers\ActiveXViewer\\NPssView.dll

O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop

O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {71C140F3-1A84-430B-9035-68815582DC79} (Crystal Report Prompt Info Control) - http://192.168.3.187/viewer/activeXViewer/...meterdialog.cab

O16 - DPF: {B0882EB7-81A5-4A11-8D45-71888F973933} (fortisslvpn Class) - https://207.150.244.172/sslvpn.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL

O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apache2 - Apache Software Foundation - C:\Program Files\Apache Group\Apache2\bin\Apache.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Crystal Cache Server (CacheServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\cacheserver.exe

O23 - Service: Crystal APS (CrystalAPS) - Seagate Software, Inc. - C:\Program Files\Seagate Software\Enterprise\x86\CrystalAPS.exe

O23 - Service: Crystal Input File Repository Server (CrystalInputFileServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\Enterprise\x86\inputfileserver.exe

O23 - Service: Crystal Output File Repository Server (CrystalOutputFileServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\Enterprise\x86\outputfileserver.exe

O23 - Service: CVSNT Locking Service 2.5.03.2382 (cvslock) - Unknown owner - C:\Program Files\CVSNT\cvslock.exe

O23 - Service: CVSNT Dispatch service 2.5.03.2382 (cvsnt) - March Hare Software Ltd - C:\Program Files\CVSNT\cvsservice.exe

O23 - Service: iSeries Access for Windows Remote Command (Cwbrxd) - IBM Corporation - C:\WINDOWS\CWBRXD.EXE

O23 - Service: DCS Loader (DCSLoader) - Oki Data Corporation - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHALDCS.EXE

O23 - Service: FortiSslvpnDaemon - Fortinet Inc. - C:\WINDOWS\system32\FortiSslvpnDaemon.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildTangent\Apps\My HP Game Console\GameConsoleService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: SafeNet Monitor Service (IPSECMON) - SafeNet - C:\Program Files\NetScreen\NetScreen-Remote\IPSecMon.exe

O23 - Service: SafeNet IKE Service (IREIKE) - SafeNet - C:\Program Files\NetScreen\NetScreen-Remote\IreIKE.exe

O23 - Service: Crystal Report Job Server (JobServer_Report) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\JobServer.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: lxcq_device - - C:\WINDOWS\system32\lxcqcoms.exe

O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)

O23 - Service: Crystal Page Server (pageserver) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\pageserver.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE

O23 - Service: Crystal Web Component Server (WebCompServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\WebCompServer.exe

--

End of file - 14041 bytes

ComboFix log:

ComboFix 07-11-01.1** - PET3R 2007-11-01 16:06:40.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1297 [GMT -4:00]Running from: C:\Documents and Settings\PET3R\Desktop\ComboFix.exe

* Created a new restore point

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Documents and Settings\All Users\Application Data.\Starware316

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\775_button_1b_def.bmp

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\FindIt.bmp

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\FindItHot.bmp

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\findithotxp.png

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\finditxp.png

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\Free_Credit_Score0.bmp

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\Free_Music0.bmp

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\logo.bmp

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\logoxp.bmp

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\Reference.bmp

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\ReferenceHot.bmp

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\referencehotxp.png

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\referencexp.png

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\Ringtones0.bmp

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\Screensavers0.bmp

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\Weather.bmp

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\WeatherHot.bmp

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\weatherhotxp.png

C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\weatherxp.png

C:\Documents and Settings\All Users\Application Data.\Starware316\contexts\error.xml

C:\Documents and Settings\All Users\Application Data.\Starware316\contexts\Related.xml

C:\Documents and Settings\All Users\Application Data.\Starware316\contexts\Travel.xml

C:\Documents and Settings\All Users\Application Data.\Starware316\images\walert.bmp

C:\Documents and Settings\All Users\Application Data.\Starware316\SimpleUpdate\ProductMessagingConfig.xml

C:\Documents and Settings\All Users\Application Data.\Starware316\SimpleUpdate\ProductMessagingConfig.xml.backup

C:\Documents and Settings\All Users\Application Data.\Starware316\SimpleUpdate\SimpleUpdateConfig.xml

C:\Documents and Settings\All Users\Application Data.\Starware316\SimpleUpdate\SimpleUpdateConfig.xml.backup

C:\Documents and Settings\All Users\Application Data.\Starware316\SimpleUpdate\TimerManagerConfig.xml

C:\Documents and Settings\All Users\Application Data.\Starware316\SimpleUpdate\TimerManagerConfig.xml.backup

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\775_button_1b_def.bmp

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\FindIt.bmp

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\FindItHot.bmp

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\findithotxp.png

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\finditxp.png

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Free_Credit_Score0.bmp

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Free_Music0.bmp

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\logo.bmp

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\logoxp.bmp

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Reference.bmp

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\ReferenceHot.bmp

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\referencehotxp.png

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\referencexp.png

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Ringtones0.bmp

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Screensavers0.bmp

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Weather.bmp

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\WeatherHot.bmp

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\weatherhotxp.png

C:\Documents and Settings\All Users\Application Data\Starware316\buttons\weatherxp.png

C:\Documents and Settings\All Users\Application Data\Starware316\contexts\error.xml

C:\Documents and Settings\All Users\Application Data\Starware316\contexts\Related.xml

C:\Documents and Settings\All Users\Application Data\Starware316\contexts\Travel.xml

C:\Documents and Settings\All Users\Application Data\Starware316\images\walert.bmp

C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\ProductMessagingConfig.xml

C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\ProductMessagingConfig.xml.backup

C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\SimpleUpdateConfig.xml

C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\SimpleUpdateConfig.xml.backup

C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\TimerManagerConfig.xml

C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\TimerManagerConfig.xml.backup

C:\Documents and Settings\PET3R\Application Data\Starware316

C:\Documents and Settings\PET3R\Application Data\Starware316\BrowserSearch\BrowserSearch.xml

C:\Documents and Settings\PET3R\Application Data\Starware316\BrowserSearch\BrowserSearch.xml.backup

C:\Documents and Settings\PET3R\Application Data\Starware316\Configurator\Configurator.xml

C:\Documents and Settings\PET3R\Application Data\Starware316\Configurator\Configurator.xml.backup

C:\Documents and Settings\PET3R\Application Data\Starware316\ErrorSearch\ErrorSearchOptions.xml

C:\Documents and Settings\PET3R\Application Data\Starware316\ErrorSearch\ErrorSearchOptions.xml.backup

C:\Documents and Settings\PET3R\Application Data\Starware316\Free_Credit_Score\Free_Credit_ScoreOptions.xml

C:\Documents and Settings\PET3R\Application Data\Starware316\Free_Credit_Score\Free_Credit_ScoreOptions.xml.backup

C:\Documents and Settings\PET3R\Application Data\Starware316\Free_Music\Free_MusicOptions.xml

C:\Documents and Settings\PET3R\Application Data\Starware316\Free_Music\Free_MusicOptions.xml.backup

C:\Documents and Settings\PET3R\Application Data\Starware316\Layouts\ToolbarLayout.xml

C:\Documents and Settings\PET3R\Application Data\Starware316\Layouts\ToolbarLayout.xml.backup

C:\Documents and Settings\PET3R\Application Data\Starware316\Manager\ManagerOptions.xml

C:\Documents and Settings\PET3R\Application Data\Starware316\Manager\ManagerOptions.xml.backup

C:\Documents and Settings\PET3R\Application Data\Starware316\Reference\ReferenceOptions.xml

C:\Documents and Settings\PET3R\Application Data\Starware316\Reference\ReferenceOptions.xml.backup

C:\Documents and Settings\PET3R\Application Data\Starware316\RelatedSearch\RelatedSearchOptions.xml

C:\Documents and Settings\PET3R\Application Data\Starware316\RelatedSearch\RelatedSearchOptions.xml.backup

C:\Documents and Settings\PET3R\Application Data\Starware316\Ringtones\RingtonesOptions.xml

C:\Documents and Settings\PET3R\Application Data\Starware316\Ringtones\RingtonesOptions.xml.backup

C:\Documents and Settings\PET3R\Application Data\Starware316\Screensavers\ScreensaversOptions.xml

C:\Documents and Settings\PET3R\Application Data\Starware316\Screensavers\ScreensaversOptions.xml.backup

C:\Documents and Settings\PET3R\Application Data\Starware316\Toolbar\TBProductsOptions.xml

C:\Documents and Settings\PET3R\Application Data\Starware316\Toolbar\TBProductsOptions.xml.backup

C:\Documents and Settings\PET3R\Application Data\Starware316\ToolbarLogo\ToolbarLogoOptions.xml

C:\Documents and Settings\PET3R\Application Data\Starware316\ToolbarLogo\ToolbarLogoOptions.xml.backup

C:\Documents and Settings\PET3R\Application Data\Starware316\ToolbarSearch\ToolbarSearchOptions.xml

C:\Documents and Settings\PET3R\Application Data\Starware316\ToolbarSearch\ToolbarSearchOptions.xml.backup

C:\Documents and Settings\PET3R\Application Data\Starware316\TravelSearch\TravelSearchOptions.xml

C:\Documents and Settings\PET3R\Application Data\Starware316\TravelSearch\TravelSearchOptions.xml.backup

C:\Documents and Settings\PET3R\Application Data\Starware316\Weather\AlertArchive.xml

C:\Documents and Settings\PET3R\Application Data\Starware316\Weather\WeatherOptions.xml

C:\Documents and Settings\PET3R\Application Data\Starware316\Weather\WeatherOptions.xml.backup

C:\Program Files\screensavers.com

C:\Program Files\screensavers.com\ActiveDesktop\bin\ActiveDesktopExe.exe

C:\Program Files\screensavers.com\SSSInstaller\bin\screensavers.exe

C:\Program Files\screensavers.com\SSSInstaller\bin\sinstaller3.exe

C:\Program Files\screensavers.com\SSSInstaller\bin\SSSInstaller.dll

C:\Program Files\screensavers.com\SSSUninst.exe

C:\Program Files\Starware316

C:\Program Files\Starware316\bin\Starware316.dll

C:\Program Files\Starware316\icons\star_16.ico

C:\Program Files\Starware316\Starware316Config.xml

C:\Program Files\Starware316\Starware316Uninstall.exe

C:\WINDOWS\exefld

C:\WINDOWS\exefld\14688046.exe

C:\WINDOWS\exefld\14717500.exe

C:\WINDOWS\exefld\14726281.exe

C:\WINDOWS\exefld\18132046.exe

C:\WINDOWS\exefld\258203.exe

C:\WINDOWS\exefld\270937.exe

C:\WINDOWS\exefld\271250.exe

C:\WINDOWS\exefld\29126000.exe

C:\WINDOWS\exefld\29168406.exe

C:\WINDOWS\exefld\295093.exe

C:\WINDOWS\exefld\29866015.exe

C:\WINDOWS\exefld\310031.exe

C:\WINDOWS\exefld\3714578.exe

C:\WINDOWS\exefld\919875.exe

C:\WINDOWS\system32\drivers\hidr.exe

C:\WINDOWS\system32\drivers\srosa.sys

C:\WINDOWS\system32\wintems.exe

D:\Autorun.inf

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\LEGACY_SROSA

-------\srosa

((((((((((((((((((((((((( Files Created from 2007-10-01 to 2007-11-01 )))))))))))))))))))))))))))))))

.

2007-11-01 15:59 51,200 --a------ C:\WINDOWS\NirCmd.exe

2007-10-31 14:03 <DIR> d-------- C:\Documents and Settings\PET3R\Application Data\PlayFirst

2007-10-31 14:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PlayFirst

2007-10-29 00:58 <DIR> d-------- C:\HiJackThis

2007-10-27 13:04 <DIR> d-------- C:\Documents and Settings\PET3R\FutureDecks Data

2007-10-27 13:04 126,976 --a------ C:\WINDOWS\system32\HDJAPI.dll

2007-10-27 13:04 86,016 --a------ C:\WINDOWS\system32\HRFDongle.dll

2007-10-27 13:03 <DIR> d-------- C:\Program Files\FutureDecksPro

2007-10-22 15:15 <DIR> d-------- C:\Program Files\DOSBox-0.72

2007-10-22 14:23 <DIR> d-------- C:\Screensavers.com

2007-10-22 14:23 2,285,222 --a------ C:\WINDOWS\Matrix Code.exe

2007-10-22 14:23 232,784 --a------ C:\WINDOWS\Matrix Code.scr

2007-10-22 14:23 29,696 --a------ C:\WINDOWS\mickey32.dll

2007-10-10 10:57 <DIR> d-------- C:\Program Files\iPod

2007-10-09 14:04 584,192 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll

2007-10-05 13:33 <DIR> d-------- C:\Program Files\CPoint

2007-10-01 09:20 <DIR> d-------- C:\FileNet

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2007-11-01 16:13 --------- d-----w C:\Program Files\Common Files\Symantec Shared

2007-10-31 21:00 --------- d-----w C:\Program Files\HP Games

2007-10-30 01:31 --------- d-----w C:\Program Files\eMule

2007-10-30 00:22 --------- d-----w C:\Documents and Settings\PET3R\Application Data\.BitTornado

2007-10-25 23:29 --------- d-----w C:\Documents and Settings\PET3R\Application Data\MySQL

2007-10-22 17:05 --------- d-----w C:\Program Files\Norton SystemWorks

2007-10-10 14:58 --------- d-----w C:\Program Files\iTunes

2007-10-09 00:30 --------- d-----w C:\Program Files\Java

2007-10-04 12:43 --------- d-----w C:\Program Files\Lx_cats

2007-09-27 21:16 --------- d-----w C:\Documents and Settings\PET3R\Application Data\U3

2007-09-24 19:26 --------- d-----w C:\Program Files\Apple Software Update

2007-09-12 22:18 --------- d-----w C:\Program Files\MSN Messenger

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{1962c5bc-e475-465b-823b-133e711bceb9}"= C:\Program Files\Starware316\bin\Starware316.dll [ ]

[HKEY_CLASSES_ROOT\CLSID\{1962c5bc-e475-465b-823b-133e711bceb9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-04 01:58]

"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-22 16:13]

"MsmqIntCert"="regsvr32 /s mqrt.dll" []

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-08 00:47]

"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 17:22]

"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" []

"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-05-02 20:21]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]

"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09]

"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-04-04 13:23]

"Client Access Service"="C:\Program Files\IBM\Client Access\cwbsvstr.exe" [2007-03-05 05:40]

"lxcqmon.exe"="C:\Program Files\Lexmark 9300 Series\lxcqmon.exe" [2006-10-23 10:51]

"Lexmark 9300 Series Fax Server"="C:\Program Files\Lexmark 9300 Series\fm3032.exe" [2006-10-26 02:33]

"EzPrint"="C:\Program Files\Lexmark 9300 Series\ezprint.exe" [2006-10-06 05:01]

"LXCQCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCQtime.dll" [2006-10-15 21:25]

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 14:42]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 17:00]

"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-09-12 18:18]

"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" []

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2004-02-08 07:06]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\

Monitor Apache Servers.lnk - C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe [2006-07-27 15:59:08]

NetScreen-Remote.lnk - C:\Program Files\NetScreen\NetScreen-Remote\SafeCfg.exe [2007-07-09 10:13:18]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoViewOnDrive"=0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

"Authentication Packages"= msv1_0 setuid

SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

@="DiskDrive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

@="Hdc"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

@="Keyboard"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

@="Mouse"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

@="System"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

@="Volume"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk

backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cpqset]

C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]

CHDAudPropShortcut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]

C:\WINDOWS\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]

C:\WINDOWS\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]

"C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]

"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]

C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]

%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]

"C:\Program Files\HP\QuickPlay\QPService.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RecGuard]

C:\Windows\SMINST\RecGuard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

"C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"NProtectService"=2 (0x2)

"NPFMntor"=2 (0x2)

"navapsvc"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8350ab54-d3c1-11db-bdc7-0018de872e79}]

\Shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a459e7a3-6d26-11dc-bf22-0018de872e79}]

\Shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5f821a7-dca3-11db-bddd-0018de872e79}]

\Shell\AutoRun\command - G:\portable_apps\PortableApps\PortableAppsMenu\PortableAppsMenu.exe

*Newly Created Service* - MDMXSDK

.

Contents of the 'Scheduled Tasks' folder

"2007-10-29 22:42:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

"2007-11-01 15:50:00 C:\WINDOWS\Tasks\Fantasy NBA.job"

- C:\PROGRA~1\MOZILL~1\firefox.exe

"2007-11-01 18:20:58 C:\WINDOWS\Tasks\Fantasy NFL.job"

- C:\PROGRA~1\MOZILL~1\firefox.exe

"2007-09-29 00:00:53 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - PET3R.job"

- C:\PROGRA~1\NORTON~1\NORTON~3\Navw32.exe

"2007-10-22 17:05:47 C:\WINDOWS\Tasks\Norton SystemWorks One Button Checkup.job"

"2007-10-26 04:00:00 C:\WINDOWS\Tasks\Symantec Drmc.job"

.

**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-11-01 16:18:37

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2007-11-01 16:19:35

.

--- E O F ---

[Antivirus Deleted & More Problems[RESOLVED]]

First off, How i got my virus (if its a virus): I downloaded 2 different programs that may have caused it. One, a screen saver program, because to download something I had to download a demo of a screensaver program. Second, a software for mixing music, which I think this one impaired my laptop.

Noticable Effects: First thing that happened, a lot of popups with blank sites started popping up. I wondered why didnt i get a warning that it was loading a site... and I found out my Sygate Firewall was disabled, then i saw my Norton Antivirus was disabled. So the virus disabled both my firewall and antivirus and it wont let me install them again or repair them. My Wireless Connection is not working. I'm currently connected by cable now.

What I've done: I tried installing other antivirus software, but I've had no success there. It stops when it is about to install the main exe file. ie. NMain.exe, smc.exe. So, I connected thru my bro's computer and ran Kapersky. It found out two adware named something like ssinstall.exe (probably the screen saver). Those two are gone. I tried online scan with Panda, but it won't let me install the ActiveX control. So, I got HiJackThis and ran it. If there is anything else I can provide to help, please ask. Thx in advance for the help.

Here's the HiJackThis log from notepad:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 1:27:32 AM, on 10/29/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\NetScreen\NetScreen-Remote\IreIKE.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHALDCS.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\NetScreen\NetScreen-Remote\IPSecMon.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\WINDOWS\system32\lxcqcoms.exe

C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\mqsvc.exe

C:\WINDOWS\system32\mqtgsvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe

C:\Program Files\Lexmark 9300 Series\lxcqmon.exe

C:\Program Files\Lexmark 9300 Series\ezprint.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\NetScreen\NetScreen-Remote\SafeCfg.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Downloads\HiJackThis_v2.exe

C:\HiJackThis\HiJackThis_v2.exe

C:\WINDOWS\system32\msiexec.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...o&pf=laptop

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://localhost:9080/RAPID

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...o&pf=laptop

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O1 - Hosts: 176.185.1.1 iseries

O1 - Hosts: 98.19.1.11 odysseus

O1 - Hosts: 98.19.1.4 aux400

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {18AA4575-67E5-4807-92AF-A4923D98E974} - (no file)

O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)

O2 - BHO: (no name) - {5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e} - C:\Program Files\Starware316\bin\Starware316.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll

O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll

O3 - Toolbar: Starware Screensavers Toolbar - {1962c5bc-e475-465b-823b-133e711bceb9} - C:\Program Files\Starware316\bin\Starware316.dll

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe

O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe

O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"

O4 - HKLM\..\Run: [lxcqmon.exe] "C:\Program Files\Lexmark 9300 Series\lxcqmon.exe"

O4 - HKLM\..\Run: [Lexmark 9300 Series Fax Server] "C:\Program Files\Lexmark 9300 Series\fm3032.exe" /s

O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 9300 Series\ezprint.exe"

O4 - HKLM\..\Run: [LXCQCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCQtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe

O4 - Global Startup: NetScreen-Remote.lnk = C:\Program Files\NetScreen\NetScreen-Remote\SafeCfg.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Edit with Altova X&MLSpy - C:\Program Files\Altova\XMLSpy2007\spy.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2007\spy.htm

O9 - Extra 'Tools' menuitem: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2007\spy.htm

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)

O12 - Plugin for .NPSSView: C:\Program Files\Seagate Software\Viewers\ActiveXViewer\\NPssView.dll

O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop

O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {71C140F3-1A84-430B-9035-68815582DC79} (Crystal Report Prompt Info Control) - http://192.168.3.187/viewer/activeXViewer/...meterdialog.cab

O16 - DPF: {B0882EB7-81A5-4A11-8D45-71888F973933} (fortisslvpn Class) - https://207.150.244.172/sslvpn.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apache2 - Apache Software Foundation - C:\Program Files\Apache Group\Apache2\bin\Apache.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Crystal Cache Server (CacheServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\cacheserver.exe

O23 - Service: Crystal APS (CrystalAPS) - Seagate Software, Inc. - C:\Program Files\Seagate Software\Enterprise\x86\CrystalAPS.exe

O23 - Service: Crystal Input File Repository Server (CrystalInputFileServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\Enterprise\x86\inputfileserver.exe

O23 - Service: Crystal Output File Repository Server (CrystalOutputFileServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\Enterprise\x86\outputfileserver.exe

O23 - Service: CVSNT Locking Service 2.5.03.2382 (cvslock) - Unknown owner - C:\Program Files\CVSNT\cvslock.exe

O23 - Service: CVSNT Dispatch service 2.5.03.2382 (cvsnt) - March Hare Software Ltd - C:\Program Files\CVSNT\cvsservice.exe

O23 - Service: iSeries Access for Windows Remote Command (Cwbrxd) - IBM Corporation - C:\WINDOWS\CWBRXD.EXE

O23 - Service: DCS Loader (DCSLoader) - Oki Data Corporation - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHALDCS.EXE

O23 - Service: FortiSslvpnDaemon - Fortinet Inc. - C:\WINDOWS\system32\FortiSslvpnDaemon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: SafeNet Monitor Service (IPSECMON) - SafeNet - C:\Program Files\NetScreen\NetScreen-Remote\IPSecMon.exe

O23 - Service: SafeNet IKE Service (IREIKE) - SafeNet - C:\Program Files\NetScreen\NetScreen-Remote\IreIKE.exe

O23 - Service: Crystal Report Job Server (JobServer_Report) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\JobServer.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: lxcq_device - - C:\WINDOWS\system32\lxcqcoms.exe

O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)

O23 - Service: Crystal Page Server (pageserver) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\pageserver.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE

O23 - Service: Crystal Web Component Server (WebCompServer) - Seagate Software, Inc. - C:\Program Files\Seagate Software\WCS\WebCompServer.exe

--

End of file - 14343 bytes