Thank you for your prompt reply Trevuren
Here are the logs you requested:
a) Uninstall Log:
4X UltraSaver
Adobe ActiveShare 1.3.1
Adobe Flash Player 9 ActiveX
Adobe Reader 7.0.9
APC PowerChute Personal Edition
Apple Mobile Device Support
Apple Software Update
ArcSoft Software Suite
Atomic Pop
Avery DesignPro
Baby Names
Betty Bad
BibleVerseArt4 Screen Saver
Blasterball Wild
Bluetooth Stack for Windows by Toshiba
Board Games
ClickArt® Christian Value
Cobian Backup 8
Dark Orbit
DFX for Windows Media Player
FileMaker Pro 7
Folder Size for Windows
FoneSync
GemMaster 2
Hijackthis 1.99.1
HijackThis 1.99.1
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
hp center
hp deskjet 630c series
HP Instant Support
HP Photo Printing Software
HP PrecisionScan LTX
HP Scan-to-Web Wizard
Inactive HP Printer Drivers (Remove only)
InCD
Intel® 845G Chipset Graphics Driver Software
iTunes
Java™ 6 Update 2
KBD
Kublox
Label Publisher with Wizards
Label Sort and Print Utility
Labtec Media Keyboard V5.0
Labtec Mouse V2.1
Lernout & Hauspie TruVoice American English TTS Engine
LiveReg (Symantec Corporation)
LiveUpdate 1.80 (Symantec Corporation)
Mavis Beacon Teaches Typing 9.0.0
Metafile Companion 1.10
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2002
Microsoft Money 2002 System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Streets and Trips 2001
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Word 2000 SR-1
Microsoft Works 2001 Setup Launcher
Microsoft Works 6.0
Microsoft Works 6.0
Microsoft Works and Money 2002 Setup Launcher
Microsoft Works Suite Add-in for Microsoft Word
MidiNotate
Mozilla Firefox (2.0.0.6)
MSXML 6.0 Parser (KB933579)
Nero Digital
Nero Media Player
Nero OEM
NeroMIX
Norton SystemWorks 2003
NVIDIA Windows 2000/XP Display Drivers
Panda ActiveScan
PC-Doctor for Windows
PCTV
PeoplePC Online
PeoplePC:PeoplePal Toolbar 6.3
PigPen
Pinnacle TRex
PL-2303 USB-to-Serial
PowerDVD
PrintKey2000
PS2
Python 1.5 combined Win32 extensions
Python 1.5.2 (final)
QuickTime
RealPlayer
Replay Radio and Replay A/V 7
SabreWing 2
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
Shred 2 (PC Magazine)
SoundMAX
Space Rocks
SpeedFan (remove only)
Speedway
Tcl 8.0.5 for Windows
TrueCrypt
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB920872)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Veo Digital Studio
Veo Stingray
VersaCheck 2003 Personal Premier
VersaJette M300
Virtual Assistant
Virtual Warfare
Voyetra Music Write Plus
WeatherBug
WildTangent Channel Manager
Winamp (remove only)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
WinZip 11.1
Yahoo! Music Jukebox
You Know What 2 - Arts and Entertainment
You Know What 2 - History and Geography
You Know What 2 - Potpourri
You Know What 2 - Science and Nature
You Know What 2 - Sports and Games
ZoneAlarm
Combofix log file:
ComboFix 07-08-14.6 - "Master Luke" 2007-08-14 16:58:38.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.125 [GMT -6:00]
* Created a new restore point
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\_000005_.tmp.dll
C:\WINDOWS\system32\bdeeg.bak1
C:\WINDOWS\system32\bdeeg.bak2
C:\WINDOWS\system32\bdeeg.ini
C:\WINDOWS\system32\fjitqdgx.exe
C:\WINDOWS\system32\geedb.dll
C:\WINDOWS\system32\ginxwmux.exe
C:\WINDOWS\system32\ieifhhxb.exe
C:\WINDOWS\system32\pjqvjedt.exe
C:\WINDOWS\system32\rjogcwjv.exe
C:\WINDOWS\system32\windows.scr
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_DOMAINSERVICE
-------\DomainService
((((((((((((((((((((((((( Files Created from 2007-07-14 to 2007-08-14 )))))))))))))))))))))))))))))))
2007-08-14 16:46 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-11 13:13 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-08-11 11:36 1,048,576 --ah----- C:\DOCUME~1\JESS\NTUSER.DAT
2007-08-11 11:36 <DIR> d-------- C:\DOCUME~1\JESS\WINDOWS
2007-08-11 11:36 <DIR> d-------- C:\DOCUME~1\JESS\APPLIC~1\VERITAS
2007-08-11 11:36 <DIR> d-------- C:\DOCUME~1\JESS\APPLIC~1\Symantec
2007-08-11 11:36 <DIR> d-------- C:\DOCUME~1\JESS\APPLIC~1\InterTrust
2007-08-11 11:36 <DIR> d-------- C:\DOCUME~1\JESS\APPLIC~1\Corel
2007-08-11 11:27 <DIR> d-------- C:\VundoFix Backups
2007-08-09 22:14 1,310,720 --ah----- C:\DOCUME~1\ADMINI~1.RAC\NTUSER.DAT
2007-08-09 22:14 <DIR> d-------- C:\DOCUME~1\ADMINI~1.RAC\WINDOWS
2007-08-09 22:14 <DIR> d-------- C:\DOCUME~1\ADMINI~1.RAC\APPLIC~1\VERITAS
2007-08-09 22:14 <DIR> d-------- C:\DOCUME~1\ADMINI~1.RAC\APPLIC~1\Symantec
2007-08-09 22:14 <DIR> d-------- C:\DOCUME~1\ADMINI~1.RAC\APPLIC~1\InterTrust
2007-08-09 22:14 <DIR> d-------- C:\DOCUME~1\ADMINI~1.RAC\APPLIC~1\Corel
2007-08-08 10:40 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
2007-08-08 10:31 <DIR> d-------- C:\DOCUME~1\MASTER~2\APPLIC~1\WinRAR
2007-08-06 22:24 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\YAHOO
2007-08-06 22:23 <DIR> d-------- C:\Program Files\Common Files\SureThing Shared
2007-07-24 10:30 <DIR> d-------- C:\DOCUME~1\MASTER~2\APPLIC~1\Lavasoft
2007-07-20 18:38 <DIR> d-------- C:\DOCUME~1\MASTER~2\APPLIC~1\Real
2007-07-16 19:17 <DIR> d-------- C:\DOCUME~1\MASTER~2\APPLIC~1\Ahead
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-14 17:17 --------- d-------- C:\Program Files\SpeedFan
2007-08-14 17:16 --------- d-------- C:\Program Files\Common Files\Symantec Shared
2007-08-13 15:52 --------- d-------- C:\DOCUME~1\MASTER~2\APPLIC~1\WeatherBug
2007-08-10 23:20 680 --a------ C:\WINDOWS\AUTOLNCH.REG
2007-08-06 22:24 --------- d-------- C:\Program Files\Yahoo!
2007-08-06 11:18 --------- d-------- C:\Program Files\iTunes
2007-08-06 11:18 --------- d-------- C:\Program Files\iPod
2007-08-05 08:29 --------- d-------- C:\Program Files\HS
2007-07-21 18:48 --------- d-------- C:\Program Files\Replay7
2007-07-21 09:20 --------- d-------- C:\DOCUME~1\MASTER~2\APPLIC~1\Winamp
2007-07-20 18:42 --------- d-------- C:\Program Files\Common Files\Real
2007-07-19 00:59 3583488 --a--c--- C:\WINDOWS\system32\dllcache\mshtml.dll
2007-07-16 18:51 --------- d-------- C:\DOCUME~1\MASTER~2\APPLIC~1\Apple Computer
2007-07-12 17:31 765952 --a--c--- C:\WINDOWS\system32\dllcache\vgx.dll
2007-07-12 12:02 --------- d-------- C:\Program Files\QuickTime
2007-07-12 11:49 --------- d-------- C:\Program Files\Apple Software Update
2007-07-12 11:43 --------- d-------- C:\Program Files\Common Files\Apple
2007-07-11 00:50 --------- d-------- C:\Program Files\STARWARS
2007-06-29 15:23 --------- d-------- C:\Program Files\Common Files\Motive
2007-06-29 00:25 --------- d-------- C:\Program Files\MSN Messenger
2007-06-28 11:51 --------- d-------- C:\Program Files\FreedomBox 2.0
2007-06-28 11:51 --------- d-------- C:\DOCUME~1\MASTER~2\APPLIC~1\FreedomBox
2007-06-27 08:34 823808 --a--c--- C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-27 08:34 671232 --a--c--- C:\WINDOWS\system32\dllcache\mstime.dll
2007-06-27 08:34 6058496 --a--c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-06-27 08:34 52224 --a--c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-06-27 08:34 477696 --a--c--- C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-06-27 08:34 459264 --a--c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-06-27 08:34 44544 --a--c--- C:\WINDOWS\system32\dllcache\iernonce.dll
2007-06-27 08:34 384512 --a--c--- C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-06-27 08:34 383488 --a--c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-06-27 08:34 27648 --a--c--- C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-06-27 08:34 267776 --a--c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-06-27 08:34 232960 --a--c--- C:\WINDOWS\system32\dllcache\webcheck.dll
2007-06-27 08:34 230400 --a--c--- C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-06-27 08:34 193024 --a--c--- C:\WINDOWS\system32\dllcache\msrating.dll
2007-06-27 08:34 153088 --a--c--- C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-06-27 08:34 132608 --a--c--- C:\WINDOWS\system32\dllcache\extmgr.dll
2007-06-27 08:34 124928 --a--c--- C:\WINDOWS\system32\dllcache\advpack.dll
2007-06-27 08:34 1152000 --a--c--- C:\WINDOWS\system32\dllcache\urlmon.dll
2007-06-27 08:34 105984 --a--c--- C:\WINDOWS\system32\dllcache\url.dll
2007-06-27 08:34 102400 --a--c--- C:\WINDOWS\system32\dllcache\occache.dll
2007-06-27 02:27 63488 --a--c--- C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-06-27 02:27 625152 --a--c--- C:\WINDOWS\system32\dllcache\iexplore.exe
2007-06-27 02:27 13824 --a--c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-06-27 01:00 161792 --a--c--- C:\WINDOWS\system32\dllcache\ieakui.dll
2007-06-26 00:08 1104896 --a--c--- C:\WINDOWS\system32\dllcache\msxml3.dll
2007-06-26 00:08 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-23 16:07 --------- d-------- C:\Program Files\Virtual Assistant
2007-06-23 15:10 --------- d-------- C:\Program Files\Motive
2007-06-23 01:17 --------- d-------- C:\Program Files\Aveo
2007-06-19 11:51 --------- d--h----- C:\Program Files\WindowsUpdate
2007-06-19 07:31 282112 --a--c--- C:\WINDOWS\system32\dllcache\gdi32.dll
2007-06-19 07:31 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-18 23:32 --------- d-------- C:\Program Files\Winamp
2007-06-18 17:59 --------- d-------- C:\Program Files\FolderSize
2007-06-18 16:57 --------- d-------- C:\DOCUME~1\MASTER~2\APPLIC~1\TOSHIBA
2007-06-18 16:45 --------- d-------- C:\Program Files\Toshiba
2007-06-16 03:41 --------- d-------- C:\Program Files\Messenger
2007-06-13 04:23 1033216 --a--c--- C:\WINDOWS\system32\dllcache\explorer.exe
2007-06-13 04:23 1033216 --a------ C:\WINDOWS\explorer.exe
2007-06-11 23:51 10834944 --a--c--- C:\WINDOWS\system32\dllcache\wmp.dll
2007-06-08 20:06 44 --a------ C:\WINDOWS\system32\msssc.dll
2007-05-26 03:27 737280 --a------ C:\WINDOWS\iun6002.exe
2007-05-26 00:53 9728 --a------ C:\WINDOWS\system32\UnInstall BibleVerseArt4.exe
2007-05-26 00:53 4521290 --a------ C:\WINDOWS\system32\BibleVerseArt4.scr
2007-05-24 00:36 3576 --a------ C:\WINDOWS\pchealth\HELPCTR\PackageStore\SkuStore.bin
2007-05-24 00:34 9546 --a------ C:\WINDOWS\pchealth\HELPCTR\Config\Cntstore.bin
2007-05-17 05:28 549376 --ahs---- C:\WINDOWS\system32\oleaut32.dll
2007-05-17 05:28 549376 --a-sc--- C:\WINDOWS\system32\dllcache\oleaut32.dll
2007-05-16 09:12 86528 --a--c--- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 09:12 85504 --a--c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 09:12 683520 --a--c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 09:12 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 09:12 510976 --a--c--- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 09:12 1314816 --a--c--- C:\WINDOWS\system32\dllcache\msoe.dll
2007-05-15 15:43 1320800 --a------ C:\WINDOWS\system32\msxml6.dll
2002-07-09 08:46 53701 --a------ C:\WINDOWS\inf\Gemplus\gcr432.sys
2002-07-09 08:46 28864 --a------ C:\WINDOWS\inf\Gemplus\GCR412.sys
2001-08-18 12:00:00 94,784 --sh--w C:\WINDOWS\twain.dll
2004-08-04 05:56:48 50,688 --sh--w C:\WINDOWS\twain_32.dll
2004-08-04 05:56:44 1,028,096 --sha-w C:\WINDOWS\system32\mfc42.dll
2004-08-04 05:56:44 54,784 --sha-w C:\WINDOWS\system32\msvcirt.dll
2004-08-04 05:56:44 413,696 --sha-w C:\WINDOWS\system32\msvcp60.dll
2004-08-04 05:56:44 343,040 --sha-w C:\WINDOWS\system32\msvcrt.dll
2004-08-04 05:56:46 83,456 --sha-w C:\WINDOWS\system32\olepro32.dll
2004-08-04 05:56:56 11,776 --sha-w C:\WINDOWS\system32\regsvr32.exe
2006-06-23 03:43:02 68 --sha-w C:\WINDOWS\system32\windzfa0.sys
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A8FB8EB3-183B-4598-924D-86F0E5E37085}]
2006-01-24 17:07 220672 --a------ C:\Program Files\PeoplePC\Toolbar\PPCToolbar.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A8FB8EB3-183B-4598-924D-86F0E5E37085}"= C:\Program Files\PeoplePC\Toolbar\PPCToolbar.dll [2006-01-24 17:07 220672]
[HKEY_CLASSES_ROOT\CLSID\{A8FB8EB3-183B-4598-924D-86F0E5E37085}]
[HKEY_CLASSES_ROOT\PeoplePal Toolbar]
[HKEY_CLASSES_ROOT\TypeLib\{994D628D-4D22-4DB9-B6DB-F7D9F1635817}]
[HKEY_CLASSES_ROOT\PeoplePal Toolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 17:04]
"PreloadApp"="c:\hp\drivers\printers\photosmart\hphprld.exe" [2001-12-13 00:05]
"KBD"="C:\HP\KBD\KBD.EXE" [2001-07-06 21:56]
"DDCM"="C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" [2001-12-12 22:52]
"DDCActiveMenu"="C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" [2001-12-12 22:59]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2001-12-19 00:39]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2001-08-08 01:25]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2001-08-08 00:36]
"NvCplDaemon"="NvQTwk" []
"nwiz"="nwiz.exe" [2002-03-09 17:53 C:\WINDOWS\system32\nwiz.exe]
"S3apphk"="S3apphk.exe" [2002-03-15 23:51 C:\WINDOWS\system32\S3apphk.exe]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2001-07-03 21:13]
"LTMSG"="LTMSG.exe" [2003-07-14 10:52 C:\WINDOWS\ltmsg.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:56 C:\WINDOWS\system32\bthprops.cpl]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2002-08-19 21:22]
"ccRegVfy"="C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" [2002-08-19 21:23]
"GhostStartTrayApp"="C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe" [2002-08-14 14:21]
"PCTVRemote"="C:\Program Files\Pinnacle\Pinnacle PCTV\Remote\Remoterm.exe" [2002-01-28 18:12]
"FLMOFFICE4DMOUSE"="C:\Program Files\Labtec\Mouse\2.1\moffice.exe" [2007-05-24 02:17]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-08 23:02]
"hp Update 2100C"="C:\Program Files\Hewlett-Packard\HP PrecisionScan\sj644\hpupdate.exe" [2002-01-24 16:24]
"UltraSaver"="C:\Program Files\G7PS\4X UltraSaver\UltraSaver.exe" [2006-09-20 14:50]
"PrinTray"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe" [2002-03-29 04:44]
"LXSUPMON"="C:\WINDOWS\system32\LXSUPMON.exe" [2002-03-29 04:44]
"Microsoft Works Portfolio"="C:\Program Files\Microsoft Works\WksSb.exe" [2001-08-23 22:52]
"Microsoft Works Update Detection"="C:\Program Files\Microsoft Works\WkDetect.exe" [2000-08-01 14:00]
"Bart Station"="C:\Program Files\PeoplePC\ISP6330\BIN\PPCOLink.exe" [2006-04-18 16:42]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 19:24]
"LWBKEYBOARD"="C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe" [2005-01-28 04:23]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2006-03-23 17:06]
"Motive SmartBridge"="C:\PROGRA~1\VIRTUA~1\SMARTB~1\SprintDSLAlert.exe" [2006-04-21 15:41]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-07-20 18:38]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-31 18:44]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54]
"Microsoft Works Update Detection"="c:\Program Files\Microsoft Works\WkDetect.exe" [2000-08-01 14:00]
"Weather"="C:\Program Files\AWS\WeatherBug\Weather.exe" [2005-06-07 12:58]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
APC UPS Status.lnk - C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe [2007-05-25 00:09:05]
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-01-18 14:48:42]
PowerMenu.lnk - C:\Program Files\PowerMenu\PowerMenu.exe [2007-04-13 21:47:19]
SpeedFan 4.28.lnk - C:\Program Files\SpeedFan\speedfan.exe [2006-02-08 15:38:36]
Virtual Assistant.lnk - C:\Program Files\Virtual Assistant\bin\matcli.exe [2007-06-23 15:09:47]
R1 GhPciScan;GhostPciScanner;\??\C:\Program Files\Norton SystemWorks\Norton Ghost\ghpciscan.sys
R2 ROB_A;Pinnacle WDM PCTV Audio Capture;C:\WINDOWS\system32\DRIVERS\rob_a.sys
R2 ROB_V;Pinnacle WDM PCTV Video Capture;C:\WINDOWS\system32\drivers\rob_v.sys
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service;C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
R3 DCamUSBVeo532;Veo Web Camera;C:\WINDOWS\system32\Drivers\ubVeo532.sys
R3 NPDriver;Norton Unerase Protection Driver;\??\C:\WINDOWS\System32\Drivers\NPDRIVER.SYS
R3 pctvvbi;PCTVVBI;C:\WINDOWS\system32\DRIVERS\pctvvbi.sys
S3 APLMp50;APLMp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\APLMp50.sys
S3 g7bs_device;g7bs_device;C:\WINDOWS\system32\g7bscoms.exe -service
S3 trid3d;trid3d;C:\WINDOWS\system32\DRIVERS\trid3dm.sys
Contents of the 'Scheduled Tasks' folder
2007-08-13 16:42:12 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2007-08-14 07:52:00 C:\WINDOWS\Tasks\MP Scheduled Scan.job - C:\Program Files\Windows Defender\MpCmdRun.exe
2007-08-12 15:30:00 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer.job - C:\PROGRA~1\NORTON~2\NORTON~1\NAVW32.exe
2007-08-03 23:30:00 C:\WINDOWS\Tasks\Norton SystemWorks One Button Checkup.job
2007-08-14 23:16:33 C:\WINDOWS\Tasks\Symantec NetDetect.job - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-08-14 17:15:27
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-08-14 17:21:37 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-08-14 17:21
--- E O F ---
c) A New Hijack This Log:
Logfile of HijackThis v1.99.1
Scan saved at 17:27:53, on 08/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\snmp.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\S3apphk.exe
C:\WINDOWS\LTMSG.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Pinnacle\Pinnacle PCTV\Remote\Remoterm.exe
C:\Program Files\Labtec\Mouse\2.1\moffice.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\G7PS\4X UltraSaver\UltraSaver.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Labtec\Mouse\2.1\MOUSE32A.EXE
C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
C:\Program Files\PeoplePC\ISP6330\Browser\Bartshel.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\PROGRA~1\VIRTUA~1\SMARTB~1\SprintDSLAlert.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\PeoplePC\ISP6330\Browser\PPShared.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\PowerMenu\PowerMenu.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Virtual Assistant\bin\mpbtn.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Master Luke\Desktop\Killer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://myembarq.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://srch-us5.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: PeoplePC ScamGuard - {7E3659A6-4BC5-4d93-B3FD-8B5ACC2FEDED} - C:\Program Files\PeoplePC\Toolbar\ScamGrd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: PeoplePal Toolbar - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - C:\Program Files\PeoplePC\Toolbar\PPCToolbar.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: PeoplePal Toolbar - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - C:\Program Files\PeoplePC\Toolbar\PPCToolbar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [DDCM] "C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" -Background
O4 - HKLM\..\Run: [DDCActiveMenu] "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -boot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [S3apphk] S3apphk.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [PCTVRemote] C:\Program Files\Pinnacle\Pinnacle PCTV\Remote\Remoterm.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Mouse\2.1\moffice.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [hp Update 2100C] C:\Program Files\Hewlett-Packard\HP PrecisionScan\sj644\hpupdate.exe
O4 - HKLM\..\Run: [UltraSaver] "C:\Program Files\G7PS\4X UltraSaver\UltraSaver.exe" /hide
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [Bart Station] C:\Program Files\PeoplePC\ISP6330\BIN\PPCOLink.exe -STATION
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VIRTUA~1\SMARTB~1\SprintDSLAlert.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_0
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: APC UPS Status.lnk = C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: PowerMenu.lnk = C:\Program Files\PowerMenu\PowerMenu.exe
O4 - Global Startup: SpeedFan 4.28.lnk = C:\Program Files\SpeedFan\speedfan.exe
O4 - Global Startup: Virtual Assistant.lnk = C:\Program Files\Virtual Assistant\bin\matcli.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.micros...b?1180089289734
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.micros...b?1181970103437
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://www.shockwave...ploader_v10.cab
O18 - Protocol: g7ps - {9EACF0FB-4FC7-436E-989B-3197142AD979} - C:\Program Files\Common Files\G7PS\Shared Files\G7PSDLL\G7PS.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: g7bs_device - - C:\WINDOWS\system32\g7bscoms.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Thank you again so much for your help, looking forward to your reply! Master Luke.
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
