Here are the logs you asked for. Everything seems to be fine again, but you're the expert so I could be completely wrong. It's been over an hour or so since the last pop-up. Also the task manager is no longer disabled, and there is no more yield sign in the taskbar.
Thanks you SO MUCH SCOTTY!! You = THE MAN!!!
ComboFix 08-04-06.1 - Sean 2008-04-07 16:22:46.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.173 [GMT -4:00]
Running from: C:\Documents and Settings\Sean\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Sean\Desktop\CFScript.txt
* Created a new restore point
FILE ::
C:\WINDOWS\didduid.ini
C:\WINDOWS\Help\SBSI\golcvsm.bak1
C:\WINDOWS\Help\SBSI\golcvsm.bak2
C:\WINDOWS\Help\SBSI\golcvsm.ini2
C:\WINDOWS\Help\SBSI\msvclog.dll
C:\WINDOWS\system32\dumphive.exe
C:\WINDOWS\system32\IEDFix.exe
C:\WINDOWS\system32\jgjuharo.exe
C:\WINDOWS\system32\LA558.tmp
C:\WINDOWS\system32\LB4BA.tmp
C:\WINDOWS\system32\LB71B.tmp
C:\WINDOWS\system32\LBBDE.tmp
C:\WINDOWS\system32\Process.exe
C:\WINDOWS\system32\SrchSTS.exe
C:\WINDOWS\system32\VACFix.exe
C:\WINDOWS\system32\VCCLSID.exe
C:\WINDOWS\system32\wmsdkns.exe
C:\WINDOWS\system32\WS2Fix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\180search assistant
C:\Program Files\180search assistant\180sa.exe
C:\Program Files\180search assistant\sau.exe
C:\Program Files\180searchassistant
C:\Program Files\180searchassistant\saap.exe
C:\Program Files\180searchassistant\sac.exe
C:\Program Files\180solutions
C:\Program Files\180solutions\sais.exe
C:\Program Files\stc
C:\Program Files\stc\csv5p070.exe
C:\Program Files\Sysmnt
C:\Program Files\Sysmnt\Ssmgr.exe
C:\Program Files\zango
C:\SDFix
C:\SDFix\SDFix\apps\assosfix.reg
C:\SDFix\SDFix\apps\cliptext.exe
C:\SDFix\SDFix\apps\download.exe
C:\SDFix\SDFix\apps\dummy.sys
C:\SDFix\SDFix\apps\Enable_Command_Prompt.reg
C:\SDFix\SDFix\apps\ERDNT.E_E
C:\SDFix\SDFix\apps\ERDNTDOS.LOC
C:\SDFix\SDFix\apps\ERDNTWIN.LOC
C:\SDFix\SDFix\apps\ERUNT.EXE
C:\SDFix\SDFix\apps\ERUNT.LOC
C:\SDFix\SDFix\apps\fix.reg
C:\SDFix\SDFix\apps\FixBH.reg
C:\SDFix\SDFix\apps\FixComponents.reg
C:\SDFix\SDFix\apps\FIXCU.reg
C:\SDFix\SDFix\apps\FIXLM.reg
C:\SDFix\SDFix\apps\FixPath.exe
C:\SDFix\SDFix\apps\FixRedir.reg
C:\SDFix\SDFix\apps\FixSchedule.reg
C:\SDFix\SDFix\apps\FixWebCheck.reg
C:\SDFix\SDFix\apps\fixXP.reg
C:\SDFix\SDFix\apps\FixXPsp2.reg
C:\SDFix\SDFix\apps\grep.exe
C:\SDFix\SDFix\apps\HPFix.reg
C:\SDFix\SDFix\apps\HPFix2.reg
C:\SDFix\SDFix\apps\HPFix3.reg
C:\SDFix\SDFix\apps\HPFix4.reg
C:\SDFix\SDFix\apps\HPFix5.reg
C:\SDFix\SDFix\apps\HPFix6.reg
C:\SDFix\SDFix\apps\HPFix7.reg
C:\SDFix\SDFix\apps\isadmin.exe
C:\SDFix\SDFix\apps\leg2.txt
C:\SDFix\SDFix\apps\legacy.txt
C:\SDFix\SDFix\apps\legacybk.txt
C:\SDFix\SDFix\apps\locate.com
C:\SDFix\SDFix\apps\LS.exe
C:\SDFix\SDFix\apps\MD5File.exe
C:\SDFix\SDFix\apps\MyGcpvFix.reg
C:\SDFix\SDFix\apps\MyGkFix2.reg
C:\SDFix\SDFix\apps\Process.exe
C:\SDFix\SDFix\apps\procs.exe
C:\SDFix\SDFix\apps\psservice.exe
C:\SDFix\SDFix\apps\Rem.txt
C:\SDFix\SDFix\apps\Rem2.txt
C:\SDFix\SDFix\apps\Replace\regedit.exe
C:\SDFix\SDFix\apps\Replace\W2K.exe
C:\SDFix\SDFix\apps\Replace\w2k\beep.sys
C:\SDFix\SDFix\apps\Replace\w2k\null.sys
C:\SDFix\SDFix\apps\Replace\XP.exe
C:\SDFix\SDFix\apps\Replace\xp\beep.sys
C:\SDFix\SDFix\apps\Replace\xp\null.sys
C:\SDFix\SDFix\apps\Reset_AppInit_DLLs.reg
C:\SDFix\SDFix\apps\RestartIt!.exe
C:\SDFix\SDFix\apps\Restore_SecurityCenter.reg
C:\SDFix\SDFix\apps\Restore_SharedAccess.reg
C:\SDFix\SDFix\apps\sc.exe
C:\SDFix\SDFix\apps\sed.exe
C:\SDFix\SDFix\apps\SF.exe
C:\SDFix\SDFix\apps\shutdown.exe
C:\SDFix\SDFix\apps\srv2.txt
C:\SDFix\SDFix\apps\srv2bk.txt
C:\SDFix\SDFix\apps\svc.txt
C:\SDFix\SDFix\apps\svcbk.txt
C:\SDFix\SDFix\apps\swreg.exe
C:\SDFix\SDFix\apps\swsc.exe
C:\SDFix\SDFix\apps\unzip.exe
C:\SDFix\SDFix\apps\vfind.exe
C:\SDFix\SDFix\apps\WINMSG.EXE
C:\SDFix\SDFix\apps\winsec.reg
C:\SDFix\SDFix\apps\zip.exe
C:\SDFix\SDFix\backups\backupreg.zip
C:\SDFix\SDFix\backups\backups.zip
C:\SDFix\SDFix\backups\catchme.log
C:\SDFix\SDFix\backups\HOSTS
C:\SDFix\SDFix\catchme.exe
C:\SDFix\SDFix\dummy.sys
C:\SDFix\SDFix\Report.txt
C:\SDFix\SDFix\RunThis.bat
C:\SDFix\SDFix\SDFIX_ReadMe_Online.url
C:\WINDOWS\didduid.ini
C:\WINDOWS\FLEOK
C:\WINDOWS\Help\SBSI\golcvsm.bak1
C:\WINDOWS\Help\SBSI\golcvsm.bak2
C:\WINDOWS\Help\SBSI\golcvsm.ini2
C:\WINDOWS\system32\dumphive.exe
C:\WINDOWS\system32\IEDFix.exe
C:\WINDOWS\system32\jgjuharo.exe
C:\WINDOWS\system32\LA558.tmp
C:\WINDOWS\system32\LB4BA.tmp
C:\WINDOWS\system32\LB71B.tmp
C:\WINDOWS\system32\LBBDE.tmp
C:\WINDOWS\system32\Process.exe
C:\WINDOWS\system32\SrchSTS.exe
C:\WINDOWS\system32\VACFix.exe
C:\WINDOWS\system32\VCCLSID.exe
C:\WINDOWS\system32\wmsdkns.exe
C:\WINDOWS\system32\WS2Fix.exe
.
((((((((((((((((((((((((( Files Created from 2008-03-07 to 2008-04-07 )))))))))))))))))))))))))))))))
.
2008-04-06 23:13 . 2008-04-06 23:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-04-06 23:12 . 2008-04-06 23:12 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-04-06 23:12 . 2008-04-06 23:12 <DIR> d-------- C:\Documents and Settings\Sean\Application Data\SUPERAntiSpyware.com
2008-04-06 23:10 . 2008-04-06 23:10 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-06 21:25 . 2008-04-07 02:52 4,812 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-06 18:14 . 2008-04-06 18:14 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Grisoft
2008-04-06 17:43 . 2008-04-06 17:43 <DIR> d-------- C:\WINDOWS\ERUNT
2008-04-06 17:22 . 2004-08-10 16:23 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-04-06 17:22 . 2004-08-10 17:43 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\You've Got Pictures Screensaver
2008-04-06 17:22 . 2004-08-10 18:27 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\toshiba
2008-04-06 17:22 . 2004-08-10 18:38 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2008-04-06 17:22 . 2004-08-16 16:39 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\InterVideo
2008-04-06 17:22 . 2004-08-10 18:34 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\InterTrust
2008-04-06 17:22 . 2004-08-10 17:56 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\AOL
2008-04-06 17:01 . 2008-04-06 17:01 <DIR> d-------- C:\Documents and Settings\Sean\Application Data\Grisoft
2008-04-06 17:01 . 2008-04-06 17:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-04-06 17:01 . 2007-05-30 08:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-04-06 16:53 . 2008-04-06 16:53 <DIR> d-------- C:\Program Files\CCleaner
2008-04-06 16:07 . 2008-04-06 23:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\dstanehc
2008-04-06 16:06 . 2008-04-06 17:55 <DIR> d-------- C:\WINDOWS\uprjiefj
2008-03-22 16:12 . 2008-03-22 16:12 <DIR> d-------- C:\Program Files\Common Files\Deterministic Networks
2008-03-22 16:12 . 2004-08-04 04:54 269,387 --a------ C:\WINDOWS\system32\drivers\CVPNDRVA.sys
2008-03-22 16:12 . 2004-08-04 04:50 135,168 --a------ C:\WINDOWS\system32\vpnapi.dll
2008-03-13 14:48 . 2008-03-14 16:21 <DIR> d-------- C:\Documents and Settings\Sean\Application Data\Move Networks
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-07 20:20 --------- d-----w C:\Documents and Settings\Sean\Application Data\StumbleUpon
2008-04-07 06:33 --------- d-----w C:\Documents and Settings\Sean\Application Data\U3
2008-04-07 01:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-06 21:16 --------- d-----w C:\Program Files\Trend Micro
2008-04-05 22:25 --------- d-----w C:\Documents and Settings\Sean\Application Data\uTorrent
2008-04-04 15:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Examsoft
2008-04-03 18:07 --------- d-----w C:\Program Files\SpeedFan
2008-04-02 21:58 --------- d-----w C:\Program Files\TVAnts
2008-03-22 20:12 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-25 01:24 --------- d-----w C:\Program Files\TVUPlayer
2008-02-25 01:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\TVU networks
2008-02-22 18:25 --------- d-----w C:\Program Files\StumbleUpon
2008-02-19 19:45 --------- d-----w C:\Program Files\DOSBox-0.72
2008-02-19 09:39 --------- d-----w C:\Program Files\utorrent
2008-02-14 02:11 --------- d-----w C:\Program Files\MSECache
2008-02-10 19:26 --------- d-----w C:\Program Files\Napster
2008-02-10 19:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Napster
2008-02-10 19:25 --------- d-----w C:\Program Files\ESPN
2008-02-07 20:19 --------- d-----w C:\Documents and Settings\Sean\Application Data\ArcSoft
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\Documents and Settings\Administrator\WINDOWS ----
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2003-09-05 06:24 65536]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:00 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24 1694208]
"Tracks Eraser Pro"="C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe" [2004-07-12 16:57 1265152]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-27 13:04 68856]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" [2004-06-14 08:00 638976]
"CeEPOWER"="C:\Program Files\TOSHIBA\Power Management\CePMTray.exe" [2004-08-19 21:14 135168]
"TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [2004-03-14 23:17 53248]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-07-20 04:04 122939]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-04-22 00:10 335872]
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2003-09-26 18:43 184320]
"AGRSMMSG"="AGRSMMSG.exe" [2004-02-20 18:00 88363 C:\WINDOWS\agrsmmsg.exe]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2003-10-30 19:46 192512]
"EzButton"="C:\Program Files\EzButton\EzButton.EXE" [2004-05-14 13:29 712704]
"PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" [2004-02-03 17:47 1089589]
"NDSTray.exe"="NDSTray.exe" []
"Pinger"="c:\toshiba\ivp\ism\pinger.exe" [2003-10-20 12:39 159744]
"Notebook Maximizer"="C:\Program Files\Notebook Maximizer\maximizer_startup.exe" [2004-05-25 17:35 28672]
"CFSServ.exe"="CFSServ.exe" []
"IVPServiceMgr"="C:\toshiba\ivp\ism\ivpsvmgr.exe" [2003-10-20 12:37 475136]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-10-18 14:58 278528]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 12:38 241664]
"DXDllRegExe"="dxdllreg.exe" []
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-17 03:11 49152]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2006-11-06 04:27 200704]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-12-22 23:13 282624]
"POEngine"="" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 06:43 83608]
"lxczbmgr.exe"="C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" [2007-02-08 18:52 74672]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2007-02-08 18:56 295856]
"MaxtorOneTouch"="C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe" [2006-03-27 15:04 712704]
"OfficeScanNT Monitor"="C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" [2007-10-02 11:34 356429]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 05:25 6731312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-27 13:04 68856]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Cisco Systems VPN Client.lnk - C:\Program Files\Cisco Systems\VPN Client\vpngui.exe [2008-03-22 16:12:35 1445904]
Clean Access Agent.lnk - C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe [2007-02-23 17:27:12 1581138]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-08-27 15:08:01 124912]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2003-09-16 09:19:24 237568]
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2004-08-10 17:15:20 155648]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.LEAD"= LCODCCMP.DLL
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"C:\\Program Files\\America Online 9.0\\waol.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\WINDOWS\\system32\\mshta.exe"=
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"C:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"C:\\Program Files\\utorrent\\utorrent.exe"=
"C:\\Documents and Settings\\Sean\\Application Data\\Juniper Networks\\Juniper Terminal Services Client\\dsTermServ.exe"=
"C:\\Program Files\\SopCast\\SopCast.exe"=
"C:\\Documents and Settings\\Sean\\Application Data\\SopCast\\adv\\SopAdver.exe"=
"C:\\WINDOWS\\system32\\lxczcoms.exe"=
"C:\\Program Files\\TVAnts\\Tvants.exe"=
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"C:\\Program Files\\ExamSoft\\SofTest\\SoftLnch.exe"= C:\\Program Files\\ExamSoft\\SoftLnch.exe
"C:\\Program Files\\ExamSoft\\SofTest\\softest.exe"= C:\\Program Files\\ExamSoft\\SofTest.exe
"C:\\Program Files\\Google\\Google Updater\\GoogleUpdater.exe"=
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
R2 lxcz_device;lxcz_device;C:\WINDOWS\system32\lxczcoms.exe [2007-02-08 18:50]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 17:38]
.
Contents of the 'Scheduled Tasks' folder
"2008-04-07 19:38:14 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-04-07 16:28:28
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ACS.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe
c:\Toshiba\Ivp\Swupdate\swupdtmr.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\WINDOWS\TEMP\ZLB2B2.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntupd.exe
C:\WINDOWS\system32\msiexec.exe
.
**************************************************************************
.
Completion time: 2008-04-07 16:41:07 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-07 20:40:55
ComboFix2.txt 2008-04-07 13:48:59
Pre-Run: 5,324,709,888 bytes free
Post-Run: 5,316,509,696 bytes free
.
2008-04-07 01:03:06 --- E O F ---
________________________________________________________________________________
_____________________________________
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:45, on 2008-04-07
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ACS.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\lxczcoms.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe
C:\WINDOWS\system32\svchost.exe
c:\Toshiba\Ivp\Swupdate\swupdtmr.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\EzButton\EzButton.EXE
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\toshiba\ivp\ism\pinger.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\toshiba\ivp\ism\ivpsvmgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\TEMP\ZLB2B2.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntupd.exe
C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\RAMASST.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [CeEPOWER] C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [EzButton] C:\Program Files\EzButton\EzButton.EXE
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [Notebook Maximizer] C:\Program Files\Notebook Maximizer\maximizer_startup.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [IVPServiceMgr] C:\toshiba\ivp\ism\ivpsvmgr.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [lxczbmgr.exe] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Tracks Eraser Pro] C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.lsac.org
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) -
https://h17000.www1....loadManager.ocx
O16 - DPF: {B2FCED61-570E-11D3-B160-00A0C9E70E84} (OmniForm Form Control) -
https://www4.lsac.or...iveX/ofmctl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{064ECCA8-6D85-4C59-A88A-795123A969A4}: Domain = sc.edu
O17 - HKLM\System\CCS\Services\Tcpip\..\{064ECCA8-6D85-4C59-A88A-795123A969A4}: NameServer = 129.252.2.118,129.252.41.11
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = sc.edu,sc.edu,sc.edu,sc.edu,sc.edu,sc.edu,sc.edu,sc.edu
O17 - HKLM\System\CS1\Services\Tcpip\..\{064ECCA8-6D85-4C59-A88A-795123A969A4}: Domain = sc.edu
O17 - HKLM\System\CS1\Services\Tcpip\..\{064ECCA8-6D85-4C59-A88A-795123A969A4}: NameServer = 129.252.2.118,129.252.41.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = sc.edu,sc.edu,sc.edu,sc.edu,sc.edu,sc.edu,sc.edu,sc.edu
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\ACS.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\Program Files\Acesoft\Tracks Eraser Pro\autocomp.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: CeEPwrSvc - COMPAL ELECTRONIC INC. - C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcz_device - - C:\WINDOWS\system32\lxczcoms.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: MaxSyncService (NTService1) - - C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\Ivp\Swupdate\swupdtmr.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 13067 bytes
Edited by soto2, 07 April 2008 - 03:38 PM.