[Vundo] Vundo Removal in Security Cleanup

[Vundo] Vundo Removal in Security Cleanup http://www.dslreports.com/forum/r21158438 en Tue, 15 Dec 2009 04:00:08 EDT Tue, 15 Dec 2009 04:00:08 EDT Re: [Vundo] Vundo Removal http://www.dslreports.com/forum/remark,21200152 LoPhatPhuud : That looks good. The only remaining step is cleanup and temporary files and folders. Of course, if there are issue outstanding that are not reflected in the most recent log(s), please let me know.

First:
Click Start, then click Run.
Enter into the command box that opens: combofix /u and then click [b]OK.

Second:
Please download ATF Cleaner by Atribune.Double-click ATF-Cleaner.exe to run the program.

Under Main choose: Select All
Click the Empty Selected button.
[u]If you use Firefox browser[/u]Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
[u]If you use Opera browser[/u]Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

--
When angry count four; when very angry, swear.

Microsoft MVP/Consumer Security 2005-2008

Gladiator Security Forum]]> http://www.dslreports.com/forum/remark,21200152 Wed, 01 Oct 2008 18:25:55 EDT Re: [Vundo] Vundo Removal http://www.dslreports.com/forum/remark,21194850 anon : here be the log, yyyaarrr
Thank you for your time and direction!

ComboFix 08-09-25.03 - HP_Owner 2008-09-29 22:13:04.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.604 [GMT -4:00]
Running from: C:\Documents and Settings\HP_Owner\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\HP_Owner\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\WINDOWS\system32\drivers\cmsslzfv.dat
C:\WINDOWS\system32\drmsto.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\drivers\cmsslzfv.dat
C:\WINDOWS\system32\drmsto.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ILJNVYLF
-------\Service_iljnvylf

((((((((((((((((((((((((( Files Created from 2008-09-01 to 2008-10-01 )))))))))))))))))))))))))))))))
.

2008-09-25 20:06 . 2008-09-25 20:06 d-------- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-25 20:05 . 2008-09-25 20:05 d-------- C:\Program Files\Bonjour
2008-09-25 17:02 . 2008-09-25 17:02 d-------- C:\Program Files\Trend Micro
2008-09-25 16:17 . 2008-09-25 16:17 d-------- C:\Documents and Settings\HP_Owner\Application Data\Malwarebytes
2008-09-25 16:17 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-25 16:17 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-25 16:12 . 2008-09-25 16:17 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-25 16:12 . 2008-09-25 16:12 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-23 22:40 . 2008-09-23 22:43 d-------- C:\HJT
2008-09-23 22:06 . 2008-09-23 22:28 d-------- C:\VundoFix Backups
2008-09-15 16:49 . 2008-09-25 16:21 d-------- C:\WINDOWS\system32\CatRoot_bak
2008-09-06 15:09 . 2008-09-06 15:09 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-09-06 15:09 . 2008-09-06 15:09 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-29 21:36 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-09-26 00:06 --------- d-----w C:\Program Files\iTunes
2008-09-26 00:06 --------- d-----w C:\Program Files\iPod
2008-09-26 00:04 --------- d-----w C:\Program Files\QuickTime
2008-09-26 00:02 --------- d-----w C:\Program Files\Apple Software Update
2008-09-10 20:45 32,000 ----a-w C:\WINDOWS\system32\drivers\usbaapl.sys
2008-08-16 18:33 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-03-10 20:18 232,116 --sh--w C:\WINDOWS\repair\sismco.bak1
2008-03-12 07:04 243,366 --sh--w C:\WINDOWS\repair\sismco.bak2
2008-03-12 10:10 230,818 --sh--w C:\WINDOWS\repair\sismco.ini2
.

((((((((((((((((((((((((((((( snapshot@2008-09-25_16.52.24.06 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-21 00:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2008-09-26 00:07:14 102,400 ----a-r C:\WINDOWS\Installer\{41B9E2CF-0B3F-442A-B5B3-592A4A355634}\iTunesIco.exe
+ 2008-09-26 00:02:35 27,136 ----a-r C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
+ 2008-09-26 00:05:20 86,016 ----a-r C:\WINDOWS\Installer\{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}\PrntWzrdIco.exe
+ 2008-08-29 14:18:58 87,336 ----a-w C:\WINDOWS\system32\dns-sd.exe
+ 2008-08-29 13:53:50 61,440 ----a-w C:\WINDOWS\system32\dnssd.dll
- 2006-09-19 18:44:04 15,664 ----a-w C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
+ 2008-04-17 17:12:54 15,464 ----a-w C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
+ 2008-04-17 17:12:54 107,368 -c--a-w C:\WINDOWS\system32\DRVSTORE\GEARAspiWD_D213663B6381F01E45A131159A9DEFE018321CB3\x86\GEARAspi.dll
+ 2008-04-17 17:12:54 15,464 -c--a-w C:\WINDOWS\system32\DRVSTORE\GEARAspiWD_D213663B6381F01E45A131159A9DEFE018321CB3\x86\GEARAspiWDM.sys
+ 2008-09-10 20:45:18 32,000 -c--a-w C:\WINDOWS\system32\DRVSTORE\usbaapl_97B931EF204A3188AFFD15A9A5337268E8B6F312\usbaapl.sys
- 2006-10-03 23:47:52 109,360 ----a-w C:\WINDOWS\system32\GEARAspi.dll
+ 2008-04-17 17:12:54 107,368 ----a-w C:\WINDOWS\system32\GEARAspi.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [2007-10-04 50528]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2004-10-21 32881]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-08-21 118784]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-07 659456]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 61440]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2004-10-21 180269]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2005-03-23 58992]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2002-10-16 81920]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-15 253952]
"USB Storage Toolbox"="C:\Program Files\USBToolbox\Res.EXE" [2002-01-15 118784]
"Lexmark X74-X75"="C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe" [2002-10-14 57344]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2005-11-18 100056]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"Dell AIO Printer A920"="C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe" [2003-06-02 270336]
"mxomssmenu"="C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" [2007-07-13 169264]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 C:\WINDOWS\ALCXMNTR.EXE]
"AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 C:\WINDOWS\AGRSMMSG.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-04-06 C:\WINDOWS\SOUNDMAN.EXE]
"AlcWzrd"="ALCWZRD.EXE" [2005-04-06 C:\WINDOWS\ALCWZRD.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2004-08-04 C:\WINDOWS\system32\narrator.exe]

C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\
VZAccess Manager.lnk - C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe [2008-03-07 1733936]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-10-06 113664]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-29 241664]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 65588]
SpySubtract.lnk - C:\Program Files\interMute\SpySubtract\SpySub.exe [2005-11-18 1187840]
Updates from HP.lnk - C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe [2004-10-21 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"C:\\Program Files\\interMute\\SpySubtract\\SpySub.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R2 Maxtor Sync Service;Maxtor Service;C:\Program Files\Maxtor\Sync\SyncServices.exe [2007-07-13 156976]
R2 Viewpoint Manager Service;Viewpoint Manager Service;C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{638618a6-8510-11d9-8530-806d6172696f}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a550bec5-bd77-11dc-9cf8-0011d82263ce}]
\Shell\AutoRun\command - .\Encryption Tool\MaxtorEncryption.exe
.
Contents of the 'Scheduled Tasks' folder
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, »www.gmer.net
Rootkit scan 2008-09-30 20:04:29
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Symantec Shared\CCPROXY.EXE
C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
C:\Program Files\Norton AntiVirus\NAVAPSVC.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\symwsc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\ComboFix\pv.cfexe
.
**************************************************************************
.
Completion time: 2008-09-30 20:12:27 - machine was rebooted
ComboFix-quarantined-files.txt 2008-10-01 00:12:22
ComboFix2.txt 2008-09-25 20:52:59

Pre-Run: 40,040,091,648 bytes free
Post-Run: 39,957,225,472 bytes free

178 --- E O F --- 2008-09-25 20:09:47]]> http://www.dslreports.com/forum/remark,21194850 Tue, 30 Sep 2008 20:14:40 EDT Re: [Vundo] Vundo Removal http://www.dslreports.com/forum/remark,21182451 LoPhatPhuud : 1. Close any open browsers.

2. Open notepad and copy/paste the text in the quotebox below into it:

quote:
KillAll::

File::
C:\WINDOWS\system32\drmsto.dll
C:\WINDOWS\system32\drivers\cmsslzfv.dat

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{338F763F-46ED-4BAC-B6DD-6DAD90D7ED60}]
Driver::
iljnvylf

Save this as CFScript.txt, in the same location as ComboFix.exe

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at "C:\ComboFix.txt"

[color=blue]Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall[/color]
--
When angry count four; when very angry, swear.

Microsoft MVP/Consumer Security 2005-2008

Gladiator Security Forum]]> http://www.dslreports.com/forum/remark,21182451 Sun, 28 Sep 2008 16:09:50 EDT Re: [Vundo] Vundo Removal http://www.dslreports.com/forum/remark,21168478 anon : Thanks a truckload!

Here's the C:\ComboFix.txt

ComboFix 08-09-25.03 - HP_Owner 2008-09-25 16:40:51.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.591 [GMT -4:00]
Running from: C:\Documents and Settings\HP_Owner\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\ahibhguw.ini
C:\WINDOWS\system32\aytllhlc.ini
C:\WINDOWS\system32\cyhajndr.ini
C:\WINDOWS\system32\djwgqtos.ini
C:\WINDOWS\system32\doayogwh.ini
C:\WINDOWS\system32\drmsto.1
C:\WINDOWS\system32\feyxbfqg.ini
C:\WINDOWS\system32\fflomesv.ini
C:\WINDOWS\system32\fvemsgxj.ini
C:\WINDOWS\system32\iaenjcan.dll
C:\WINDOWS\system32\ivnxnuev.ini
C:\WINDOWS\system32\kooahsmd.ini
C:\WINDOWS\system32\lhpwrags.ini
C:\WINDOWS\system32\lpwejaic.ini
C:\WINDOWS\system32\lsvvhdqk.ini
C:\WINDOWS\system32\lubcrayv.ini
C:\WINDOWS\system32\pgnaveoy.ini
C:\WINDOWS\system32\qafebvds.ini
C:\WINDOWS\system32\qqtfoajx.ini
C:\WINDOWS\system32\rcuwjafa.ini
C:\WINDOWS\system32\savpfbis.ini
C:\WINDOWS\system32\sylyopya.ini
C:\WINDOWS\system32\tepglgqv.ini
C:\WINDOWS\system32\tnmuodwe.ini
C:\WINDOWS\system32\txxiyjbt.ini
C:\WINDOWS\system32\ucoyaodb.ini
C:\WINDOWS\system32\ueubepbd.ini
C:\WINDOWS\system32\vgklgvid.ini
C:\WINDOWS\system32\vmgmcgbp.ini
C:\WINDOWS\system32\vuwrbhfj.ini
C:\WINDOWS\system32\yjmlfdml.ini
C:\WINDOWS\system32\ykhxoabb.ini
C:\WINDOWS\system32\yvnmojjx.ini
H:\Autorun.inf
C:\WINDOWS\system32\drmsto.dll . . . . failed to delete

.
((((((((((((((((((((((((( Files Created from 2008-08-25 to 2008-09-25 )))))))))))))))))))))))))))))))
.

2008-09-25 16:17 . 2008-09-25 16:17 d-------- C:\Documents and Settings\HP_Owner\Application Data\Malwarebytes
2008-09-25 16:17 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-25 16:17 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-25 16:12 . 2008-09-25 16:17 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-25 16:12 . 2008-09-25 16:12 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-23 22:40 . 2008-09-23 22:43 d-------- C:\HJT
2008-09-23 22:06 . 2008-09-23 22:28 d-------- C:\VundoFix Backups
2008-09-15 16:49 . 2008-09-25 16:21 d-------- C:\WINDOWS\system32\CatRoot_bak

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-25 20:43 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-08-16 18:33 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-07-28 18:53 --------- d-----w C:\Documents and Settings\HP_Owner\Application Data\AdobeUM
2008-03-10 20:18 232,116 --sh--w C:\WINDOWS\repair\sismco.bak1
2008-03-12 07:04 243,366 --sh--w C:\WINDOWS\repair\sismco.bak2
2008-03-12 10:10 230,818 --sh--w C:\WINDOWS\repair\sismco.ini2
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{338F763F-46ED-4BAC-B6DD-6DAD90D7ED60}]
2008-07-18 00:27 101632 --a------ C:\WINDOWS\system32\drmsto.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [2007-10-04 50528]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2004-10-21 32881]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-08-21 118784]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-07 659456]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 61440]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2004-10-21 180269]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2005-03-23 58992]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2002-10-16 81920]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-15 253952]
"USB Storage Toolbox"="C:\Program Files\USBToolbox\Res.EXE" [2002-01-15 118784]
"Lexmark X74-X75"="C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe" [2002-10-14 57344]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2005-11-18 100056]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"Dell AIO Printer A920"="C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe" [2003-06-02 270336]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 267048]
"mxomssmenu"="C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" [2007-07-13 169264]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 C:\WINDOWS\ALCXMNTR.EXE]
"AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 C:\WINDOWS\AGRSMMSG.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-04-06 C:\WINDOWS\SOUNDMAN.EXE]
"AlcWzrd"="ALCWZRD.EXE" [2005-04-06 C:\WINDOWS\ALCWZRD.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2004-08-04 C:\WINDOWS\system32\narrator.exe]

C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\
VZAccess Manager.lnk - C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe [2008-03-07 1733936]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-10-06 113664]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-29 241664]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 65588]
SpySubtract.lnk - C:\Program Files\interMute\SpySubtract\SpySub.exe [2005-11-18 1187840]
Updates from HP.lnk - C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe [2004-10-21 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"C:\\Program Files\\interMute\\SpySubtract\\SpySub.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R0 iljnvylf;iljnvylf;C:\WINDOWS\system32\drivers\cmsslzfv.dat [ ]
R2 Maxtor Sync Service;Maxtor Service;C:\Program Files\Maxtor\Sync\SyncServices.exe [2007-07-13 156976]
R2 Viewpoint Manager Service;Viewpoint Manager Service;C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{638618a6-8510-11d9-8530-806d6172696f}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a550bec5-bd77-11dc-9cf8-0011d82263ce}]
\Shell\AutoRun\command - .\Encryption Tool\MaxtorEncryption.exe
.
Contents of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -

BHO-{A9ACDAF2-6345-41EF-8E67-18D09AB619F8} - C:\WINDOWS\repair\ocmsis.dll
HKLM-Run-VTTimer - VTTimer.exe
ShellExecuteHooks-{FA010552-4A27-4cb1-A1BB-3E2D697F1639} - (no file)
Notify-ocmsis - C:\WINDOWS\repair\ocmsis.dll

.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\k6tj05v1.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.com
FF -: plugin - C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\k6tj05v1.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp07076007.dll
FF -: plugin - C:\Program Files\Adobe\Acrobat 6.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - C:\Program Files\Java\j2re1.4.2_03\bin\NPJava11.dll
FF -: plugin - C:\Program Files\Java\j2re1.4.2_03\bin\NPJava12.dll
FF -: plugin - C:\Program Files\Java\j2re1.4.2_03\bin\NPJava13.dll
FF -: plugin - C:\Program Files\Java\j2re1.4.2_03\bin\NPJava14.dll
FF -: plugin - C:\Program Files\Java\j2re1.4.2_03\bin\NPJava32.dll
FF -: plugin - C:\Program Files\Java\j2re1.4.2_03\bin\NPJPI142_03.dll
FF -: plugin - C:\Program Files\Java\j2re1.4.2_03\bin\NPOJI610.dll
FF -: plugin - c:\Program Files\Microsoft Silverlight\2.0.30523.8\npctrl.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPAdbESD.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPJinit13122.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npunagi2.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPUploader.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
FF -: plugin - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
FF -: plugin - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, »www.gmer.net
Rootkit scan 2008-09-25 16:46:32
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iljnvylf]
"ImagePath"="system32\drivers\cmsslzfv.dat"
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Symantec Shared\CCPROXY.EXE
C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
C:\Program Files\Norton AntiVirus\NAVAPSVC.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\symwsc.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
.
**************************************************************************
.
Completion time: 2008-09-25 16:52:57 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-25 20:52:51

Pre-Run: 39,411,294,208 bytes free
Post-Run: 39,518,363,648 bytes free

212 --- E O F --- 2008-09-25 20:09:47

Here is the HijackThis log after following, to the letter, your great instructions:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:02:52 PM, on 9/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\USBToolbox\Res.EXE
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = »go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = »go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = »ie.redirect.hp.com/svs/rdr?TYPE=···=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = »go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = »ie.redirect.hp.com/svs/rdr?TYPE=···=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {338F763F-46ED-4BAC-B6DD-6DAD90D7ED60} - C:\WINDOWS\system32\drmsto.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USBToolbox\Res.EXE
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: VZAccess Manager.lnk = C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00C7C2A0-8B82-11D1-8B57-00A0C98CD92B} (ActiveReports Viewer) - »www.ncbrightideas.com/arviewer.cab
O16 - DPF: {0D623637-DBA2-11D1-B5DF-0060976089D0} (True DBGrid 7 Control) - »www.ncbrightideas.com/tdbg7.cab
O16 - DPF: {0D6236AB-DBA2-11D1-B5DF-0060976089D0} (ComponentOne XArrayDB Object) - »www.ncbrightideas.com/xadb7.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - »web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} (JInitiator 1.3.1.22) - »https://accessncwise.wcpss.net/forms/jin···init.exe
O16 - DPF: {CE74A05D-ED12-473A-97F8-85FB0E2F479F} (dlControl.UserControl1) - »web1.nugs.net/dev/dlControl.CAB
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - »https://domino5.wcpss.net/dwa7W.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} - »cdn.digitalcity.com/_media/dalai···ampx.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - c:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe

--
End of file - 11251 bytes]]> http://www.dslreports.com/forum/remark,21168478 Thu, 25 Sep 2008 17:05:53 EDT Re: [Vundo] Vundo Removal http://www.dslreports.com/forum/remark,21161961 LoPhatPhuud : First:
Please download Malwarebytes Anti-Malware and save it to your desktop.

Make sure you are connected to the Internet.
Double-click on Download_mbam-setup.exe to install the application. (If using Windows Vista, be sure to "Run As Administrator")
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
- Update Malwarebytes' Anti-Malware
- Launch Malwarebytes' Anti-Malware
Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
- Make sure the "Perform Quick Acan" option is selected.
- Then click on the Scan button.
The next screen will ask you to select the drives to scan. Leave all the drives selected and click on the Start Scan button.
The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
Make sure that everything is checked, and click Remove Selected.
When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply and exit MBAM.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Second:
Download to your Desktop FixPolicies.exe, a self-extracting ZIP archive from here:
view plainprint?
http://downloads.malwareremoval.com/BillCastner/FixPolicies.exe
• Double-click FixPolicies.exe
• Click the "Install" button on the bottom toolbar of the box that will open.
• The program will create a new Folder called FixPolicies,
• Double-click to Open the new Folder, and then double-click the file within: Fix_Policies.cmd.
• A black box will briefly appear and then close.

Third:
Download Combofix from any of the links below, and save it to your desktop. For information regarding this download, please visit this webpage: »www.bleepingcomputer.com/combofi···combofix

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

--------------------------------------------------------------------

Double click on combofix.exe & follow the prompts.

"C:\ComboFix.txt"

new HijackThis log

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall

--
When angry count four; when very angry, swear.

Microsoft MVP/Consumer Security 2005-2008

Gladiator Security Forum]]> http://www.dslreports.com/forum/remark,21161961 Wed, 24 Sep 2008 15:27:01 EDT [Vundo] Vundo Removal http://www.dslreports.com/forum/remark,21158438 anon : Thanks for helping. I'm a complete newb and I am hoping to learn things from you all to help clean up my computer!

VundoFix V5.1.7

Checking Java version...

Java version is 1.4.2.3

Scan started at 1:01:28 PM 8/12/2006

Listing files found while scanning....

No infected files were found.

VundoFix V5.1.7

Checking Java version...

Java version is 1.4.2.3

Scan started at 7:44:53 PM 8/12/2006

Listing files found while scanning....

No infected files were found.

Beginning removal...

VundoFix V7.0.6

Scan started at 10:06:49 PM 9/23/2008

Listing files found while scanning....

C:\Documents and settings\HP_Owner\Application Data\SearchToolbarCorp\Toolbar Vision\PageHistory.txt
C:\Documents and settings\HP_Owner\Application Data\SearchToolbarCorp\Toolbar Vision\WebHistory.txt
C:\Windows\system32\ahlmufxl.dll
C:\Windows\system32\argvcmta.exe
C:\Windows\system32\bfveiddy.dll
C:\Windows\system32\bllrcemf.exe
C:\Windows\system32\bmkvqkix.exe
C:\windows\system32\bngwxdwl.exe
C:\Windows\system32\bowcndwk.exe
C:\Windows\system32\bvkevmao.dll
C:\Windows\system32\cbenkfwk.exe
C:\Windows\system32\cmsxwbrm.dll
C:\Windows\system32\crrgcoxc.dll
C:\Windows\system32\cuwladgu.dll
C:\windows\system32\cxraqjiv.exe
C:\Windows\system32\drdbkwrl.dll
C:\Windows\system32\dvwrwlkw.dll
C:\Windows\system32\dwkaqpke.dll
C:\Windows\system32\dxvtctvb.dll
C:\Windows\system32\eorynbbe.dll
C:\windows\system32\esofhduf.exe
C:\Windows\system32\fgitxqol.dll
C:\Windows\system32\fgtjkqyn.dll
C:\Windows\system32\fjnonsam.dll
C:\Windows\system32\fkeeobye.dll
C:\Windows\system32\fkkvajnv.dll
C:\Windows\system32\fmysfgre.dll
C:\Windows\system32\fnrdwdop.exe
C:\windows\system32\fqcngmkv.dll
C:\windows\system32\fqmydwlw.exe
C:\Windows\system32\ftlpgjch.dll
C:\Windows\system32\gayjhwec.exe
C:\Windows\system32\gquiuyrm.dll
C:\Windows\system32\gtwmlsaq.dll
C:\Windows\system32\hdvrtjvm.dll
C:\Windows\system32\hfuifism.exe
C:\Windows\system32\hgtocvjh.dll
C:\windows\system32\hhruywxe.exe
C:\Windows\system32\hjvcotgh.ini
C:\Windows\system32\hnscwlny.exe
C:\Windows\system32\hrirthfi.dll
C:\windows\system32\hwtkdqaf.exe
C:\Windows\system32\igngurcn.exe
C:\Windows\system32\ipxxsfsy.dll
C:\Windows\system32\isanwwhe.exe
C:\Windows\system32\jaxxikuw.dll
C:\Windows\system32\jdtparlx.dll
C:\windows\system32\jertmpel.exe
C:\windows\system32\jesxpvgn.exe
C:\Windows\system32\jhqsyoyt.dll
C:\windows\system32\jikwmmwl.exe
C:\Windows\system32\jovgbfed.dll
C:\windows\system32\jxtaykxq.exe
C:\Windows\system32\kgyrtdkg.dll
C:\Windows\system32\kjhvogjd.exe
C:\windows\system32\knulllcv.exe
C:\Windows\system32\kpusulkk.exe
C:\windows\system32\ksetclbd.exe
C:\Windows\system32\ktcievav.exe
C:\windows\system32\kudndjxe.exe
C:\windows\system32\kwpijugp.exe
C:\Windows\system32\lcntnbki.dll
C:\Windows\system32\ldppwxem.exe
C:\Windows\system32\lofcbmxd.exe
C:\windows\system32\lyseeljc.dll
C:\Windows\system32\mgxwihcr.dll
C:\Windows\system32\mlgnnygk.dll
C:\windows\system32\moplejme.exe
C:\Windows\system32\morngpto.exe
C:\Windows\system32\mqupasos.dll
C:\windows\system32\niqmlhdr.exe
C:\windows\system32\nudfcmba.exe
C:\Windows\system32\nvetdsad.exe
C:\Windows\system32\nxpovmri.exe
C:\Windows\system32\obilribv.dll
C:\windows\system32\ogogwmog.exe
C:\windows\system32\ohxqxqwk.exe
C:\windows\system32\olbihvnp.exe
C:\Windows\system32\oqicohqy.exe
C:\Windows\system32\pbgrrixo.dll
C:\Windows\system32\pdncvmek.exe
C:\Windows\system32\pehntmok.exe
C:\Windows\system32\pexbdpcn.dll
C:\Windows\system32\pgiqdovd.exe
C:\Windows\system32\pjtlxsnw.dll
C:\Windows\system32\pjtlyjol.exe
C:\Windows\system32\poasaedt.dll
C:\Windows\system32\pufxufbw.exe
C:\Windows\system32\pwrxwuae.dll
C:\Windows\system32\qdindaws.ini
C:\Windows\system32\qfbkgmhj.exe
C:\Windows\system32\qnigoetb.dll
C:\windows\system32\qslvukib.exe
C:\windows\system32\ravjxemy.exe
C:\Windows\system32\rcotnehn.exe
C:\Windows\system32\rdkmpudi.dll
C:\windows\system32\rkjldqvh.exe
C:\windows\system32\roltfvaw.exe
C:\windows\system32\rpbexshu.exe
C:\Windows\system32\rvlcalgo.dll
C:\windows\system32\rxfcvxja.exe
C:\Windows\system32\scsiauua.dll
C:\windows\system32\seqymkmx.exe
C:\Windows\system32\skibqsba.dll
C:\windows\system32\skppwdwp.exe
C:\windows\system32\ssqpp.dll
C:\Windows\system32\swadnidq.dll
C:\Windows\system32\tbpfslnx.dll
C:\Windows\system32\tgldyglh.exe
C:\Windows\system32\thkqovme.dll
C:\Windows\system32\tpojpgsl.dll
C:\windows\system32\trdebihg.exe
C:\windows\system32\trspcijf.exe
C:\Windows\system32\tskkhwnf.dll
C:\Windows\system32\tyknhjvh.dll
C:\Windows\system32\udtpuibv.exe
C:\Windows\system32\upyswunt.exe
C:\Windows\system32\uyfcapup.dll
C:\Windows\system32\veunxnvi.dll
C:\windows\system32\vhdslwmi.exe
C:\windows\system32\vidmqxbo.exe
C:\windows\system32\vpacgooo.exe
C:\windows\system32\vqswsahg.dll
C:\Windows\system32\vsiaflew.exe
C:\Windows\system32\vugfttkm.dll
C:\Windows\system32\vxkynvtx.exe
C:\Windows\system32\wfvsibyj.exe
C:\windows\system32\wimbfess.exe
C:\Windows\system32\wjkoiucj.exe
C:\Windows\system32\wkejvfxv.exe
C:\Windows\system32\wltwaxbt.dll
C:\Windows\system32\woiokpvs.dll
C:\Windows\system32\wqgikmxm.exe
C:\Windows\system32\wthneupr.dll
C:\Windows\system32\wukixxaj.ini
C:\windows\system32\wvlacvhw.exe
C:\windows\system32\wyrxkmbi.exe
C:\windows\system32\xbeoolec.exe
C:\Windows\system32\xmhtabtk.dll
C:\Windows\system32\xnwaeptk.dll
C:\windows\system32\xunjinmi.exe
C:\windows\system32\xutljpio.exe
C:\Windows\system32\xwlfmjvw.dll
C:\Windows\system32\xyugypss.dll
C:\Windows\system32\ybqfvfnm.exe
C:\windows\system32\ymhbfkie.exe
C:\Windows\system32\ynqrgiwg.dll
C:\Windows\system32\ysotqqah.exe
C:\windows\system32\yvwpictu.exe
C:\Windows\system32\yxtkgbqe.exe

Beginning removal...

Attempting to delete C:\Documents and settings\HP_Owner\Application Data\SearchToolbarCorp\Toolbar Vision\PageHistory.txt
C:\Documents and settings\HP_Owner\Application Data\SearchToolbarCorp\Toolbar Vision\PageHistory.txt Has been deleted!

Attempting to delete C:\Documents and settings\HP_Owner\Application Data\SearchToolbarCorp\Toolbar Vision\WebHistory.txt
C:\Documents and settings\HP_Owner\Application Data\SearchToolbarCorp\Toolbar Vision\WebHistory.txt Has been deleted!

Attempting to delete C:\Windows\system32\ahlmufxl.dll
C:\Windows\system32\ahlmufxl.dll Has been deleted!

Attempting to delete C:\Windows\system32\argvcmta.exe
C:\Windows\system32\argvcmta.exe Has been deleted!

Attempting to delete C:\Windows\system32\bfveiddy.dll
C:\Windows\system32\bfveiddy.dll Has been deleted!

Attempting to delete C:\Windows\system32\bllrcemf.exe
C:\Windows\system32\bllrcemf.exe Has been deleted!

Attempting to delete C:\Windows\system32\bmkvqkix.exe
C:\Windows\system32\bmkvqkix.exe Has been deleted!

Attempting to delete C:\windows\system32\bngwxdwl.exe
C:\windows\system32\bngwxdwl.exe Has been deleted!

Attempting to delete C:\Windows\system32\bowcndwk.exe
C:\Windows\system32\bowcndwk.exe Has been deleted!

Attempting to delete C:\Windows\system32\bvkevmao.dll
C:\Windows\system32\bvkevmao.dll Has been deleted!

Attempting to delete C:\Windows\system32\cbenkfwk.exe
C:\Windows\system32\cbenkfwk.exe Has been deleted!

Attempting to delete C:\Windows\system32\cmsxwbrm.dll
C:\Windows\system32\cmsxwbrm.dll Has been deleted!

Attempting to delete C:\Windows\system32\crrgcoxc.dll
C:\Windows\system32\crrgcoxc.dll Has been deleted!

Attempting to delete C:\Windows\system32\cuwladgu.dll
C:\Windows\system32\cuwladgu.dll Has been deleted!

Attempting to delete C:\windows\system32\cxraqjiv.exe
C:\windows\system32\cxraqjiv.exe Has been deleted!

Attempting to delete C:\Windows\system32\drdbkwrl.dll
C:\Windows\system32\drdbkwrl.dll Has been deleted!

Attempting to delete C:\Windows\system32\dvwrwlkw.dll
C:\Windows\system32\dvwrwlkw.dll Has been deleted!

Attempting to delete C:\Windows\system32\dwkaqpke.dll
C:\Windows\system32\dwkaqpke.dll Has been deleted!

Attempting to delete C:\Windows\system32\dxvtctvb.dll
C:\Windows\system32\dxvtctvb.dll Has been deleted!

Attempting to delete C:\Windows\system32\eorynbbe.dll
C:\Windows\system32\eorynbbe.dll Has been deleted!

Attempting to delete C:\windows\system32\esofhduf.exe
C:\windows\system32\esofhduf.exe Has been deleted!

Attempting to delete C:\Windows\system32\fgitxqol.dll
C:\Windows\system32\fgitxqol.dll Has been deleted!

Attempting to delete C:\Windows\system32\fgtjkqyn.dll
C:\Windows\system32\fgtjkqyn.dll Has been deleted!

Attempting to delete C:\Windows\system32\fjnonsam.dll
C:\Windows\system32\fjnonsam.dll Has been deleted!

Attempting to delete C:\Windows\system32\fkeeobye.dll
C:\Windows\system32\fkeeobye.dll Has been deleted!

Attempting to delete C:\Windows\system32\fkkvajnv.dll
C:\Windows\system32\fkkvajnv.dll Has been deleted!

Attempting to delete C:\Windows\system32\fmysfgre.dll
C:\Windows\system32\fmysfgre.dll Has been deleted!

Attempting to delete C:\Windows\system32\fnrdwdop.exe
C:\Windows\system32\fnrdwdop.exe Has been deleted!

Attempting to delete C:\windows\system32\fqcngmkv.dll
C:\windows\system32\fqcngmkv.dll Has been deleted!

Attempting to delete C:\windows\system32\fqmydwlw.exe
C:\windows\system32\fqmydwlw.exe Has been deleted!

Attempting to delete C:\Windows\system32\ftlpgjch.dll
C:\Windows\system32\ftlpgjch.dll Has been deleted!

Attempting to delete C:\Windows\system32\gayjhwec.exe
C:\Windows\system32\gayjhwec.exe Has been deleted!

Attempting to delete C:\Windows\system32\gquiuyrm.dll
C:\Windows\system32\gquiuyrm.dll Has been deleted!

Attempting to delete C:\Windows\system32\gtwmlsaq.dll
C:\Windows\system32\gtwmlsaq.dll Has been deleted!

Attempting to delete C:\Windows\system32\hdvrtjvm.dll
C:\Windows\system32\hdvrtjvm.dll Has been deleted!

Attempting to delete C:\Windows\system32\hfuifism.exe
C:\Windows\system32\hfuifism.exe Has been deleted!

Attempting to delete C:\Windows\system32\hgtocvjh.dll
C:\Windows\system32\hgtocvjh.dll Has been deleted!

Attempting to delete C:\windows\system32\hhruywxe.exe
C:\windows\system32\hhruywxe.exe Has been deleted!

Attempting to delete C:\Windows\system32\hjvcotgh.ini
C:\Windows\system32\hjvcotgh.ini Has been deleted!

Attempting to delete C:\Windows\system32\hnscwlny.exe
C:\Windows\system32\hnscwlny.exe Has been deleted!

Attempting to delete C:\Windows\system32\hrirthfi.dll
C:\Windows\system32\hrirthfi.dll Has been deleted!

Attempting to delete C:\windows\system32\hwtkdqaf.exe
C:\windows\system32\hwtkdqaf.exe Has been deleted!

Attempting to delete C:\Windows\system32\igngurcn.exe
C:\Windows\system32\igngurcn.exe Has been deleted!

Attempting to delete C:\Windows\system32\ipxxsfsy.dll
C:\Windows\system32\ipxxsfsy.dll Has been deleted!

Attempting to delete C:\Windows\system32\isanwwhe.exe
C:\Windows\system32\isanwwhe.exe Has been deleted!

Attempting to delete C:\Windows\system32\jaxxikuw.dll
C:\Windows\system32\jaxxikuw.dll Has been deleted!

Attempting to delete C:\Windows\system32\jdtparlx.dll
C:\Windows\system32\jdtparlx.dll Has been deleted!

Attempting to delete C:\windows\system32\jertmpel.exe
C:\windows\system32\jertmpel.exe Has been deleted!

Attempting to delete C:\windows\system32\jesxpvgn.exe
C:\windows\system32\jesxpvgn.exe Has been deleted!

Attempting to delete C:\Windows\system32\jhqsyoyt.dll
C:\Windows\system32\jhqsyoyt.dll Has been deleted!

Attempting to delete C:\windows\system32\jikwmmwl.exe
C:\windows\system32\jikwmmwl.exe Has been deleted!

Attempting to delete C:\Windows\system32\jovgbfed.dll
C:\Windows\system32\jovgbfed.dll Has been deleted!

Attempting to delete C:\windows\system32\jxtaykxq.exe
C:\windows\system32\jxtaykxq.exe Has been deleted!

Attempting to delete C:\Windows\system32\kgyrtdkg.dll
C:\Windows\system32\kgyrtdkg.dll Has been deleted!

Attempting to delete C:\Windows\system32\kjhvogjd.exe
C:\Windows\system32\kjhvogjd.exe Has been deleted!

Attempting to delete C:\windows\system32\knulllcv.exe
C:\windows\system32\knulllcv.exe Has been deleted!

Attempting to delete C:\Windows\system32\kpusulkk.exe
C:\Windows\system32\kpusulkk.exe Has been deleted!

Attempting to delete C:\windows\system32\ksetclbd.exe
C:\windows\system32\ksetclbd.exe Has been deleted!

Attempting to delete C:\Windows\system32\ktcievav.exe
C:\Windows\system32\ktcievav.exe Has been deleted!

Attempting to delete C:\windows\system32\kudndjxe.exe
C:\windows\system32\kudndjxe.exe Has been deleted!

Attempting to delete C:\windows\system32\kwpijugp.exe
C:\windows\system32\kwpijugp.exe Has been deleted!

Attempting to delete C:\Windows\system32\lcntnbki.dll
C:\Windows\system32\lcntnbki.dll Has been deleted!

Attempting to delete C:\Windows\system32\ldppwxem.exe
C:\Windows\system32\ldppwxem.exe Has been deleted!

Attempting to delete C:\Windows\system32\lofcbmxd.exe
C:\Windows\system32\lofcbmxd.exe Has been deleted!

Attempting to delete C:\windows\system32\lyseeljc.dll
C:\windows\system32\lyseeljc.dll Has been deleted!

Attempting to delete C:\Windows\system32\mgxwihcr.dll
C:\Windows\system32\mgxwihcr.dll Has been deleted!

Attempting to delete C:\Windows\system32\mlgnnygk.dll
C:\Windows\system32\mlgnnygk.dll Has been deleted!

Attempting to delete C:\windows\system32\moplejme.exe
C:\windows\system32\moplejme.exe Has been deleted!

Attempting to delete C:\Windows\system32\morngpto.exe
C:\Windows\system32\morngpto.exe Has been deleted!

Attempting to delete C:\Windows\system32\mqupasos.dll
C:\Windows\system32\mqupasos.dll Has been deleted!

Attempting to delete C:\windows\system32\niqmlhdr.exe
C:\windows\system32\niqmlhdr.exe Has been deleted!

Attempting to delete C:\windows\system32\nudfcmba.exe
C:\windows\system32\nudfcmba.exe Has been deleted!

Attempting to delete C:\Windows\system32\nvetdsad.exe
C:\Windows\system32\nvetdsad.exe Has been deleted!

Attempting to delete C:\Windows\system32\nxpovmri.exe
C:\Windows\system32\nxpovmri.exe Has been deleted!

Attempting to delete C:\Windows\system32\obilribv.dll
C:\Windows\system32\obilribv.dll Has been deleted!

Attempting to delete C:\windows\system32\ogogwmog.exe
C:\windows\system32\ogogwmog.exe Has been deleted!

Attempting to delete C:\windows\system32\ohxqxqwk.exe
C:\windows\system32\ohxqxqwk.exe Has been deleted!

Attempting to delete C:\windows\system32\olbihvnp.exe
C:\windows\system32\olbihvnp.exe Has been deleted!

Attempting to delete C:\Windows\system32\oqicohqy.exe
C:\Windows\system32\oqicohqy.exe Has been deleted!

Attempting to delete C:\Windows\system32\pbgrrixo.dll
C:\Windows\system32\pbgrrixo.dll Has been deleted!

Attempting to delete C:\Windows\system32\pdncvmek.exe
C:\Windows\system32\pdncvmek.exe Has been deleted!

Attempting to delete C:\Windows\system32\pehntmok.exe
C:\Windows\system32\pehntmok.exe Has been deleted!

Attempting to delete C:\Windows\system32\pexbdpcn.dll
C:\Windows\system32\pexbdpcn.dll Has been deleted!

Attempting to delete C:\Windows\system32\pgiqdovd.exe
C:\Windows\system32\pgiqdovd.exe Has been deleted!

Attempting to delete C:\Windows\system32\pjtlxsnw.dll
C:\Windows\system32\pjtlxsnw.dll Has been deleted!

Attempting to delete C:\Windows\system32\pjtlyjol.exe
C:\Windows\system32\pjtlyjol.exe Has been deleted!

Attempting to delete C:\Windows\system32\poasaedt.dll
C:\Windows\system32\poasaedt.dll Has been deleted!

Attempting to delete C:\Windows\system32\pufxufbw.exe
C:\Windows\system32\pufxufbw.exe Has been deleted!

Attempting to delete C:\Windows\system32\pwrxwuae.dll
C:\Windows\system32\pwrxwuae.dll Has been deleted!

Attempting to delete C:\Windows\system32\qdindaws.ini
C:\Windows\system32\qdindaws.ini Has been deleted!

Attempting to delete C:\Windows\system32\qfbkgmhj.exe
C:\Windows\system32\qfbkgmhj.exe Has been deleted!

Attempting to delete C:\Windows\system32\qnigoetb.dll
C:\Windows\system32\qnigoetb.dll Has been deleted!

Attempting to delete C:\windows\system32\qslvukib.exe
C:\windows\system32\qslvukib.exe Has been deleted!

Attempting to delete C:\windows\system32\ravjxemy.exe
C:\windows\system32\ravjxemy.exe Has been deleted!

Attempting to delete C:\Windows\system32\rcotnehn.exe
C:\Windows\system32\rcotnehn.exe Has been deleted!

Attempting to delete C:\Windows\system32\rdkmpudi.dll
C:\Windows\system32\rdkmpudi.dll Has been deleted!

Attempting to delete C:\windows\system32\rkjldqvh.exe
C:\windows\system32\rkjldqvh.exe Has been deleted!

Attempting to delete C:\windows\system32\roltfvaw.exe
C:\windows\system32\roltfvaw.exe Has been deleted!

Attempting to delete C:\windows\system32\rpbexshu.exe
C:\windows\system32\rpbexshu.exe Has been deleted!

Attempting to delete C:\Windows\system32\rvlcalgo.dll
C:\Windows\system32\rvlcalgo.dll Has been deleted!

Attempting to delete C:\windows\system32\rxfcvxja.exe
C:\windows\system32\rxfcvxja.exe Has been deleted!

Attempting to delete C:\Windows\system32\scsiauua.dll
C:\Windows\system32\scsiauua.dll Has been deleted!

Attempting to delete C:\windows\system32\seqymkmx.exe
C:\windows\system32\seqymkmx.exe Has been deleted!

Attempting to delete C:\Windows\system32\skibqsba.dll
C:\Windows\system32\skibqsba.dll Has been deleted!

Attempting to delete C:\windows\system32\skppwdwp.exe
C:\windows\system32\skppwdwp.exe Has been deleted!

Attempting to delete C:\windows\system32\ssqpp.dll
C:\windows\system32\ssqpp.dll Has been deleted!

Attempting to delete C:\Windows\system32\swadnidq.dll
C:\Windows\system32\swadnidq.dll Has been deleted!

Attempting to delete C:\Windows\system32\tbpfslnx.dll
C:\Windows\system32\tbpfslnx.dll Has been deleted!

Attempting to delete C:\Windows\system32\tgldyglh.exe
C:\Windows\system32\tgldyglh.exe Has been deleted!

Attempting to delete C:\Windows\system32\thkqovme.dll
C:\Windows\system32\thkqovme.dll Has been deleted!

Attempting to delete C:\Windows\system32\tpojpgsl.dll
C:\Windows\system32\tpojpgsl.dll Has been deleted!

Attempting to delete C:\windows\system32\trdebihg.exe
C:\windows\system32\trdebihg.exe Has been deleted!

Attempting to delete C:\windows\system32\trspcijf.exe
C:\windows\system32\trspcijf.exe Has been deleted!

Attempting to delete C:\Windows\system32\tskkhwnf.dll
C:\Windows\system32\tskkhwnf.dll Has been deleted!

Attempting to delete C:\Windows\system32\tyknhjvh.dll
C:\Windows\system32\tyknhjvh.dll Has been deleted!

Attempting to delete C:\Windows\system32\udtpuibv.exe
C:\Windows\system32\udtpuibv.exe Has been deleted!

Attempting to delete C:\Windows\system32\upyswunt.exe
C:\Windows\system32\upyswunt.exe Has been deleted!

Attempting to delete C:\Windows\system32\uyfcapup.dll
C:\Windows\system32\uyfcapup.dll Has been deleted!

Attempting to delete C:\Windows\system32\veunxnvi.dll
C:\Windows\system32\veunxnvi.dll Has been deleted!

Attempting to delete C:\windows\system32\vhdslwmi.exe
C:\windows\system32\vhdslwmi.exe Has been deleted!

Attempting to delete C:\windows\system32\vidmqxbo.exe
C:\windows\system32\vidmqxbo.exe Has been deleted!

Attempting to delete C:\windows\system32\vpacgooo.exe
C:\windows\system32\vpacgooo.exe Has been deleted!

Attempting to delete C:\windows\system32\vqswsahg.dll
C:\windows\system32\vqswsahg.dll Has been deleted!

Attempting to delete C:\Windows\system32\vsiaflew.exe
C:\Windows\system32\vsiaflew.exe Has been deleted!

Attempting to delete C:\Windows\system32\vugfttkm.dll
C:\Windows\system32\vugfttkm.dll Has been deleted!

Attempting to delete C:\Windows\system32\vxkynvtx.exe
C:\Windows\system32\vxkynvtx.exe Has been deleted!

Attempting to delete C:\Windows\system32\wfvsibyj.exe
C:\Windows\system32\wfvsibyj.exe Has been deleted!

Attempting to delete C:\windows\system32\wimbfess.exe
C:\windows\system32\wimbfess.exe Has been deleted!

Attempting to delete C:\Windows\system32\wjkoiucj.exe
C:\Windows\system32\wjkoiucj.exe Has been deleted!

Attempting to delete C:\Windows\system32\wkejvfxv.exe
C:\Windows\system32\wkejvfxv.exe Has been deleted!

Attempting to delete C:\Windows\system32\wltwaxbt.dll
C:\Windows\system32\wltwaxbt.dll Has been deleted!

Attempting to delete C:\Windows\system32\woiokpvs.dll
C:\Windows\system32\woiokpvs.dll Has been deleted!

Attempting to delete C:\Windows\system32\wqgikmxm.exe
C:\Windows\system32\wqgikmxm.exe Has been deleted!

Attempting to delete C:\Windows\system32\wthneupr.dll
C:\Windows\system32\wthneupr.dll Has been deleted!

Attempting to delete C:\Windows\system32\wukixxaj.ini
C:\Windows\system32\wukixxaj.ini Has been deleted!

Attempting to delete C:\windows\system32\wvlacvhw.exe
C:\windows\system32\wvlacvhw.exe Has been deleted!

Attempting to delete C:\windows\system32\wyrxkmbi.exe
C:\windows\system32\wyrxkmbi.exe Has been deleted!

Attempting to delete C:\windows\system32\xbeoolec.exe
C:\windows\system32\xbeoolec.exe Has been deleted!

Attempting to delete C:\Windows\system32\xmhtabtk.dll
C:\Windows\system32\xmhtabtk.dll Has been deleted!

Attempting to delete C:\Windows\system32\xnwaeptk.dll
C:\Windows\system32\xnwaeptk.dll Has been deleted!

Attempting to delete C:\windows\system32\xunjinmi.exe
C:\windows\system32\xunjinmi.exe Has been deleted!

Attempting to delete C:\windows\system32\xutljpio.exe
C:\windows\system32\xutljpio.exe Has been deleted!

Attempting to delete C:\Windows\system32\xwlfmjvw.dll
C:\Windows\system32\xwlfmjvw.dll Has been deleted!

Attempting to delete C:\Windows\system32\xyugypss.dll
C:\Windows\system32\xyugypss.dll Has been deleted!

Attempting to delete C:\Windows\system32\ybqfvfnm.exe
C:\Windows\system32\ybqfvfnm.exe Has been deleted!

Attempting to delete C:\windows\system32\ymhbfkie.exe
C:\windows\system32\ymhbfkie.exe Has been deleted!

Attempting to delete C:\Windows\system32\ynqrgiwg.dll
C:\Windows\system32\ynqrgiwg.dll Has been deleted!

Attempting to delete C:\Windows\system32\ysotqqah.exe
C:\Windows\system32\ysotqqah.exe Has been deleted!

Attempting to delete C:\windows\system32\yvwpictu.exe
C:\windows\system32\yvwpictu.exe Has been deleted!

Attempting to delete C:\Windows\system32\yxtkgbqe.exe
C:\Windows\system32\yxtkgbqe.exe Has been deleted!

Performing Repairs to the registry.
Done!

Here's my hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 10:43:41 PM, on 9/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\USBToolbox\Res.EXE
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
C:\WINDOWS\system32\lphc5uej0e7dr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AIM6\anotify.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = »ie.redirect.hp.com/svs/rdr?TYPE=···=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = »ie.redirect.hp.com/svs/rdr?TYPE=···=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = »ie.redirect.hp.com/svs/rdr?TYPE=···=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = »ie.redirect.hp.com/svs/rdr?TYPE=···=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = »ie.redirect.hp.com/svs/rdr?TYPE=···=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {338F763F-46ED-4BAC-B6DD-6DAD90D7ED60} - C:\WINDOWS\system32\drmsto.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\awtqpnk.dll (file missing)
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: (no name) - {A9ACDAF2-6345-41EF-8E67-18D09AB619F8} - C:\WINDOWS\repair\ocmsis.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &VSToolBar - {821F87FF-8245-4972-9E28-732E92EC2F51} - C:\Program Files\VSToolbar\VSToolBar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USBToolbox\Res.EXE
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [poolsv] "C:\WINDOWS\poolsv.exe"
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [lphc5uej0e7dr] C:\WINDOWS\system32\lphc5uej0e7dr.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MSI Configuration] msiconf.exe
O4 - Startup: VZAccess Manager.lnk = C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00C7C2A0-8B82-11D1-8B57-00A0C98CD92B} (ActiveReports Viewer) - »www.ncbrightideas.com/arviewer.cab
O16 - DPF: {0D623637-DBA2-11D1-B5DF-0060976089D0} (True DBGrid 7 Control) - »www.ncbrightideas.com/tdbg7.cab
O16 - DPF: {0D6236AB-DBA2-11D1-B5DF-0060976089D0} (ComponentOne XArrayDB Object) - »www.ncbrightideas.com/xadb7.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - »web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} (JInitiator 1.3.1.22) - »https://accessncwise.wcpss.net/forms/jin···init.exe
O16 - DPF: {CE74A05D-ED12-473A-97F8-85FB0E2F479F} (dlControl.UserControl1) - »web1.nugs.net/dev/dlControl.CAB
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - »https://domino5.wcpss.net/dwa7W.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} - »cdn.digitalcity.com/_media/dalai···ampx.cab
O20 - Winlogon Notify: awtqpnk - awtqpnk.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: ocmsis - C:\WINDOWS\repair\ocmsis.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - c:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WUSB54GCSVC - Unknown owner - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe" "WUSB54GC.exe (file missing)]]> http://www.dslreports.com/forum/remark,21158438 Tue, 23 Sep 2008 22:46:42 EDT