Well, Combofix actully managed to produce a log for me this time. Here's the latest combofix log:-ComboFix 08-02.05.3 - Mark 2008-02-11 16:21:19.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.199 [GMT -7:00]
Running from: C:\Documents and Settings\Mark\Desktop\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2008-01-11 to 2008-02-11 )))))))))))))))))))))))))))))))
.
2008-02-09 00:23 . 2008-02-09 00:23 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Yahoo!
2008-02-08 23:48 . 2008-02-09 19:42 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Rabio
2008-02-08 23:47 . 2008-02-08 23:47 <DIR> d-------- C:\WINDOWS\system32\za7
2008-02-08 23:47 . 2008-02-08 23:47 <DIR> d-------- C:\WINDOWS\system32\wd11
2008-02-08 23:47 . 2008-02-08 23:47 <DIR> d-------- C:\WINDOWS\system32\kp9
2008-02-08 23:46 . 2008-02-08 23:46 <DIR> d-------- C:\WINDOWS\system32\nGpxx01
2008-02-08 23:46 . 2008-02-08 23:47 <DIR> d-------- C:\Temp\isgTi19
2008-02-08 20:43 . 2008-02-08 20:43 <DIR> d-------- C:\Program Files\Yahoo! Games
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-09 06:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-09 06:23 --------- d-----w C:\Program Files\Eidos
2008-02-09 00:07 --------- d-----w C:\Program Files\Diablo II
2008-02-08 23:52 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2008-01-16 09:05 --------- d-----w C:\Program Files\Niche Inspector
2008-01-08 02:54 --------- d-----w C:\Program Files\DAEMON Tools
2008-01-08 01:19 --------- d-----w C:\Program Files\Unlocker
2008-01-08 00:07 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-01-08 00:05 --------- d-----w C:\Documents and Settings\Mark\Application Data\Grisoft
2008-01-07 21:53 15,360 ----a-w C:\WINDOWS\system32\ctfmon .exe
2008-01-07 20:52 --------- d-----w C:\Program Files\Microsoft Picture It! 9
2008-01-07 20:49 --------- d-----w C:\Program Files\Cliprex DS DVD Player
2008-01-07 18:52 --------- d-----w C:\Documents and Settings\Mark\Application Data\OpenOffice.org2
2008-01-06 20:16 3,885 ----a-w C:\WINDOWS\viassary-hp.reg
2008-01-04 00:33 --------- d-----w C:\Documents and Settings\Mark\Application Data\Yahoo!
2008-01-03 20:38 1,345 ----a-w C:\Documents and Settings\Mark\xl10045.exe
2008-01-03 03:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-01-03 03:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-01-03 01:24 --------- d-----w C:\Program Files\Lavasoft
2008-01-03 01:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-03 01:23 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-03 00:46 --------- d-----w C:\Program Files\RogueRemover FREE
2008-01-03 00:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-31 03:57 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-12-31 03:54 --------- d-----w C:\Program Files\Norton AntiVirus
2007-12-31 00:54 --------- d-----w C:\Program Files\XSite Pro
2007-12-31 00:54 --------- d-----w C:\Program Files\Simple Page Generator
2007-12-31 00:54 --------- d-----w C:\Program Files\PR Prowler
2007-12-31 00:54 --------- d-----w C:\Program Files\PLR Integrator
2007-12-31 00:54 --------- d-----w C:\Program Files\IBP 9
2007-12-31 00:54 --------- d-----w C:\Program Files\FM Modifier 2.2
2007-12-31 00:54 --------- d-----w C:\Program Files\Easy Internet signup
2007-12-31 00:54 --------- d-----w C:\Program Files\DivX
2007-12-31 00:54 --------- d-----w C:\Program Files\ARELIS
2007-12-31 00:34 --------- d-----w C:\Program Files\SymNetDrv
2007-12-30 22:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-30 22:12 --------- d-----w C:\Program Files\iTunes
2007-12-30 21:58 --------- d-----w C:\Program Files\QuickTime
2007-11-27 06:50 39,247 ----a-w C:\WINDOWS\system32\Cleanup.bat
2006-11-18 05:24 66,046 ----a-w C:\Program Files\Dupe_Free_0_NO_VISTA.ico
2006-03-17 03:01 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2004-12-21 18:20 0 --sha-w C:\WINDOWS\SMINST\HPCD.sys
.
[code]
----a-w 61,440 2007-12-30 22:11:31 C:\hp\KBD\KBD .EXE
----a-w 57,344 2007-12-30 22:11:43 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy .exe
----a-w 339,968 2007-12-30 22:11:38 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx .exe
----a-w 180,269 2007-12-30 22:11:44 C:\Program Files\Common Files\Real\Update_OB\realsched .exe
----a-w 71,280 2007-12-30 22:11:34 C:\Program Files\Common Files\Symantec Shared\ccApp .exe
----a-w 165,784 2007-12-30 22:12:15 C:\Program Files\DAEMON Tools\daemon .exe
----a-w 68,856 2007-12-30 22:12:05 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier .exe
----a-w 49,152 2007-12-30 22:11:31 C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06 .exe
----a-w 286,720 2007-12-30 22:11:31 C:\Program Files\iTunes\iTunesHelper .exe
----a-w 32,881 2007-12-30 22:11:28 C:\Program Files\Java\j2re1.4.2_03\bin\jusched .exe
----a-w 160,592 2007-12-30 22:12:07 C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon .exe
----a-w 1,460,560 2008-01-07 22:47:04 C:\Program Files\Spybot - Search & Destroy\TeaTimer .exe
----a-w 95,960 2007-12-30 22:11:36 C:\Program Files\SymNetDrv\SNDMon .exe
----a-w 1,998,848 2007-12-30 22:12:28 C:\Program Files\The Internet Marketing Center\Desktop Marketer 3\Readers\264\364\Marketing Tips Messenger .exe
----a-w 15,872 2008-01-07 22:47:02 C:\Program Files\Unlocker\UnlockerAssistant .exe
----a-w 4,670,704 2008-01-07 22:47:03 C:\Program Files\Yahoo!\Messenger\YahooMessenger .exe
----a-w 4,670,704 2008-01-03 17:35:07 C:\Program Files\Yahoo!\Messenger\YAHOOM~1 .EXE
----a-w 233,472 2007-12-30 22:11:31 C:\WINDOWS\SMINST\RECGUARD .EXE
----a-w 52,736 2007-12-30 22:11:28 C:\WINDOWS\system\hpsysdrv .exe
----a-w 15,360 2008-01-07 21:53:51 C:\WINDOWS\system32\ctfmon .exe
[/code]
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06778838-20AD-4BF8-AEE4-394F91331796}]
C:\WINDOWS\system32\pmkjj.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{074B4C15-FE9B-43D7-B80A-663D7DBEA71F}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1502BFB7-55A1-4E66-BD57-905F54B7A319}]
C:\WINDOWS\system32\vtsqq.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{38839900-5CE0-47D1-B18A-E09F828C5476}]
C:\Program Files\Common Files\hoken4444.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{66645FC2-1D0F-4531-BF65-1B94A0A93663}]
C:\WINDOWS\system32\jkhhe.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{667cf099-93ad-4aa3-9ce4-3b192b5b3d23}]
C:\WINDOWS\system32\aqmvkyjq.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6704CF0C-4D2C-4875-B012-A04AAE872974}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a76ffc59-5126-4bf5-aef0-291705f8b36d}]
C:\WINDOWS\system32\lsphkll.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A78E25AC-521A-47EB-950A-2F3B0993E98D}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C0D8FC31-65FB-452B-892A-3AE604F758E4}]
C:\WINDOWS\system32\oxqid.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C8B763BC-B550-4484-B018-97B41D7DE0EB}]
C:\WINDOWS\system32\jkkli.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CEB452E4-FDBE-4426-9989-A9320AE0B5DB}]
C:\WINDOWS\system32\pmkhf.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E180F496-8A4B-44E2-9FE0-0364E345DB7F}]
C:\WINDOWS\system32\opnoppq.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E96195A7-EA70-4CD5-A9E9-276105491C9C}]
C:\Program Files\Common Files\hoken83122.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 17:43 4670704]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [ ]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [ ]
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [ ]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-03 15:29 165784]
"Marketing Tips Messenger"="C:\Program Files\The Internet Marketing Center\Desktop Marketer 3\Readers\264\364\Marketing Tips Messenger.exe" [ ]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [ ]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 12:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [ ]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [ ]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [ ]
"KBD"="C:\HP\KBD\KBD.EXE" [ ]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [ ]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [ ]
"VTTimer"="VTTimer.exe" []
"AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 11:01 88209 C:\WINDOWS\AGRSMMSG.exe]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [ ]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [ ]
"SoundMan"="SOUNDMAN.EXE" [2005-04-06 17:57 90112 C:\WINDOWS\SOUNDMAN.EXE]
"AlcWzrd"="ALCWZRD.EXE" [2005-04-06 17:53 2805248 C:\WINDOWS\ALCWZRD.EXE]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [ ]
"b4fe43bd"="C:\WINDOWS\system32\iytykhst.dll" [ ]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 02:25 6731312]
C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\
HP Organize.lnk - C:\Program Files\Hewlett-Packard\HP Organize\bin\displayAgent.exe [2004-08-07 14:29:30 36864]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"New Value #1"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= C:\Program Files\Qualcomm\Eudora\EuShlExt.dll [ ]
"{E180F496-8A4B-44E2-9FE0-0364E345DB7F}"= C:\WINDOWS\system32\opnoppq.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\adhjslwz]
adhjslwz.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sibpncig]
sibpncig.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 12:00 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06]
C:\WINDOWS\system32\hphmon06.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
C:\WINDOWS\system32\jkhhe.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Printer]
C:\WINDOWS\system32\printer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
C:\WINDOWS\system32\ps2.exe
S1 rootmdmm;rootmdmm;C:\WINDOWS\system32\drivers\rootmdmm.sys []
S2 CommuniGate Pro Messaging Server;CommuniGate Pro Messaging Server;C:\WINDOWS\CommuniGatePro\CGStarter.exe []
S2 LicCtrlService;LicCtrl Service;C:\WINDOWS\runservice.exe []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\SETUP.EXE
.
Contents of the 'Scheduled Tasks' folder
"2005-04-07 00:03:09 C:\WINDOWS\Tasks\Norton AntiVirus - scan documents - Mark.job"
- c:\PROGRA~1\NORTON~1\Navw32.exe_/task:
"2008-02-09 03:00:01 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - Mark.job"
- c:\PROGRA~1\NORTON~1\Navw32.exeh/task:
"2005-02-11 23:03:47 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
"2008-02-11 05:38:00 C:\WINDOWS\Tasks\WebReg 20050401223819.job"
- c:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe\/TaskName 20050401223819 /N
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-11 16:26:19
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-02-11 16:29:38
ComboFix-quarantined-files.txt 2008-02-11 23:29:35
.
2008-01-09 07:15:29 --- E O F ---
And here's the latest HijackThis log:-
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 15:45, on 2008-02-11
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\mysql\bin\mysqld.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Mark\Desktop\Spyware Removal\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 195.248.254.11:8080
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: (no name) - {06778838-20AD-4BF8-AEE4-394F91331796} - C:\WINDOWS\system32\pmkjj.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {074B4C15-FE9B-43D7-B80A-663D7DBEA71F} - (no file)
O2 - BHO: (no name) - {1502BFB7-55A1-4E66-BD57-905F54B7A319} - C:\WINDOWS\system32\vtsqq.dll (file missing)
O2 - BHO: (no name) - {38839900-5CE0-47D1-B18A-E09F828C5476} - C:\Program Files\Common Files\hoken4444.dll (file missing)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {66645FC2-1D0F-4531-BF65-1B94A0A93663} - C:\WINDOWS\system32\jkhhe.dll (file missing)
O2 - BHO: {32d3b5b2-91b3-4ec9-3aa4-da39990fc766} - {667cf099-93ad-4aa3-9ce4-3b192b5b3d23} - C:\WINDOWS\system32\aqmvkyjq.dll (file missing)
O2 - BHO: (no name) - {6704CF0C-4D2C-4875-B012-A04AAE872974} - (no file)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: (no name) - {a76ffc59-5126-4bf5-aef0-291705f8b36d} - C:\WINDOWS\system32\lsphkll.dll (file missing)
O2 - BHO: (no name) - {A78E25AC-521A-47EB-950A-2F3B0993E98D} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {C0D8FC31-65FB-452B-892A-3AE604F758E4} - C:\WINDOWS\system32\oxqid.dll (file missing)
O2 - BHO: (no name) - {C8B763BC-B550-4484-B018-97B41D7DE0EB} - C:\WINDOWS\system32\jkkli.dll (file missing)
O2 - BHO: (no name) - {CEB452E4-FDBE-4426-9989-A9320AE0B5DB} - C:\WINDOWS\system32\pmkhf.dll (file missing)
O2 - BHO: (no name) - {E180F496-8A4B-44E2-9FE0-0364E345DB7F} - C:\WINDOWS\system32\opnoppq.dll (file missing)
O2 - BHO: (no name) - {E96195A7-EA70-4CD5-A9E9-276105491C9C} - C:\Program Files\Common Files\hoken83122.dll (file missing)
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [b4fe43bd] rundll32.exe "C:\WINDOWS\system32\iytykhst.dll",b
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [combofix] C:\WINDOWS\system32\kmd.exe /c C:\ComboFix\Combobatch.bat
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Marketing Tips Messenger] "C:\Program Files\The Internet Marketing Center\Desktop Marketer 3\Readers\264\364\Marketing Tips Messenger.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: RABCO - Auto Update.lnk = C:\Program Files\RABCO\RABCOse.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqna/down...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102fd.bay102.hotmail.msn.c...
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/chnz/de...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewo...
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcapl...
O20 - Winlogon Notify: adhjslwz - adhjslwz.dll (file missing)
O20 - Winlogon Notify: sibpncig - sibpncig.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: CommuniGate Pro Messaging Server - Unknown owner - C:\WINDOWS\CommuniGatePro\CGStarter.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySQL - Unknown owner - C:\mysql\bin\mysqld.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 13733 bytes
Thanks
Mark..
