I was able to run both ComboFix and HijackThis. Logs are below. ComboFix 09-01-17.04 - Nick 2009-01-18 10:39:36.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1551 [GMT -5:00] Running from: c:\documents and settings\Nick\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1296 [VPS 090117-0] *On-access scanning disabled* (Updated) . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Alesha\Local Settings\Temporary Internet Files\fbk.sts c:\documents and settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\c.cgm c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat c:\windows\system32\UACfqyiabpn.log c:\windows\system32\UACjvwqtymx.dat c:\windows\system32\UACyqbbwnfn.dll ----- BITS: Possible infected sites ----- hxxp://download.esd.intuit.com . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_UACd.sys ((((((((((((((((((((((((( Files Created from 2008-12-18 to 2009-01-18 ))))))))))))))))))))))))))))))) . 2009-01-14 17:24 . 2009-01-14 17:24 <DIR> d-------- c:\program files\Alwil Software 2009-01-14 17:24 . 2003-03-18 16:20 1,060,864 --a------ c:\windows\system32\MFC71.dll 2009-01-14 17:22 . 2009-01-14 17:22 <DIR> d-------- c:\program files\Trend Micro 2009-01-14 17:06 . 2004-08-03 22:58 14,848 --a------ c:\windows\system32\drivers\kbdhid.sys 2009-01-14 17:06 . 2004-08-03 22:58 14,848 --a--c--- c:\windows\system32\dllcache\kbdhid.sys 2009-01-14 14:19 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-01-14 14:19 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-01-14 14:18 . 2009-01-18 08:27 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-01-11 15:00 . 2009-01-11 15:12 139,296 --ahs---- c:\windows\system32\drivers\fidbox2.dat 2009-01-11 15:00 . 2009-01-11 15:12 2,604 --ahs---- c:\windows\system32\drivers\fidbox2.idx 2009-01-11 15:00 . 2009-01-11 15:12 32 --ahs---- c:\windows\system32\drivers\fidbox.idx 2009-01-11 15:00 . 2009-01-11 15:12 32 --ahs---- c:\windows\system32\drivers\fidbox.dat 2009-01-11 13:36 . 2009-01-11 13:36 <DIR> d-------- c:\documents and settings\Nick\Application Data\Kaspersky_Key_Finder_(KKF 2009-01-11 13:36 . 2009-01-11 15:08 <DIR> d-------- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-01-11 13:35 . 2009-01-14 16:55 <DIR> d-------- c:\documents and settings\All Users\Application Data\Avg8 2009-01-10 14:32 . 2009-01-10 14:32 <DIR> d-------- c:\program files\Common Files\AnswerWorks 5.0 2009-01-10 09:28 . 2009-01-10 09:28 <DIR> d-------- c:\program files\TurboTax 2008-12-29 23:01 . 2009-01-14 17:17 <DIR> d-------- c:\program files\Windows Home Server 2008-12-24 15:51 . 2007-06-20 20:46 266,088 --a------ c:\windows\system32\xactengine2_8.dll 2008-12-24 15:51 . 2007-06-20 20:45 18,280 --a------ c:\windows\system32\x3daudio1_2.dll 2008-12-24 15:42 . 2007-03-12 16:42 3,495,784 --a------ c:\windows\system32\d3dx9_33.dll 2008-12-24 15:42 . 2007-03-12 16:42 1,123,696 --a------ c:\windows\system32\D3DCompiler_33.dll 2008-12-24 15:42 . 2007-03-15 16:57 443,752 --a------ c:\windows\system32\d3dx10_33.dll 2008-12-24 15:42 . 2007-04-04 18:55 261,480 --a------ c:\windows\system32\xactengine2_7.dll 2008-12-24 15:42 . 2007-01-24 15:27 255,848 --a------ c:\windows\system32\xactengine2_6.dll 2008-12-24 12:27 . 2008-12-24 12:27 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Nero 2008-12-24 12:26 . 2009-01-14 16:55 <DIR> d-------- c:\documents and settings\Administrator 2008-12-23 14:57 . 2008-12-23 14:57 <DIR> d-------- c:\program files\Guitar Pro 5 2008-12-22 10:14 . 2008-12-22 10:14 <DIR> d-------- c:\windows\Samsung 2008-12-22 10:14 . 2008-02-23 21:37 479,232 --a------ c:\windows\ssndii.exe 2008-12-22 10:14 . 2008-03-16 20:10 57,344 --a------ c:\windows\system32\ssdevm.dll 2008-12-22 10:14 . 2007-08-13 01:26 49,152 --a------ c:\windows\system32\ssusbpn.dll 2008-12-22 10:14 . 2007-08-13 01:26 44,544 --a------ c:\windows\system32\msxml4a.dll 2008-12-22 10:14 . 2007-08-13 01:26 21,776 --a------ c:\windows\system32\msxml2a.dll 2008-12-22 10:13 . 2007-08-13 04:39 151,552 --a------ c:\windows\system32\cl31cci.exe 2008-12-22 10:13 . 2007-08-13 04:39 65,536 --a------ c:\windows\system32\cl31cci.dll 2008-12-22 10:13 . 2007-08-13 04:39 22,723 --a------ c:\windows\system32\cl31cl3.dll 2008-12-22 10:13 . 2007-08-12 21:47 11,502 --------- c:\windows\Dr. Printer Icon.ico 2008-12-22 10:13 . 2007-08-13 04:39 361 --a------ c:\windows\system32\cl31cl3.smt 2008-12-22 10:12 . 2008-12-22 10:12 <DIR> d-------- c:\windows\system32\drivers\Samsung 2008-12-22 10:11 . 2008-12-22 10:11 <DIR> d-------- c:\program files\Samsung . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-18 13:13 --------- d-----w c:\program files\lx_cats 2009-01-11 20:12 --------- d-----w c:\program files\PeerGuardian2 2009-01-11 20:12 --------- d-----w c:\documents and settings\Nick\Application Data\uTorrent 2009-01-11 00:14 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-10 19:32 --------- d-----w c:\documents and settings\Nick\Application Data\Intuit 2009-01-10 19:31 --------- d-----w c:\program files\Common Files\Intuit 2009-01-10 19:31 --------- d-----w c:\documents and settings\All Users\Application Data\Intuit 2009-01-05 15:42 --------- d-----w c:\documents and settings\Alesha\Application Data\uTorrent 2008-12-23 18:13 --------- d-----w c:\program files\EPSON 2008-12-04 01:29 --------- d-----w c:\program files\Apple Software Update 2008-11-30 19:58 0 ---ha-w c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf 2008-11-30 19:58 0 ---ha-w c:\windows\system32\drivers\Msft_User_ZuneDriver_01_07_00.Wdf 2008-11-30 19:58 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_WinUSB_01007.Wdf 2008-11-30 19:51 --------- d-----w c:\program files\Zune 2008-11-10 17:23 60,032 ----a-w c:\windows\system32\ZuneBusEnum.exe 2008-11-10 17:23 243,840 ----a-w c:\windows\system32\ZuneWlanCfgSvc.exe 2008-11-10 17:09 73,728 ----a-w c:\windows\system32\ZuneUsbTransport.dll 2008-11-10 17:09 57,344 ----a-w c:\windows\system32\ZuneRegUtil.dll 2008-11-10 17:09 310,272 ----a-w c:\windows\system32\ZuneNetProxy.dll 2008-11-10 17:09 18,944 ----a-w c:\windows\system32\ZuneTcp2Udp.dll 2008-11-10 17:09 145,920 ----a-w c:\windows\system32\ZuneMTPZ.dll 2008-11-10 17:09 12,800 ----a-w c:\windows\system32\ZunePTDNS.dll 2008-11-03 20:59 107,888 ----a-w c:\windows\system32\CmdLineExt.dll 2008-10-22 20:47 6 ----a-w c:\windows\Fonts\wfonts.key 2008-05-25 11:36 22,328 ----a-w c:\documents and settings\Nick\Application Data\PnkBstrK.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920] "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2007-08-31 988584] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-08-31 1037736] "Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2008-11-10 157312] "LXCRCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [2006-02-24 65536] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 570664] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352] "Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2008-08-08 524288] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "RTHDCPL"="RTHDCPL.EXE" [2006-10-11 c:\windows\RTHDCPL.exe] "nwiz"="nwiz.exe" [2007-12-05 c:\windows\system32\nwiz.exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=sweppy.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winip40.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-01-11 21:16 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint] --a------ 2006-02-07 00:10 98304 c:\program files\Lexmark 2400 Series\ezprint.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2008-06-02 10:13 267048 c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] --a------ 2008-08-22 13:13 2363392 c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcrmon.exe] --a------ 2006-03-06 12:48 286720 c:\program files\Lexmark 2400 Series\lxcrmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-05-27 09:50 413696 c:\program files\QuickTime\QTTask.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-01-14 111184] R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-01-14 20560] R4 IntuitUpdateService;Intuit Update Service;c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [2008-10-10 13088] S0 Winip40;Winip40;c:\windows\system32\Drivers\Winip40.sys --> c:\windows\system32\Drivers\Winip40.sys [?] S3 PYKH;PYKH;c:\docume~1\Nick\LOCALS~1\Temp\PYKH.exe --> c:\docume~1\Nick\LOCALS~1\Temp\PYKH.exe [?] S4 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Common Files\LightScribe\LSRunOnce.exe" . Contents of the 'Scheduled Tasks' folder 2008-05-25 c:\windows\Tasks\Microsoft_Hardware_Launch_IType_exe.job - c:\program files\Microsoft IntelliType Pro\itype.exe [2007-08-31 11:13] . - - - - ORPHANS REMOVED - - - - BHO-{C5BF49A2-94F3-42BD-F434-3604812C8955} - c:\windows\system32\rwhbfb873unjdfdg.dll SharedTaskScheduler-{C5BF49A2-94F3-42BD-F434-3604812C8955} - c:\windows\system32\rwhbfb873unjdfdg.dll MSConfigStartUp-Antivirus - c:\program files\VAV\vav.exe MSConfigStartUp-Ododivagoxoyiv - c:\windows\Atutulaze.dll MSConfigStartUp-spywareguard - c:\program files\Spyware Guard 2008\spywareguard.exe . ------- Supplementary Scan ------- . uInternet Connection Wizard,ShellNext = hxxp://www.utorrent.com/testport.php?port=60459 uInternet Settings,ProxyOverride = *.local FF - ProfilePath - c:\documents and settings\Nick\Application Data\Mozilla\Firefox\Profiles\2d2531wt.default\ . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-18 10:45:26 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run LXCRCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-515967899-1229272821-725345543-1003\Software\SecuROM\License information*] "datasecu"=hex:d0,c3,0f,8c,11,0c,af,30,dd,bc,2f,88,50,58,11,1d,a0,bb,67,30,1a, c7,15,c4,53,0c,b5,d8,bf,88,45,35,d0,aa,d0,9f,29,4b,eb,83,d6,2f,59,62,52,6f,\ "rkeysecu"=hex:84,37,6b,d8,a3,7f,e0,d4,e4,5d,a6,9b,82,eb,05,a7 . ------------------------ Other Running Processes ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\rundll32.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Microsoft IntelliPoint\dpupdchk.exe c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\IoctlSvc.exe c:\windows\system32\ZuneBusEnum.exe c:\program files\Zune\ZuneNss.exe c:\program files\Common Files\Nero\Lib\NMIndexingService.exe c:\windows\system32\wscntfy.exe c:\windows\system32\lxcrcoms.exe . ************************************************************************** . Completion time: 2009-01-18 10:50:43 - machine was rebooted [Nick] ComboFix-quarantined-files.txt 2009-01-18 15:50:40 Pre-Run: 65,052,880,896 bytes free Post-Run: 65,714,819,072 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(1)partition(1)\WINDOWS [operating systems] d:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 217 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:53:08 AM, on 1/18/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Zune\ZuneLauncher.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\IoctlSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZuneBusEnum.exe C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\lxcrcoms.exe C:\WINDOWS\explorer.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.utorrent.com/testport.php?port=60459 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe" O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1208719345109 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1208719501265 O20 - AppInit_DLLs: sweppy.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: PYKH - Unknown owner - C:\DOCUME~1\Nick\LOCALS~1\Temp\PYKH.exe (file missing) -- End of file - 7191 bytes