here is my log from high jack this

**keper** · 10-08-2010, 04:03 PM

ComboFix 10-10-07.02 - KEITH 10/08/2010 17:44:55.5.1 - x86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.1763 [GMT -3:00]
Running from: c:\documents and settings\KEITH\Desktop\security\commy.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

-- Previous Run --

Infected copy of c:\windows\system32\userinit.exe was found and disinfected
Restored copy from - c:\windows\ERDNT\cache\userinit.exe

--------

.
((((((((((((((((((((((((( Files Created from 2010-09-08 to 2010-10-08 )))))))))))))))))))))))))))))))
.

2010-10-08 13:16 . 2010-10-08 13:16 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2010-10-07 23:48 . 2010-10-07 23:48 -------- d-----w- c:\program files\InCode Solutions
2010-10-07 20:33 . 2010-10-07 20:33 -------- d-----w- c:\program files\VS Revo Group
2010-10-06 15:22 . 2010-10-06 15:22 388096 ----a-r- c:\documents and settings\KEITH\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-10-06 11:35 . 2010-10-06 11:35 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure
2010-10-05 21:38 . 2009-06-30 13:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-10-05 21:37 . 2010-10-05 21:37 -------- d-----w- c:\program files\Panda Security
2010-10-05 18:51 . 2010-10-05 18:51 -------- d-----w- c:\program files\Common Files\Skype
2010-10-04 01:07 . 2010-10-04 00:46 81920 ----a-w- c:\windows\system32\bsf.exe
2010-10-02 13:53 . 2010-10-02 14:02 -------- d-----w- C:\aidualc3
2010-10-01 18:28 . 2010-10-01 18:28 -------- d-----w- c:\documents and settings\KEITH\Application Data\MozillaControl
2010-10-01 18:08 . 2010-10-01 18:08 -------- d-----w- c:\windows\'Full Speed' Internet Booster + Performance Tests
2010-10-01 17:32 . 2010-10-01 17:32 -------- d--h--w- c:\windows\system32\GroupPolicy
2010-09-29 18:24 . 2010-09-29 18:24 -------- d-----w- c:\program files\uTorrent
2010-09-29 17:26 . 2010-09-29 17:39 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2010-09-18 16:39 . 2010-09-18 16:39 -------- d-----w- c:\documents and settings\KEITH\Application Data\Adobe Mini Bridge CS5
2010-09-18 16:38 . 2010-09-18 16:38 -------- d-----w- c:\documents and settings\KEITH\Application Data\StageManager.BD092818F67280F4B42B04877600987F 0111B594.1
2010-09-18 14:38 . 2010-09-18 14:38 -------- d-----w- c:\documents and settings\All Users\Application Data\regid.1986-12.com.adobe
2010-09-18 14:21 . 2010-09-18 14:21 -------- d-----w- c:\program files\Adobe Media Player
2010-09-18 14:17 . 2010-09-18 14:17 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-09-15 00:26 . 2010-09-15 00:28 -------- d-----w- c:\documents and settings\KEITH\Application Data\vlc
2010-09-13 01:01 . 2010-09-13 01:01 -------- d-----w- c:\program files\Microsoft.NET
2010-09-13 00:57 . 2010-09-13 00:58 -------- d-----w- c:\documents and settings\KEITH\Local Settings\Application Data\Deployment
2010-09-12 19:23 . 2010-09-12 19:23 -------- d-----w- C:\DISNEY
2010-09-08 21:50 . 2010-09-08 21:50 -------- d-----w- c:\program files\TrendMicro
2010-09-08 21:26 . 2010-09-08 21:26 -------- d-----w- c:\program files\Trend Micro

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2010-10-08 19:37 . 2010-08-23 20:00 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2010-10-08 19:03 . 2010-08-23 14:42 -------- d-----w- c:\documents and settings\KEITH\Application Data\skypePM
2010-10-08 18:34 . 2010-02-22 01:35 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-10-08 16:50 . 2010-07-14 18:48 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-10-08 16:03 . 2010-08-23 07:03 -------- d-----w- c:\documents and settings\KEITH\Application Data\Skype
2010-10-08 13:27 . 2010-08-12 13:47 -------- d-----w- c:\program files\Common Files\Adobe
2010-10-08 12:55 . 2010-09-07 21:42 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2010-10-07 13:26 . 2010-09-07 23:10 12872 ----a-w- c:\windows\system32\bootdelete.exe
2010-10-07 12:25 . 2010-07-20 16:18 -------- d-----w- c:\documents and settings\KEITH\Application Data\godzHell
2010-10-07 05:29 . 2009-12-18 20:45 -------- d-----w- c:\program files\Lx_cats
2010-10-05 18:51 . 2010-08-23 07:02 -------- d-----r- c:\program files\Skype
2010-10-05 18:51 . 2010-08-23 07:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-10-05 01:12 . 2010-07-14 18:49 63488 ----a-w- c:\documents and settings\KEITH\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\ SD10006.dll
2010-10-05 01:11 . 2010-07-14 18:49 117760 ----a-w- c:\documents and settings\KEITH\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\ UIREPAIR.DLL
2010-10-01 23:11 . 2009-12-26 23:32 -------- d-----w- c:\documents and settings\KEITH\Application Data\Media Player Classic
2010-09-30 19:22 . 2010-04-22 19:52 -------- d-----w- c:\program files\Google
2010-09-29 17:39 . 2010-02-09 00:59 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-18 15:12 . 2009-12-16 21:45 60392 ----a-w- c:\documents and settings\KEITH\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-09-18 14:17 . 2010-10-07 22:48 38784 ----a-w- c:\documents and settings\Administrator\Application Data\Macromedia\Flash Player\http://www.macromedia.com\bin\airapp...pinstaller.exe
2010-09-13 11:57 . 2010-08-11 22:50 -------- d-----w- c:\program files\Eusing Free Registry Cleaner
2010-09-08 19:35 . 2010-09-08 19:35 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-09-07 23:10 . 2010-09-07 21:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro
2010-09-07 21:41 . 2010-09-07 21:41 -------- d-----w- c:\program files\Hitman Pro 3.5
2010-09-07 18:44 . 2010-09-04 22:27 -------- d-----w- c:\documents and settings\KEITH\Application Data\Raptr
2010-09-07 18:43 . 2010-09-04 22:27 -------- d-----w- c:\program files\Raptr
2010-09-07 14:21 . 2010-09-07 14:21 -------- d-----w- c:\program files\ThreatFire
2010-09-07 14:21 . 2010-09-07 14:21 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2010-09-06 13:46 . 2010-09-06 13:36 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Azureus
2010-09-06 13:43 . 2010-01-03 20:13 -------- d-----w- c:\program files\CCleaner
2010-09-06 13:36 . 2010-09-06 13:36 310208 ----a-w- c:\documents and settings\NetworkService\Application Data\Azureus\plugins\mlab\ShaperProbeC.exe
2010-09-04 22:24 . 2010-01-27 21:14 -------- d-----w- c:\program files\Vuze
2010-09-04 22:23 . 2010-09-04 22:23 -------- d-----w- c:\program files\Conduit
2010-09-04 22:23 . 2010-09-04 22:23 -------- d-----w- c:\program files\Vuze_Remote
2010-08-31 15:11 . 2010-08-31 15:11 3401880 ----a-w- c:\documents and settings\KEITH\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
2010-08-31 14:55 . 2010-08-31 14:55 275096 ----a-w- c:\documents and settings\KEITH\Application Data\Mozilla\plugins\npgoogletalk.dll
2010-08-31 14:39 . 2010-08-31 14:39 3734536 ----a-w- c:\documents and settings\KEITH\Application Data\Mozilla\plugins\Google Talk Plugin Extras\d3dx9_36.dll
2010-08-30 16:17 . 2010-08-30 16:17 -------- d-----w- c:\documents and settings\All Users\Application Data\SBT
2010-08-30 16:17 . 2010-08-30 16:17 -------- d-----w- c:\program files\Snapshot Viewer
2010-08-30 16:16 . 2009-12-16 20:19 -------- d-----w- c:\program files\microsoft frontpage
2010-08-30 16:09 . 2010-08-30 16:09 -------- d-----w- c:\documents and settings\KEITH\Application Data\Microsoft Web Folders
2010-08-23 15:30 . 2010-02-11 15:49 -------- d-----w- c:\program files\Common Files\Logitech
2010-08-23 15:29 . 2010-02-11 15:49 -------- d-----w- c:\program files\Logitech
2010-08-23 15:29 . 2009-12-17 17:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-23 14:42 . 2010-08-23 14:42 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-08-18 03:01 . 2010-08-10 22:47 81920 ----a-w- c:\windows\system32\tcp2.exe
2010-08-17 13:17 . 2004-08-10 11:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-12 13:59 . 2010-08-12 13:59 -------- d-----w- c:\program files\Common Files\Java
2010-08-12 13:59 . 2010-08-12 13:59 61440 ----a-w- c:\documents and settings\KEITH\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\448889 2a-6d89770c-n\decora-sse.dll
2010-08-12 13:59 . 2010-08-12 13:59 503808 ----a-w- c:\documents and settings\KEITH\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf0 4-147b8274-n\msvcp71.dll
2010-08-12 13:59 . 2010-08-12 13:59 499712 ----a-w- c:\documents and settings\KEITH\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf0 4-147b8274-n\jmc.dll
2010-08-12 13:59 . 2010-08-12 13:59 348160 ----a-w- c:\documents and settings\KEITH\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf0 4-147b8274-n\msvcr71.dll
2010-08-12 13:59 . 2010-08-12 13:59 12800 ----a-w- c:\documents and settings\KEITH\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\448889 2a-6d89770c-n\decora-d3d.dll
2010-08-12 13:58 . 2010-08-12 13:58 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-12 13:58 . 2010-08-12 13:58 -------- d-----w- c:\program files\Java
2010-08-12 13:58 . 2010-08-12 13:58 79488 ----a-w- c:\documents and settings\KEITH\Application Data\Sun\Java\jre1.6.0_21\gtapi.dll
2010-08-12 13:58 . 2010-08-12 13:58 152576 ----a-w- c:\documents and settings\KEITH\Application Data\Sun\Java\jre1.6.0_21\lzma.dll
2010-08-11 23:56 . 2010-07-19 15:04 -------- d-----w- c:\documents and settings\KEITH\Application Data\MSN6
2010-08-11 13:08 . 2010-08-11 13:08 -------- d-----w- c:\program files\ESET
2010-08-10 22:39 . 2010-08-04 15:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-22 15:49 . 2004-08-10 11:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 05:57 . 2009-12-17 23:35 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-07-21 07:44 . 2009-12-16 21:26 0 ----a-w- c:\windows\system32\drivers\OMCI.SYS
2010-07-20 16:42 . 2010-07-20 16:42 17 ----a-w- c:\documents and settings\KEITH\Application Data\godzHell\jag2png.bat
2010-07-14 18:49 . 2010-07-14 18:49 52224 ----a-w- c:\documents and settings\KEITH\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\ SD10005.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-09-30 2424560]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe" [2010-08-23 32768]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-01-18 196608]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-09-02 13351304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"LXCFCATS"="c:\windows\System32\spool\DRIVERS\W32X 86\3\LXCFtime.dll" [2005-04-27 69632]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-09-01 221184]
"LogitechCameraAssistant"="c:\program files\Logitech\Video\CameraAssistant.exe" [2005-09-07 434176]
"LogitechVideo[inspector]"="c:\program files\Logitech\Video\InstallHelper.exe" [2005-09-07 09:39 73728]
"LogitechCameraService(E)"="c:\windows\system32\El kCtrl.exe" [2004-11-01 262144]
"ThreatFire"="c:\program files\ThreatFire\TFTray.exe" [2010-01-14 378128]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
"HitmanPro35"="c:\program files\Hitman Pro 3.5\HitmanPro35.exe" [2010-09-11 6305088]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.ex e" [2010-07-23 402432]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"bsf"="bsf.exe" [2010-10-04 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2010-8-23 450560]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-01-19 21:20 135664 ----atw- c:\documents and settings\KEITH\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
2010-08-23 15:28 32768 ----a-w- c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2010-09-29 18:24 386936 ----a-w- c:\program files\uTorrent\uTorrent.exe

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\lxcfcoms.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessen ger.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\Raptr\\raptr.exe"=
"c:\\Program Files\\Raptr\\raptr_im.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Documents and Settings\\KEITH\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"29156:TCP"= 29156:TCP:ares

R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMo n.sys [9/7/2010 11:21 AM 51984]
R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSy sMon.sys [9/7/2010 11:21 AM 59664]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboo t.sys [10/5/2010 6:38 PM 28552]
S1 SABKUTIL;SABKUTIL;\??\c:\program files\SUPERAntiSpyware\SABKUTIL.sys --> c:\program files\SUPERAntiSpyware\SABKUTIL.sys [?]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 3:25 PM 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 3:41 PM 67656]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [7/14/2010 5:18 PM 135336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]
S2 ThreatFire;ThreatFire;c:\program files\ThreatFire\TFService.exe service --> c:\program files\ThreatFire\TFService.exe service [?]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 m4cxw2k3;NDIS5.1 Miniport Driver for D-Link PCI Express Ethernet Controller;c:\windows\system32\drivers\m4cxw2k3.sy s [2/15/2007 9:04 AM 250752]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [8/10/2004 8:00 AM 14336]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2/19/2010 1:37 PM 517096]
S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNe tMon.sys [9/7/2010 11:21 AM 33552]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30 319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Contents of the 'Scheduled Tasks' folder

2010-10-06 c:\windows\Tasks\AdobeAAMUpdater-1.0-KEITH-ROF6TH9D8-KEITH.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.e xe [2010-09-18 06:44]

2010-10-08 c:\windows\Tasks\bsf.job
- c:\windows\system32\bsf.exe [2010-10-04 00:46]

2010-10-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-73586283-725345543-1004Core.job
- c:\documents and settings\KEITH\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-19 21:20]

2010-10-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-73586283-725345543-1004UA.job
- c:\documents and settings\KEITH\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-19 21:20]

2010-10-08 c:\windows\Tasks\tcp2.job
- c:\windows\system32\tcp2.exe [2010-08-10 03:01]

2010-10-08 c:\windows\Tasks\User_Feed_Synchronization-{48502727-2E09-4630-9A71-CB897CEE2B35}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 08:31]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
FF - ProfilePath - c:\documents and settings\KEITH\Application Data\Mozilla\Firefox\Profiles\j8vb72o4.default\
FF - plugin: c:\documents and settings\KEITH\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\KEITH\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\KEITH\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dl l
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-AdobeBridge - (no file)
HKCU-Run-RemoveIT Pro v7Ent - c:\program files\InCode Solutions\RemoveIT Pro v7 Enterprise\removeit.exe

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\T hreatFire]
"AlternateImagePath"=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(232)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(1712)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
.
Completion time: 2010-10-08 17:55:52
ComboFix-quarantined-files.txt 2010-10-08 20:55

Pre-Run: 54,135,705,600 bytes free
Post-Run: 54,104,866,816 bytes free

- - End Of File - - 6A3E4689D1919310D26D6562410E2DCB
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:06:23 PM, on 10/8/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ThreatFire\TFService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\msfeedssync.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtim e.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [HitmanPro35] "C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe" /scan:boot
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.ex e" -launchedbylogin
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [bsf] "bsf.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1262390586982
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/ge...nt/swflash.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxcf_device - Unknown owner - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe

--
End of file - 7082 bytes

Thread: here is my log from high jack this

Thread Tools

Display

Threaded View

Thread Information

Users Browsing this Thread

Posting Permissions