Here's the combofix log...
"HP_Owner" - 2007-05-08 15:18:44 Service Pack 2
ComboFix 07-05.08.3.V - Running from: "C:\Documents and Settings\HP_Owner\Desktop\"
(((((((((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\hthqbymg.dll
C:\WINDOWS\system32\iopsaybc.dll
C:\WINDOWS\system32\lmimfpse.dll
C:\WINDOWS\system32\newyafvi.dll
C:\WINDOWS\system32\vkpngrdp.dll
C:\WINDOWS\system32\vskwqatj.dll
C:\WINDOWS\system32\vsuuuvvm.dll
C:\WINDOWS\system32\wtqcruyg.dll
C:\WINDOWS\system32\ylswsgtq.dll
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Program Files\install.log
C:\install.log
((((((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_NWSAPAGENT
-------\NwSapAgent
((((((((((((((((((((((((((((((( Files Created from 2007-04-08 to 2007-05-08 ))))))))))))))))))))))))))))))))))
2007-05-08 08:46 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-05-08 00:38 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
2007-05-08 00:13 <DIR> d-------- C:\VundoFix Backups
2007-05-03 16:31 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-05-03 11:58 <DIR> d-------- C:\hijackthis
2007-05-03 09:08 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-05-02 19:45 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2007-05-02 19:41 <DIR> d-------- C:\DOCUME~1\HP_Owner\.housecall6.6
2007-04-25 23:11 <DIR> d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\IMVU
2007-04-25 23:10 <DIR> d-------- C:\Program Files\IMVU
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2093-07-27 04:55:01 60,728 ----a-w C:\WINDOWS\hpwins03.dat
2093-07-27 04:54:27 -------- d-----w C:\Program Files\HP
2007-05-08 12:47:49 -------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-05-07 23:59:22 15,502 ----a-w C:\DOCUME~1\HP_Owner\APPLIC~1\wklnhst.dat
2007-05-02 03:50:57 -------- d-----w C:\DOCUME~1\HP_Owner\APPLIC~1\FUJIFILM
2007-04-24 05:10:08 -------- d-----w C:\DOCUME~1\HP_Owner\APPLIC~1\Canon
2007-04-17 17:50:55 -------- d-----w C:\Program Files\GetRight
2007-04-03 03:11:22 -------- d-----w C:\DOCUME~1\HP_Owner\APPLIC~1\Azureus
2007-04-02 22:59:26 -------- d-----w C:\Program Files\SystemRequirementsLab
2007-04-02 22:59:26 -------- d-----w C:\DOCUME~1\HP_Owner\APPLIC~1\SystemRequirementsLab
2007-04-02 16:25:33 -------- d-----w C:\Program Files\KONAMI
2007-04-02 16:25:32 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-04-02 06:07:40 -------- d-----w C:\Program Files\Rockstar Games
2007-04-02 05:58:02 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-04-02 04:23:00 -------- d-----w C:\Program Files\PowerISO
2007-04-01 17:41:31 -------- d-----w C:\Program Files\Metal Gear Solid
2007-03-29 13:56:50 -------- d-----w C:\Program Files\Funcom
2007-03-29 13:17:40 -------- d-----w C:\Program Files\TLJ
2007-03-28 20:37:22 -------- d-----w C:\Program Files\MagicISO
2007-03-28 17:53:50 -------- d-----w C:\Program Files\DAEMON Tools
2007-03-28 17:45:00 646,392 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-03-28 17:05:33 -------- d-----w C:\Program Files\Alcohol Soft
2007-03-28 16:39:34 -------- d-----w C:\Program Files\Smart Projects
2007-03-26 20:24:14 -------- d-----w C:\Program Files\Azureus
2007-03-21 11:20:02 -------- d-----w C:\DOCUME~1\HP_Owner\APPLIC~1\BitTorrent
2007-03-20 18:28:05 -------- d-----w C:\Program Files\ScummVM
2007-03-17 13:43:01 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
2007-03-12 20:34:23 -------- d-----w C:\Program Files\XBCD
2007-03-12 20:03:00 -------- d-----w C:\Program Files\Microsoft Xbox 360 Accessories
2007-03-08 15:36:28 577,536 ----a-w C:\WINDOWS\system32\user32.dll
2007-03-08 15:36:28 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
2007-03-08 15:36:28 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-03-08 13:47:48 1,843,584 ----a-w C:\WINDOWS\system32\win32k.sys
2007-02-20 21:43:54 68,888 ----a-w C:\WINDOWS\system32\xinput1_3.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
"{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}"="C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll"
"{53707962-6F74-2D53-2644-206D7942484F}"="C:\PROGRA~1\SPYBOT~1\SDHelper.dll"
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"="C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll"
"{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}"="C:\Program Files\Norton AntiVirus\NavShExt.dll"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
"ccApp"="\"c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"IntelliPoint"="\"C:\\Program Files\\Microsoft IntelliPoint\\ipoint.exe\""
"My Web Search Bar Search Scope Monitor"="\"C:\\PROGRA~1\\MYWEBS~1\\bar\\1.bin\\m3SrchMn.exe\" /m=0"
"XboxStat"="\"c:\\Program Files\\Microsoft Xbox 360 Accessories\\XboxStat.exe\" silentrun"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
"Yahoo! Pager"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"
"BitTorrent"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized"
"MySpaceIM"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"
"updateMgr"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_8 -reboot 1"
"igndlm.exe"="C:\\Program Files\\IGN\\Download Manager\\DLM.exe /windowsstart /startifwork"
"Pinnacle Game Profiler"="\"C:\\Program Files\\KALiNKOsoft\\Pinnacle Game Profiler\\pinnacle.exe\" -atboottime"
"DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll"
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages msv1_0\0\0
Security Packages kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages scecli\0\0
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^start menu^programs^startup^adobe gamma loader.lnk
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^start menu^programs^startup^adobe reader speed launch.lnk
C:\PROGRA~1\Adobe\ACROBA~3.0\Reader\READER~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^start menu^programs^startup^autostart ir.lnk
C:\PROGRA~1\WinTV\Ir.exe /QUIET
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^start menu^programs^startup^hp digital imaging monitor.lnk
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^start menu^programs^startup^logitech desktop messenger.lnk
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe /start
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^start menu^programs^startup^netassistant.lnk
C:\PROGRA~1\NETASS~1\bin\matcli.exe -boot
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^start menu^programs^startup^spysubtract.lnk
C:\PROGRA~1\INTERM~1\SPYSUB~1\sslaunch.exe -autostart
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^hp_owner^start menu^programs^startup^bittorrent.lnk
C:\PROGRA~1\BITTOR~1\BITTOR~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\agrsmmsg
AGRSMMSG.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\aim
C:\Program Files\AIM\aim.exe -cnetwait.odl
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\alcxmonitor
ALCXMNTR.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccapp
"c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hotkeyscmds
C:\WINDOWS\system32\hkcmd.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hphmon06
C:\WINDOWS\system32\hphmon06.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hphupd06
c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv
c:\windows\system\hpsysdrv.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpwutoolbox
C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe "-i"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray
C:\WINDOWS\system32\igfxtray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ituneshelper
"C:\Program Files\iTunes\iTunesHelper.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kbd
C:\HP\KBD\KBD.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ldm
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\logitechsoftwareupdate
"C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\logitechvideorepair
C:\Program Files\Logitech\Video\ISStart.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\logitechvideotray
C:\Program Files\Logitech\Video\LogiTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lsbwatcher
c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lvcomsx
C:\WINDOWS\system32\LVCOMSX.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\motive smartbridge
C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msmsgs
"C:\Program Files\Messenger\msmsgs.exe" /background
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr
"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nerocheck
C:\WINDOWS\system32\NeroCheck.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nvcpldaemon
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nvmediacenter
RunDLL32.exe NvMCTray.dll,NvTaskbarInit
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz
nwiz.exe /install
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\opwarese2
"C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ps2
C:\WINDOWS\system32\ps2.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\recguard
C:\WINDOWS\SMINST\RECGUARD.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\regshave
C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sunjavaupdatesched
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\type32
"C:\Program Files\Microsoft IntelliType Pro\type32.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\urllstck.exe
c:\Program Files\Norton Internet Security\UrlLstCk.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\viewmgr
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\viewpointphotosdeviceconnect
C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\yahoo! pager
"C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe" -quiet
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter HTTPFilter\0\0
LocalService Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService DnsCache\0\0
DcomLaunch DcomLaunch\0TermService\0\0
rpcss RpcSs\0\0
imgsvc StiSvc\0\0
termsvcs TermService\0\0
WudfServiceGroup WUDFSvc\0\0
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\L]
Shell\AutoRun\command L:\MGS2SSetup.exe
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{946850c5-1e27-11d9-baf0-806d6172696f}]
Shell\AutoRun\command D:\setup.exe
~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
backup-20070508-090006-648
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.122 85.255.112.169
backup-20070508-090006-569
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Zang...e46115b5703919
backup-20070508-090006-497
O17 - HKLM\System\CCS\Services\Tcpip\..\{D080EB38-E298-4FB6-8DE4-E98BF3E3DA02}: NameServer = 85.255.113.122,85.255.112.169
backup-20070508-090006-256
O17 - HKLM\System\CCS\Services\Tcpip\..\{964229AD-5E57-4501-B4D8-BFE698190100}: NameServer = 85.255.113.122,85.255.112.169
backup-20070508-090006-826
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B41F12B-ADE9-454C-93F7-23CC545BA979}: NameServer = 85.255.113.122,85.255.112.169
backup-20070508-090005-794
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://download.cdn.winsoftware.com/...reeInstall.cab
backup-20070508-090005-912
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
backup-20070508-090005-179
O15 - Trusted Zone: http://locator.cdn.imageservr.com
backup-20070508-090005-378
O15 - Trusted Zone: http://locator1.cdn.imageservr.com
backup-20070508-090005-399
O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\system32\ilnsxety.dll",realset
backup-20070508-090005-557
O2 - BHO: (no name) - {0805E331-F6AF-454C-B679-15974247B531} - C:\WINDOWS\system\bdsa.dll (file missing)
backup-20070508-090005-225
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
backup-20070506-103003-350
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
backup-20070506-102747-883
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...tml?p=ZNfox000
backup-20070506-102655-919
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
backup-20070506-102626-888
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
backup-20070506-102429-157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
backup-20070506-102429-999
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
backup-20070506-102428-593
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - HP_Owner.job
********************************************************************
catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-08 15:30:45
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
********************************************************************
Completion time: 2007-05-08 15:36:42 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-05-08 15:36