Scanned with Spybot SD, here is the results log (not the full report)



Microsoft.WindowsSecurityCenter.AntiVirusDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0

Virtumonde: User settings (Registry key, nothing done)
HKEY_USERS\S-1-5-21-3153008980-598665437-152516520-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B71FA585-B351-4E48-8DA8-22F6F705EC73}

Virtumonde: Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{B71FA585-B351-4E48-8DA8-22F6F705EC73}

Virtumonde: Settings (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PSRV


--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2007-06-05 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-05-23 advcheck.dll (1.5.3.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-06-20 Includes\Cookies.sbi (*)
2007-05-30 Includes\Dialer.sbi (*)
2007-06-20 Includes\DialerC.sbi (*)
2007-06-20 Includes\Hijackers.sbi (*)
2007-06-20 Includes\HijackersC.sbi (*)
2007-06-20 Includes\Keyloggers.sbi (*)
2007-06-20 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2007-06-20 Includes\Malware.sbi (*)
2007-06-20 Includes\MalwareC.sbi (*)
2007-03-21 Includes\PUPS.sbi (*)
2007-06-20 Includes\PUPSC.sbi (*)
2007-06-20 Includes\Revision.sbi (*)
2007-05-30 Includes\Security.sbi (*)
2007-06-20 Includes\SecurityC.sbi (*)
2007-06-20 Includes\Spybots.sbi (*)
2007-06-20 Includes\SpybotsC.sbi (*)
2005-02-17 Includes\Tracks.uti
2007-06-20 Includes\Trojans.sbi (*)
2007-06-20 Includes\TrojansC.sbi (*)
2007-06-06 Plugins\TCPIPAddress.dll

Not sure if Spybot SD corrected the problem, so I restarted, and here is my HJT log.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 7:33:28 PM, on 21/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AVG\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\windows\system\hpsysdrv.exe
C:\Windows\system32\HpSrvUI.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\SYSTEM32\spider.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Owner\My Documents\HiJackThis\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://sg4.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = IE
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\DOCUME~1\Owner\Desktop\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe
O4 - HKLM\..\Run: [hpScannerFirstBoot] c:\hp\drivers\scanners\scannerfb.exe
O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoPlay.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - http://s.nx.com/activex/public_new/nxpm.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1148083528265
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe

--
End of file - 8637 bytes

Hello :)

Sorry for the wait.

Let's do some research first:

1. Download this file - combofix.exe (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

"Owner" - 2007-06-26 13:40:55 - ComboFix 07-06-25.3 - Service Pack 2 NTFS


((((((((((((((((((((((((( Files Created from 2007-05-26 to 2007-06-26 )))))))))))))))))))))))))))))))


2007-06-26 13:39 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-22 19:56 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\Vidalia
2007-06-22 19:46 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\Tor
2007-06-11 20:35 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic
2007-06-11 20:06 <DIR> d-------- C:\Program Files\HiJackFree
2007-06-11 19:44 4,212 ---h----- C:\WINDOWS\SYSTEM32\zllictbl.dat
2007-06-11 19:43 75,512 --a------ C:\WINDOWS\zllsputility.exe
2007-06-11 19:43 11,264 --a------ C:\WINDOWS\SYSTEM32\SpOrder.dll
2007-06-11 19:40 1,087,216 --a------ C:\WINDOWS\SYSTEM32\zpeng24.dll
2007-06-11 19:40 <DIR> d-------- C:\WINDOWS\SYSTEM32\ZoneLabs
2007-06-11 19:39 <DIR> d-------- C:\WINDOWS\Internet Logs
2007-06-11 11:31 <DIR> d-------- C:\Program Files\Norton Security Scan
2007-06-11 11:15 626,688 --a------ C:\WINDOWS\SYSTEM32\msvcr80.dll
2007-06-08 16:30 <DIR> d-------- C:\Program Files\SpywareGuard
2007-06-07 22:34 <DIR> d-------- C:\Program Files\SpywareBlaster
2007-06-07 15:26 <DIR> d-------- C:\VundoFix Backups
2007-06-05 20:36 3,216 --a------ C:\WINDOWS\SYSTEM32\tmp.reg
2007-06-05 18:53 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-06-04 21:27 <DIR> d-------- C:\Program Files\Windows Defender
2007-06-03 23:37 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-06-02 17:33 36,864 --a------ C:\WINDOWS\SYSTEM32\Skel32.dll
2007-06-02 17:33 3,584 --a------ C:\WINDOWS\SYSTEM32\SKELETON.DLL
2007-06-02 10:50 10,344 --a------ C:\WINDOWS\SYSTEM32\drivers\symlcbrd.sys
2007-06-01 23:18 90,112 --------- C:\WINDOWS\SYSTEM32\RDrv2KInterface.dll
2007-06-01 23:18 53,248 --------- C:\WINDOWS\SYSTEM32\RDrvNTInterface.dll
2007-06-01 23:18 36,864 --------- C:\WINDOWS\SYSTEM32\unVHDDrvExe.exe
2007-06-01 23:18 36,864 --------- C:\WINDOWS\SYSTEM32\inVHDDrvExe.exe
2007-06-01 23:18 32,768 --------- C:\WINDOWS\SYSTEM32\RDrv9xInterface.dll
2007-06-01 23:18 28,672 --------- C:\WINDOWS\SYSTEM32\RDrvInterface.dll
2007-06-01 10:04 <DIR> d-------- C:\Program Files\Undelete
2007-05-31 19:20 <DIR> d-------- C:\Program Files\SpeedFan
2007-05-26 13:04 <DIR> d-------- C:\Tmp


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-25 07:25:28 -------- d-----w C:\Program Files\Mozilla Thunderbird
2007-06-23 07:47:19 -------- d-----w C:\Program Files\Common Files\Autodesk Shared
2007-06-22 10:29:34 -------- d-----w C:\DOCUME~1\Owner\APPLIC~1\Skype
2007-06-21 08:00:31 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-06-13 03:29:45 -------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-06-13 03:29:43 -------- d-----w C:\DOCUME~1\Owner\APPLIC~1\Symantec
2007-06-13 03:24:05 -------- d-----w C:\Program Files\Symantec
2007-06-11 12:50:46 -------- d-----w C:\Program Files\Google
2007-06-11 12:34:19 -------- d-----w C:\Program Files\Skype
2007-06-02 10:01:42 -------- d-----w C:\Program Files\HP RecordNow
2007-05-30 12:29:36 -------- d-----w C:\Program Files\CamStudio
2007-05-30 12:26:10 -------- d-----w C:\Program Files\Eraser
2007-05-25 12:50:29 155,648 ----a-w C:\WINDOWS\system32\stuninstall.exe
2007-05-25 12:46:01 -------- d-----w C:\Program Files\TechSmith
2007-05-25 11:18:11 -------- d-----w C:\DOCUME~1\Owner\APPLIC~1\vlc
2007-05-25 11:14:25 -------- d-----w C:\Program Files\VideoLAN
2007-05-22 12:19:01 -------- d-----w C:\Program Files\7-Zip
2007-05-19 09:23:22 720,896 ----a-w C:\WINDOWS\iun6002.exe
2007-05-18 12:53:31 -------- d-----w C:\Program Files\Messenger Plus! Live
2007-05-17 16:33:13 -------- d-----w C:\Program Files\MSXML 4.0
2007-05-17 10:41:01 -------- d-----w C:\Program Files\MSN Messenger
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-16 10:06:36 -------- d-----w C:\DOCUME~1\Owner\APPLIC~1\Autodesk
2007-05-15 11:41:37 -------- d-----w C:\Program Files\Microsoft Silverlight
2007-05-01 14:04:00 -------- d-----w C:\Program Files\Sol Edit
2007-04-26 08:45:40 -------- d-----w C:\Program Files\Common Files\Xuisoft
2007-04-26 08:44:45 -------- d-----w C:\Program Files\GifCreator
2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-16 14:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-16 14:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-16 14:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-16 14:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-16 14:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-16 14:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 14:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-16 14:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-04-16 14:44:20 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
2007-04-16 14:44:18 208,248 ----a-w C:\WINDOWS\system32\muweb.dll
2007-04-12 12:14:25 745 ----a-w C:\WINDOWS\eReg.dat


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{53707962-6F74-2D53-2644-206D7942484F}=C:\DOCUME~1\Owner\Desktop\SPYBOT~1\SDHelper.dll [2005-05-31 01:04]
{69A87B7D-DE56-4136-9655-716BA50C19C7}=C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [2006-10-25 13:16]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}=c:\Program Files\Microsoft Money\System\mnyviewer.dll [2001-07-25 10:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpScannerFirstBoot"="c:\hp\drivers\scanners\scannerfb.exe" [2001-12-13 15:24]
"PreloadApp"="c:\hp\drivers\printers\photosmart\hphprld.exe" [2001-12-12 19:05]
"KBD"="C:\HP\KBD\KBD.EXE" [2001-07-06 17:56]
"nwiz"="nwiz.exe" [2006-06-01 17:22 C:\WINDOWS\SYSTEM32\nwiz.exe]
"SoundMan"="SOUNDMAN.EXE" [2006-03-02 07:22 C:\WINDOWS\soundman.exe]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02]
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe
@=OSK.exe

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b25cf53-be50-11db-9afe-000c76365333}]
AutoRun\command- VeritySEM.exe

*Newly Created Service* - SPEEDFAN

Contents of the 'Scheduled Tasks' folder
2007-06-26 05:22:39 C:\WINDOWS\tasks\MP Scheduled Scan.job

**************************************************************************

catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-26 13:58:42
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-06-26 14:01:35

--- E O F ---

Hiya :)

We'll run another scanner...

Please do an online scan with Kaspersky WebScanner (http://www.kaspersky.com/virusscanner)

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
The program will launch and then begin downloading the latest definition files:
Once the files have been downloaded click on NEXT

Now click on Scan Settings
In the scan settings make that the following are selected:
Scan using the following Anti-Virus database:
Extended (if available otherwise Standard)

Scan Options:
Scan Archives
Scan Mail Bases

Click OK
Now under select a target to scan:Select My Computer

This will program will start and scan your system.
The scan will take a while so be patient and let it run.
Once the scan is complete it will display if your system has been infected.
Now click on the Save as Text button:
Save the file to your desktop.
Copy and paste that information in your next post.

This topic has been archived due to lack of a response.

If you need it re-opened, please send me a private message (pm) and provide a link to the thread. Applies only to the original poster, anyone else with similar problems please start a new topic.