c:\windows\Fonts\svchost.exe got me too!

[steiner69er]

As far as I know, the only problem with my pc is that Limewire Pro want's to open up automatically and wants me to save something. I've been just carrying on normal activities with this thing hiding behind my open programs. Here are my log files. Thanks

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, November 21, 2007 7:07:23 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 21/11/2007
Kaspersky Anti-Virus database records: 463254
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\

Scan Statistics:
Total number of scanned objects: 85873
Number of viruses found: 6
Number of infected objects: 21
Number of suspicious objects: 3
Duration of the scan process: 01:57:43

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\McAfee\MNA\NAData Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MPF\data\log.edb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MPF\data\logout.edb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\Events.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\{9CD61151-A642-499C-9209-D59390688818}.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\McUsers.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Data\TFR2.tmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Logs\OAS.Log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\SupportSoft\ddoctorv2\SYSTEM\state\logs\sprtcmd.log Object is locked skipped
C:\Documents and Settings\Dennis\Application Data\Mozilla\Firefox\Profiles\ein7gl06.default\cert8.db Object is locked skipped
C:\Documents and Settings\Dennis\Application Data\Mozilla\Firefox\Profiles\ein7gl06.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\Dennis\Application Data\Mozilla\Firefox\Profiles\ein7gl06.default\history.dat Object is locked skipped
C:\Documents and Settings\Dennis\Application Data\Mozilla\Firefox\Profiles\ein7gl06.default\key3.db Object is locked skipped
C:\Documents and Settings\Dennis\Application Data\Mozilla\Firefox\Profiles\ein7gl06.default\parent.lock Object is locked skipped
C:\Documents and Settings\Dennis\Application Data\Mozilla\Firefox\Profiles\ein7gl06.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Dennis\Application Data\Mozilla\Firefox\Profiles\ein7gl06.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Dennis\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Dennis\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Dennis\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Dennis\Local Settings\Application Data\Mozilla\Firefox\Profiles\ein7gl06.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Dennis\Local Settings\Application Data\Mozilla\Firefox\Profiles\ein7gl06.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Dennis\Local Settings\Application Data\Mozilla\Firefox\Profiles\ein7gl06.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Dennis\Local Settings\Application Data\Mozilla\Firefox\Profiles\ein7gl06.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Dennis\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Dennis\Local Settings\Temp\~DF28AA.tmp Object is locked skipped
C:\Documents and Settings\Dennis\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Dennis\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Dennis\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\HP\hpcoretech\hpcmerr.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{DF79935C-FA28-49CA-97ED-8DA610A4ACD3}\RP69\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Fonts\'\00jj99uuii66ddxxqqq.zip/Crack.exe Infected: Trojan.Win32.Agent.cmn skipped
C:\WINDOWS\Fonts\'\00jj99uuii66ddxxqqq.zip ZIP: infected - 1 skipped
C:\WINDOWS\Fonts\a.zip/Crack.exe Infected: Trojan.Win32.Agent.cmn skipped
C:\WINDOWS\Fonts\a.zip ZIP: infected - 1 skipped
C:\WINDOWS\Fonts\Crack.exe Infected: Trojan.Win32.Agent.cmn skipped
C:\WINDOWS\Fonts\svchost.exe Infected: Trojan.Win32.Agent.cmn skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\mcafee_0ehgAlbavZAvvpI Object is locked skipped
C:\WINDOWS\Temp\mcafee_cbQcKsgQ5USVmgN Object is locked skipped
C:\WINDOWS\Temp\mcmsc_9hdlCwWX4vYJ7h5 Object is locked skipped
C:\WINDOWS\Temp\mcmsc_Q6lqWddJCHRg6v2 Object is locked skipped
C:\WINDOWS\Temp\mcmsc_XFAq7WF6x28RvoV Object is locked skipped
C:\WINDOWS\Temp\mcmsc_YOIyPDkTbzJUWTq Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_7ac.dat Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_810.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
F:\Downloads\Software\All to All Audio converter\All to All ( MP3, OGG, WMA 8, WAV) converter+crack.zip/Audio_Conversion_Wizard_Crack.zip/acw.exe Suspicious: Packed.Win32.PePatch.dk skipped
F:\Downloads\Software\All to All Audio converter\All to All ( MP3, OGG, WMA 8, WAV) converter+crack.zip/Audio_Conversion_Wizard_Crack.zip Suspicious: Packed.Win32.PePatch.dk skipped
F:\Downloads\Software\All to All Audio converter\All to All ( MP3, OGG, WMA 8, WAV) converter+crack.zip ZIP: suspicious - 2 skipped
F:\Downloads\Software\ICQ_IP_Sniffer.zip/Sniffer.exe/data0002 Infected: Sniffer.Win32.Advanfer skipped
F:\Downloads\Software\ICQ_IP_Sniffer.zip/Sniffer.exe Infected: Sniffer.Win32.Advanfer skipped
F:\Downloads\Software\ICQ_IP_Sniffer.zip ZIP: infected - 2 skipped
F:\Downloads\Software\MP3 CD Maker\MP3_CD_Maker_1.41_Keygen_by_DBC.zip/MP3 CD Maker V1.41 Key Generator.exe Infected: Backdoor.Win32.Drat.130 skipped
F:\Downloads\Software\MP3 CD Maker\MP3_CD_Maker_1.41_Keygen_by_DBC.zip ZIP: infected - 1 skipped
F:\Downloads\Software\Password Recovery\Ophcrack-licecd-1.2.2.iso\ophcrack-livecd-1.2.2.iso/slax/ophcrack/ophcrack-win32-installer-2.4.1.exe/file36 Infected: not-a-virus:PSWTool.Win32.PWDump.2 skipped
F:\Downloads\Software\Password Recovery\Ophcrack-licecd-1.2.2.iso\ophcrack-livecd-1.2.2.iso/slax/ophcrack/ophcrack-win32-installer-2.4.1.exe/file64 Infected: not-a-virus:PSWTool.Win32.PWDump.d skipped
F:\Downloads\Software\Password Recovery\Ophcrack-licecd-1.2.2.iso\ophcrack-livecd-1.2.2.iso/slax/ophcrack/ophcrack-win32-installer-2.4.1.exe/file65 Infected: not-a-virus:PSWTool.Win32.PWDump.d skipped
F:\Downloads\Software\Password Recovery\Ophcrack-licecd-1.2.2.iso\ophcrack-livecd-1.2.2.iso/slax/ophcrack/ophcrack-win32-installer-2.4.1.exe Infected: not-a-virus:PSWTool.Win32.PWDump.d skipped
F:\Downloads\Software\Password Recovery\Ophcrack-licecd-1.2.2.iso\ophcrack-livecd-1.2.2.iso ISO image: infected - 4 skipped
F:\Incomplete\T-637945-Tweak XP Pro v4.07 Patch.zip/Crack.exe Infected: Trojan.Win32.Agent.cmn skipped
F:\Incomplete\T-637945-Tweak XP Pro v4.07 Patch.zip ZIP: infected - 1 skipped
F:\Limewire\Tweak XP Pro 4.07 Patch.zip/Crack.exe Infected: Trojan.Win32.Agent.cmn skipped
F:\Limewire\Tweak XP Pro 4.07 Patch.zip ZIP: infected - 1 skipped
F:\RECYCLER\S-1-5-21-527237240-436374069-839522115-1003\Df3.exe Infected: Trojan.Win32.Agent.cmn skipped
F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

Scan process completed.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:31:45 PM, on 11/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\Fonts\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Fonts\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\limewire\limewire.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
O2 - BHO: (no name) - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - (no file)
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\PROGRA~1\FRESHD~1\FRESHD~1\FDCatch.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: (no name) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - (no file)
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdiebar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
O4 - HKLM\..\Run: [OneTouch Monitor] C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Host Process] C:\WINDOWS\Fonts\svchost.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FreshDownload - {C9E58695-CCAD-4F63-9A2C-8796B515B212} - C:\Program Files\FreshDevices\FreshDownload\fd.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shoc...sh/swflash.cab
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe

--
End of file - 7695 bytes

[Shaba]

Hi

One or more of the identified infections is a keylogger.

This allows hackers at least to steal critical system information

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

We can attempt to clean this machine but i can't guarantee that it will be 100% secure afterwards.

Should you have any questions, please feel free to ask.

Please let us know what you have decided to do in your next post.

[steiner69er]

Thanks Shaba,
Go ahead and put this in the archives. I'll just reformat it. Thanks
Steiner

[Shaba]

Since this issue appears resolved ... this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.