OK here my HJT Log
Logfile of HijackThis v1.99.1
Scan saved at 7:30:04 PM, on 7/13/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Antuy\Bfwkgyf.exe
C:\WINDOWS\ntve.exe
C:\Program Files\NavExcel\NavHelper\v2.0.4d\navapp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Real\RealPlayer\realplay.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\HP_Owner\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {0F03A0AB-9AB9-6F22-30DC-7DA69D53B123} - C:\WINDOWS\system32\syscr.dll
O2 - BHO: Class - {2E50CF6C-353C-032C-4481-7C38A75AE895} - C:\WINDOWS\system32\javanh32.dll
O2 - BHO: Class - {36602E34-564B-4F82-3460-40E15FF68B74} - C:\WINDOWS\sysyf32.dll
O2 - BHO: Class - {38A18D1C-4A77-8792-1DFC-D31817094FC7} - C:\WINDOWS\system32\apiap.dll
O2 - BHO: Class - {486FB334-9056-7058-15E8-1E8523A2C936} - C:\WINDOWS\msan32.dll
O2 - BHO: Class - {50A0058B-9B7D-653D-AB07-A0A98CADC978} - C:\WINDOWS\netmz.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Class - {696F981A-A647-7FDB-029B-C22B55E719C0} - C:\WINDOWS\addzv32.dll
O2 - BHO: Class - {76B65772-6456-05AC-575B-9D567678D55E} - C:\WINDOWS\mfcue32.dll
O2 - BHO: Class - {7E678766-5C45-3E67-EFD2-B3449A8C2A69} - C:\WINDOWS\winnk.dll
O2 - BHO: Class - {9B474FFA-1A37-FA5B-6B29-AC0914CE88DB} - C:\WINDOWS\system32\atlvp.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Class - {CDF42652-3705-BFD1-B061-1F21BA9B7A66} - C:\WINDOWS\apiii32.dll
O2 - BHO: (no name) - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - (no file)
O2 - BHO: Class - {E738A396-AC71-CAF0-910D-C675897B4EF5} - C:\WINDOWS\iecn.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {5AA06644-BC46-4220-A460-47A6EB47C96D} - (no file)
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE
O4 - HKLM\..\Run: [Qtaun] C:\Program Files\Antuy\Bfwkgyf.exe
O4 - HKLM\..\Run: [ntve.exe] C:\WINDOWS\ntve.exe
O4 - HKLM\..\Run: [navapp] C:\Program Files\NavExcel\NavHelper\v2.0.4d\navapp.exe
O4 - HKLM\..\RunOnce: [winzd.exe] C:\WINDOWS\system32\winzd.exe
O4 - HKLM\..\RunOnce: [nethk.exe] C:\WINDOWS\system32\nethk.exe
O4 - HKLM\..\RunOnce: [winta.exe] C:\WINDOWS\winta.exe
O4 - HKLM\..\RunOnce: [d3xm.exe] C:\WINDOWS\d3xm.exe
O4 - HKLM\..\RunOnce: [ntqk32.exe] C:\WINDOWS\ntqk32.exe
O4 - HKLM\..\RunOnce: [nteh.exe] C:\WINDOWS\system32\nteh.exe
O4 - HKLM\..\RunOnce: [javaen.exe] C:\WINDOWS\javaen.exe
O4 - HKLM\..\RunOnce: [apijp32.exe] C:\WINDOWS\system32\apijp32.exe
O4 - HKLM\..\RunOnce: [iptc.exe] C:\WINDOWS\iptc.exe
O4 - HKLM\..\RunOnce: [ipcq.exe] C:\WINDOWS\system32\ipcq.exe
O4 - HKLM\..\RunOnce: [d3sf32.exe] C:\WINDOWS\d3sf32.exe
O4 - HKLM\..\RunOnce: [winqn.exe] C:\WINDOWS\winqn.exe
O4 - HKLM\..\RunOnce: [javavh.exe] C:\WINDOWS\system32\javavh.exe
O4 - HKLM\..\RunOnce: [ipzt32.exe] C:\WINDOWS\ipzt32.exe
O4 - HKLM\..\RunOnce: [atlqg32.exe] C:\WINDOWS\system32\atlqg32.exe
O4 - HKLM\..\RunOnce: [ieda.exe] C:\WINDOWS\ieda.exe
O4 - HKLM\..\RunOnce: [mfcyo.exe] C:\WINDOWS\system32\mfcyo.exe
O4 - HKLM\..\RunOnce: [addca32.exe] C:\WINDOWS\addca32.exe
O4 - HKLM\..\RunOnce: [mssq.exe] C:\WINDOWS\system32\mssq.exe
O4 - HKLM\..\RunOnce: [crvr.exe] C:\WINDOWS\crvr.exe
O4 - HKLM\..\RunOnce: [apibt.exe] C:\WINDOWS\apibt.exe
O4 - HKLM\..\RunOnce: [sysrv32.exe] C:\WINDOWS\sysrv32.exe
O4 - HKLM\..\RunOnce: [mfcks32.exe] C:\WINDOWS\system32\mfcks32.exe
O4 - HKLM\..\RunOnce: [mfcef32.exe] C:\WINDOWS\mfcef32.exe
O4 - HKLM\..\RunOnce: [addom.exe] C:\WINDOWS\addom.exe
O4 - HKLM\..\RunOnce: [crcg32.exe] C:\WINDOWS\system32\crcg32.exe
O4 - HKLM\..\RunOnce: [winrd32.exe] C:\WINDOWS\winrd32.exe
O4 - HKLM\..\RunOnce: [ipae.exe] C:\WINDOWS\ipae.exe
O4 - HKLM\..\RunOnce: [mspb32.exe] C:\WINDOWS\system32\mspb32.exe
O4 - HKLM\..\RunOnce: [appzz32.exe] C:\WINDOWS\appzz32.exe
O4 - HKLM\..\RunOnce: [msft.exe] C:\WINDOWS\msft.exe
O4 - HKLM\..\RunOnce: [crhp.exe] C:\WINDOWS\system32\crhp.exe
O4 - HKLM\..\RunOnce: [ienp.exe] C:\WINDOWS\ienp.exe
O4 - HKLM\..\RunOnce: [appil.exe] C:\WINDOWS\system32\appil.exe
O4 - HKLM\..\RunOnce: [addxc32.exe] C:\WINDOWS\addxc32.exe
O4 - HKLM\..\RunOnce: [javafi32.exe] C:\WINDOWS\system32\javafi32.exe
O4 - HKLM\..\RunOnce: [syssg.exe] C:\WINDOWS\syssg.exe
O4 - HKLM\..\RunOnce: [javarw32.exe] C:\WINDOWS\javarw32.exe
O4 - HKLM\..\RunOnce: [netpl32.exe] C:\WINDOWS\system32\netpl32.exe
O4 - HKLM\..\RunOnce: [netpt.exe] C:\WINDOWS\system32\netpt.exe
O4 - HKLM\..\RunOnce: [apiyb.exe] C:\WINDOWS\apiyb.exe
O4 - HKLM\..\RunOnce: [winao32.exe] C:\WINDOWS\system32\winao32.exe
O4 - HKLM\..\RunOnce: [msmy.exe] C:\WINDOWS\msmy.exe
O4 - HKLM\..\RunOnce: [iply32.exe] C:\WINDOWS\iply32.exe
O4 - HKLM\..\RunOnce: [iesn.exe] C:\WINDOWS\iesn.exe
O4 - HKLM\..\RunOnce: [winrc32.exe] C:\WINDOWS\system32\winrc32.exe
O4 - HKLM\..\RunOnce: [apipq.exe] C:\WINDOWS\system32\apipq.exe
O4 - HKLM\..\RunOnce: [ieox32.exe] C:\WINDOWS\system32\ieox32.exe
O4 - HKLM\..\RunOnce: [apidm.exe] C:\WINDOWS\system32\apidm.exe
O4 - HKLM\..\RunOnce: [ipuu32.exe] C:\WINDOWS\ipuu32.exe
O4 - HKLM\..\RunOnce: [addnn32.exe] C:\WINDOWS\addnn32.exe
O4 - HKLM\..\RunOnce: [appnd.exe] C:\WINDOWS\system32\appnd.exe
O4 - HKLM\..\RunOnce: [addwd.exe] C:\WINDOWS\addwd.exe
O4 - HKLM\..\RunOnce: [netls32.exe] C:\WINDOWS\system32\netls32.exe
O4 - HKLM\..\RunOnce: [javaka32.exe] C:\WINDOWS\system32\javaka32.exe
O4 - HKLM\..\RunOnce: [ntfm.exe] C:\WINDOWS\ntfm.exe
O4 - HKLM\..\RunOnce: [appet32.exe] C:\WINDOWS\appet32.exe
O4 - HKLM\..\RunOnce: [ieuj32.exe] C:\WINDOWS\system32\ieuj32.exe
O4 - HKLM\..\RunOnce: [winsw.exe] C:\WINDOWS\winsw.exe
O4 - HKLM\..\RunOnce: [appre.exe] C:\WINDOWS\system32\appre.exe
O4 - HKLM\..\RunOnce: [msfo.exe] C:\WINDOWS\system32\msfo.exe
O4 - HKLM\..\RunOnce: [d3fp.exe] C:\WINDOWS\d3fp.exe
O4 - HKLM\..\RunOnce: [addve32.exe] C:\WINDOWS\system32\addve32.exe
O4 - HKLM\..\RunOnce: [apitl32.exe] C:\WINDOWS\system32\apitl32.exe
O4 - HKLM\..\RunOnce: [atlop.exe] C:\WINDOWS\system32\atlop.exe
O4 - HKLM\..\RunOnce: [msnf32.exe] C:\WINDOWS\system32\msnf32.exe
O4 - HKLM\..\RunOnce: [sdkdu32.exe] C:\WINDOWS\sdkdu32.exe
O4 - HKLM\..\RunOnce: [javalk.exe] C:\WINDOWS\javalk.exe
O4 - HKLM\..\RunOnce: [sdkmk.exe] C:\WINDOWS\system32\sdkmk.exe
O4 - HKLM\..\RunOnce: [sysja32.exe] C:\WINDOWS\sysja32.exe
O4 - HKLM\..\RunOnce: [appah32.exe] C:\WINDOWS\appah32.exe
O4 - HKLM\..\RunOnce: [winvl.exe] C:\WINDOWS\winvl.exe
O4 - HKLM\..\RunOnce: [crua32.exe] C:\WINDOWS\crua32.exe
O4 - HKLM\..\RunOnce: [ntpm.exe] C:\WINDOWS\system32\ntpm.exe
O4 - HKLM\..\RunOnce: [netel32.exe] C:\WINDOWS\system32\netel32.exe
O4 - HKLM\..\RunOnce: [mssa.exe] C:\WINDOWS\system32\mssa.exe
O4 - HKLM\..\RunOnce: [winri.exe] C:\WINDOWS\winri.exe
O4 - HKLM\..\RunOnce: [atlcj.exe] C:\WINDOWS\atlcj.exe
O4 - HKLM\..\RunOnce: [msbj32.exe] C:\WINDOWS\msbj32.exe
O4 - HKLM\..\RunOnce: [mfcpx32.exe] C:\WINDOWS\mfcpx32.exe
O4 - HKLM\..\RunOnce: [d3pf32.exe] C:\WINDOWS\system32\d3pf32.exe
O4 - HKLM\..\RunOnce: [atlkr32.exe] C:\WINDOWS\atlkr32.exe
O4 - HKLM\..\RunOnce: [netpv.exe] C:\WINDOWS\netpv.exe
O4 - HKLM\..\RunOnce: [mfcyw32.exe] C:\WINDOWS\mfcyw32.exe
O4 - HKLM\..\RunOnce: [crhc.exe] C:\WINDOWS\crhc.exe
O4 - HKLM\..\RunOnce: [addwz32.exe] C:\WINDOWS\system32\addwz32.exe
O4 - HKLM\..\RunOnce: [aping.exe] C:\WINDOWS\system32\aping.exe
O4 - HKLM\..\RunOnce: [sdkqc32.exe] C:\WINDOWS\sdkqc32.exe
O4 - HKLM\..\RunOnce: [netal.exe] C:\WINDOWS\system32\netal.exe
O4 - HKLM\..\RunOnce: [ipga32.exe] C:\WINDOWS\ipga32.exe
O4 - HKLM\..\RunOnce: [netux32.exe] C:\WINDOWS\system32\netux32.exe
O4 - HKLM\..\RunOnce: [addzb32.exe] C:\WINDOWS\system32\addzb32.exe
O4 - HKLM\..\RunOnce: [ipcn32.exe] C:\WINDOWS\system32\ipcn32.exe
O4 - HKLM\..\RunOnce: [javahr.exe] C:\WINDOWS\javahr.exe
O4 - HKLM\..\RunOnce: [sdkir32.exe] C:\WINDOWS\system32\sdkir32.exe
O4 - HKLM\..\RunOnce: [ntwo32.exe] C:\WINDOWS\ntwo32.exe
O4 - HKLM\..\RunOnce: [atlbk32.exe] C:\WINDOWS\atlbk32.exe
O4 - HKLM\..\RunOnce: [addzf.exe] C:\WINDOWS\addzf.exe
O4 - HKLM\..\RunOnce: [javaqn32.exe] C:\WINDOWS\javaqn32.exe
O4 - HKLM\..\RunOnce: [addec.exe] C:\WINDOWS\system32\addec.exe
O4 - HKLM\..\RunOnce: [mfcdk32.exe] C:\WINDOWS\mfcdk32.exe
O4 - HKLM\..\RunOnce: [msxd32.exe] C:\WINDOWS\system32\msxd32.exe
O4 - HKLM\..\RunOnce: [iext32.exe] C:\WINDOWS\system32\iext32.exe
O4 - HKLM\..\RunOnce: [atlgl32.exe] C:\WINDOWS\atlgl32.exe
O4 - HKLM\..\RunOnce: [d3gt.exe] C:\WINDOWS\system32\d3gt.exe
O4 - HKLM\..\RunOnce: [ntkx.exe] C:\WINDOWS\ntkx.exe
O4 - HKLM\..\RunOnce: [iezu32.exe] C:\WINDOWS\system32\iezu32.exe
O4 - HKLM\..\RunOnce: [addqc32.exe] C:\WINDOWS\system32\addqc32.exe
O4 - HKLM\..\RunOnce: [syslg.exe] C:\WINDOWS\syslg.exe
O4 - HKLM\..\RunOnce: [javasv32.exe] C:\WINDOWS\system32\javasv32.exe
O4 - HKLM\..\RunOnce: [netil32.exe] C:\WINDOWS\system32\netil32.exe
O4 - HKLM\..\RunOnce: [crqh32.exe] C:\WINDOWS\system32\crqh32.exe
O4 - HKLM\..\RunOnce: [criu32.exe] C:\WINDOWS\criu32.exe
O4 - HKLM\..\RunOnce: [ipyj32.exe] C:\WINDOWS\system32\ipyj32.exe
O4 - HKLM\..\RunOnce: [ntgr.exe] C:\WINDOWS\system32\ntgr.exe
O4 - HKLM\..\RunOnce: [netgr.exe] C:\WINDOWS\system32\netgr.exe
O4 - HKLM\..\RunOnce: [d3wo32.exe] C:\WINDOWS\system32\d3wo32.exe
O4 - HKLM\..\RunOnce: [addof.exe] C:\WINDOWS\system32\addof.exe
O4 - HKLM\..\RunOnce: [iekr.exe] C:\WINDOWS\system32\iekr.exe
O4 - HKLM\..\RunOnce: [atlhg32.exe] C:\WINDOWS\atlhg32.exe
O4 - HKLM\..\RunOnce: [ipxn32.exe] C:\WINDOWS\ipxn32.exe
O4 - HKLM\..\RunOnce: [apisz.exe] C:\WINDOWS\apisz.exe
O4 - HKLM\..\RunOnce: [sysrh32.exe] C:\WINDOWS\sysrh32.exe
O4 - HKLM\..\RunOnce: [crqw32.exe] C:\WINDOWS\system32\crqw32.exe
O4 - HKLM\..\RunOnce: [d3pm.exe] C:\WINDOWS\system32\d3pm.exe
O4 - HKLM\..\RunOnce: [cryn.exe] C:\WINDOWS\cryn.exe
O4 - HKLM\..\RunOnce: [appky.exe] C:\WINDOWS\appky.exe
O4 - HKLM\..\RunOnce: [winaf.exe] C:\WINDOWS\system32\winaf.exe
O4 - HKLM\..\RunOnce: [crsy32.exe] C:\WINDOWS\system32\crsy32.exe
O4 - HKLM\..\RunOnce: [d3er.exe] C:\WINDOWS\d3er.exe
O4 - HKLM\..\RunOnce: [winiv32.exe] C:\WINDOWS\winiv32.exe
O4 - HKLM\..\RunOnce: [ierw.exe] C:\WINDOWS\ierw.exe
O4 - HKLM\..\RunOnce: [sysxs32.exe] C:\WINDOWS\sysxs32.exe
O4 - HKLM\..\RunOnce: [ielp32.exe] C:\WINDOWS\ielp32.exe
O4 - HKLM\..\RunOnce: [ntqm32.exe] C:\WINDOWS\ntqm32.exe
O4 - HKLM\..\RunOnce: [syslx32.exe] C:\WINDOWS\system32\syslx32.exe
O4 - HKLM\..\RunOnce: [d3dw32.exe] C:\WINDOWS\system32\d3dw32.exe
O4 - HKLM\..\RunOnce: [ntul.exe] C:\WINDOWS\ntul.exe
O4 - HKLM\..\RunOnce: [msgv.exe] C:\WINDOWS\msgv.exe
O4 - HKLM\..\RunOnce: [netla32.exe] C:\WINDOWS\netla32.exe
O4 - HKLM\..\RunOnce: [ntfl32.exe] C:\WINDOWS\ntfl32.exe
O4 - HKLM\..\RunOnce: [appkp32.exe] C:\WINDOWS\system32\appkp32.exe
O4 - HKLM\..\RunOnce: [sdkfb.exe] C:\WINDOWS\sdkfb.exe
O4 - HKLM\..\RunOnce: [apijf32.exe] C:\WINDOWS\system32\apijf32.exe
O4 - HKLM\..\RunOnce: [addzu.exe] C:\WINDOWS\addzu.exe
O4 - HKLM\..\RunOnce: [d3yk32.exe] C:\WINDOWS\d3yk32.exe
O4 - HKLM\..\RunOnce: [ntwz32.exe] C:\WINDOWS\system32\ntwz32.exe
O4 - HKLM\..\RunOnce: [netsb.exe] C:\WINDOWS\netsb.exe
O4 - HKLM\..\RunOnce: [javawf32.exe] C:\WINDOWS\javawf32.exe
O4 - HKLM\..\RunOnce: [ipfg.exe] C:\WINDOWS\ipfg.exe
O4 - HKLM\..\RunOnce: [ntlc32.exe] C:\WINDOWS\ntlc32.exe
O4 - HKLM\..\RunOnce: [ipzz32.exe] C:\WINDOWS\system32\ipzz32.exe
O4 - HKLM\..\RunOnce: [appev32.exe] C:\WINDOWS\appev32.exe
O4 - HKLM\..\RunOnce: [ntxg32.exe] C:\WINDOWS\ntxg32.exe
O4 - HKLM\..\RunOnce: [d3vv32.exe] C:\WINDOWS\d3vv32.exe
O4 - HKLM\..\RunOnce: [sysaz.exe] C:\WINDOWS\sysaz.exe
O4 - HKLM\..\RunOnce: [netdj32.exe] C:\WINDOWS\system32\netdj32.exe
O4 - HKLM\..\RunOnce: [ipdz.exe] C:\WINDOWS\system32\ipdz.exe
O4 - HKLM\..\RunOnce: [winps32.exe] C:\WINDOWS\system32\winps32.exe
O4 - HKLM\..\RunOnce: [d3od32.exe] C:\WINDOWS\d3od32.exe
O4 - HKLM\..\RunOnce: [crst32.exe] C:\WINDOWS\system32\crst32.exe
O4 - HKLM\..\RunOnce: [d3ab32.exe] C:\WINDOWS\d3ab32.exe
O4 - HKLM\..\RunOnce: [winkb32.exe] C:\WINDOWS\system32\winkb32.exe
O4 - HKLM\..\RunOnce: [sdkkb.exe] C:\WINDOWS\sdkkb.exe
O4 - HKLM\..\RunOnce: [apion.exe] C:\WINDOWS\system32\apion.exe
O4 - HKLM\..\RunOnce: [crdc32.exe] C:\WINDOWS\crdc32.exe
O4 - HKLM\..\RunOnce: [netot.exe] C:\WINDOWS\system32\netot.exe
O4 - HKLM\..\RunOnce: [wincy.exe] C:\WINDOWS\wincy.exe
O4 - HKLM\..\RunOnce: [ipwj.exe] C:\WINDOWS\system32\ipwj.exe
O4 - HKLM\..\RunOnce: [mfclq.exe] C:\WINDOWS\system32\mfclq.exe
O4 - HKLM\..\RunOnce: [winwj32.exe] C:\WINDOWS\winwj32.exe
O4 - HKLM\..\RunOnce: [addhc.exe] C:\WINDOWS\system32\addhc.exe
O4 - HKLM\..\RunOnce: [apilg.exe] C:\WINDOWS\system32\apilg.exe
O4 - HKLM\..\RunOnce: [sdkwz32.exe] C:\WINDOWS\system32\sdkwz32.exe
O4 - HKLM\..\RunOnce: [d3up.exe] C:\WINDOWS\system32\d3up.exe
O4 - HKLM\..\RunOnce: [addql32.exe] C:\WINDOWS\system32\addql32.exe
O4 - HKLM\..\RunOnce: [iezt.exe] C:\WINDOWS\system32\iezt.exe
O4 - HKLM\..\RunOnce: [sysni32.exe] C:\WINDOWS\system32\sysni32.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Lotus QuickStart.lnk = C:\lotus\wordpro\ltsstart.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Verizon Central - {5B3FB261-CF72-4c66-B314-8E6FF9980307} -
www.verizon.net (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) -
http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {871AA60B-D425-4784-AD09-6C2E63342CAD} (vzDLinkRouterUpgrade Class) -
http://download.verizon.net/sfp/Cabs/dlink/webinstall/FrmUpDLink.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Remote Procedure Call (RPC) Helper ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\winzd.exe" /s (file missing)
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe