rkstiles

Thank You very much - I could not have done it without your expert direction. I apologize for not responding yesterday - it was a long day at work. Then when I got home my PC would not connect to my Belkin router. I had to reload the software. I did that this morning. Everything is working so much better. Before your help arrived, it took 28 minutes to reboot and log into the internet - now it only takes about three. Thanks again!

I deleted the three items as requested. Here's the HJT log: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 6:03:39 PM, on 6/14/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\windows\system\hpsysdrv.exe C:\Windows\system32\HpSrvUI.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE C:\Program Files\Belkin\F5D9050\Belkinwcui.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\HP\KBD\KBD.EXE C:\Program Files\Nova Development\Greeting Card Factory Deluxe\ReminderApp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Documents and Settings\Owner\Desktop\HiJackThis_v2.exe C:\WINDOWS\system32\wuauclt.exe O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE /P30 "EPSON Stylus Photo R340 Series" /O6 "USB003" /M "Stylus Photo R340" O4 - HKLM\..\Run: [F5D9050] C:\Program Files\Belkin\F5D9050\Belkinwcui.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: AutoPlay.exe (User 'Default user') O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O15 - Trusted Zone: http://download.windowsupdate.com O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games

Here's the new HiJack This log. Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 12:59:25 PM, on 6/14/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\windows\system\hpsysdrv.exe C:\Windows\system32\HpSrvUI.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE C:\Program Files\Belkin\F5D9050\Belkinwcui.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\HP\KBD\KBD.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Nova Development\Greeting Card Factory Deluxe\ReminderApp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Owner\Desktop\HiJackThis_v2.exe O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\system32\kuvicjvm.dll (file missing) O2 - BHO: (no name) - {EAFE6FE4-4D37-4937-8FF8-38036C0F6DFD} - (no file) O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE /P30 "EPSON Stylus Photo R340 Series" /O6 "USB003" /M "Stylus Photo R340" O4 - HKLM\..\Run: [F5D9050] C:\Program Files\Belkin\F5D9050\Belkinwcui.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: AutoPlay.exe (User 'Default user') O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O15 - Trusted Zone: http://download.windowsupdate.com O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games

Many thanks to therock247uk! I ran the LSPfix as stated above. I also browsed around on the internet last night for several hours without any more irritating stuff. Are there other cleaning items I need to address at this point? Is there a place in this forum that could give me a good rundown on what products I should use to keep clean? Such as anti-virus, spyware, firewall, etc? Thanks Again!

I completed the upload and here is the latest HJT file: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 11:09:57 PM, on 6/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\windows\system\hpsysdrv.exe C:\Windows\system32\HpSrvUI.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE C:\Program Files\Belkin\F5D9050\Belkinwcui.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\HP\KBD\KBD.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Owner\Desktop\HiJackThis_v2.exe O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\system32\kuvicjvm.dll (file missing) O2 - BHO: (no name) - {EAFE6FE4-4D37-4937-8FF8-38036C0F6DFD} - (no file) O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE /P30 "EPSON Stylus Photo R340 Series" /O6 "USB003" /M "Stylus Photo R340" O4 - HKLM\..\Run: [F5D9050] C:\Program Files\Belkin\F5D9050\Belkinwcui.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: AutoPlay.exe (User 'Default user') O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet5_48.dll' missing O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O15 - Trusted Zone: http://download.windowsupdate.com O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games

Here's the log file from ActiveScan: Incident Status Location Spyware:spyware/new.net Not disinfected Windows Registry Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\Owner\Desktop\backups\backup-20070526-081609-758.dll Potentially unwanted tool:Application/HideWindow.A Not disinfected C:\hp\bin\FondleWindow.exe Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe Potentially unwanted tool:Application/KillApp.A Not disinfected C:\hp\bin\Terminator.exe Spyware:Spyware/Virtumonde Not disinfected C:\VundoFix Backups\leutxysl.dll.bad Spyware:Spyware/Virtumonde Not disinfected C:\VundoFix Backups\ojydrxrv.dll.bad Spyware:Spyware/Virtumonde Not disinfected C:\VundoFix Backups\yvmhaydc.dll.bad Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\lfchqrju.exe Virus:W32/Netsky.D.worm Disinfected Personal Folders\Deleted Items\Re: Word file\document_word.pif

Here's the info requested Vundo Fix Log: VundoFix V6.5.0 Checking Java version... Scan started at 10:15:10 PM 6/11/2007 Listing files found while scanning.... C:\windows\system32\kdemobfo.exe C:\windows\system32\kuvicjvm.dll C:\WINDOWS\system32\leutxysl.dll C:\windows\system32\lsyxtuel.ini C:\WINDOWS\system32\lsyxtuel.ini2 C:\WINDOWS\system32\lsyxtuel.tmp C:\windows\system32\ojydrxrv.dll C:\windows\system32\vrxrdyjo.ini C:\windows\system32\yvmhaydc.dll Beginning removal... Attempting to delete C:\windows\system32\kdemobfo.exe C:\windows\system32\kdemobfo.exe Has been deleted! Attempting to delete C:\windows\system32\kuvicjvm.dll C:\windows\system32\kuvicjvm.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\leutxysl.dll C:\WINDOWS\system32\leutxysl.dll Has been deleted! Attempting to delete C:\windows\system32\lsyxtuel.ini C:\windows\system32\lsyxtuel.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\lsyxtuel.ini2 C:\WINDOWS\system32\lsyxtuel.ini2 Has been deleted! Attempting to delete C:\WINDOWS\system32\lsyxtuel.tmp C:\WINDOWS\system32\lsyxtuel.tmp Has been deleted! Attempting to delete C:\windows\system32\ojydrxrv.dll C:\windows\system32\ojydrxrv.dll Has been deleted! Attempting to delete C:\windows\system32\vrxrdyjo.ini C:\windows\system32\vrxrdyjo.ini Has been deleted! Attempting to delete C:\windows\system32\yvmhaydc.dll C:\windows\system32\yvmhaydc.dll Has been deleted! Performing Repairs to the registry. Done! Here's the HJT Log: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 10:33:46 PM, on 6/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\windows\system\hpsysdrv.exe C:\Windows\system32\HpSrvUI.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE C:\Program Files\Belkin\F5D9050\Belkinwcui.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\HP\KBD\KBD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Owner\Desktop\HiJackThis_v2.exe O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\system32\kuvicjvm.dll (file missing) O2 - BHO: (no name) - {EAFE6FE4-4D37-4937-8FF8-38036C0F6DFD} - (no file) O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE /P30 "EPSON Stylus Photo R340 Series" /O6 "USB003" /M "Stylus Photo R340" O4 - HKLM\..\Run: [F5D9050] C:\Program Files\Belkin\F5D9050\Belkinwcui.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - S-1-5-18 Startup: AutoPlay.exe (User 'SYSTEM') O4 - .DEFAULT Startup: AutoPlay.exe (User 'Default user') O4 - .DEFAULT User Startup: AutoPlay.exe (User 'Default user') O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet5_48.dll' missing O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O15 - Trusted Zone: http://download.windowsupdate.com O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games

I am a first-timer on ever using a forum (What have I been missing?) so I hope I use proper protocol. If I don't please let me know and I will correct my error. I have a malware issue (I think). I completed the pre/post instructions from the post at the top of the page. It has helped my computer tremendously but I am still having a problem. I am now able to at least get around in the internet and my off-line programs are working much better. Thank you so much for the valuable info you have given me from this forum. Problem: I am still getting malware issues. Currently they seem to be limited to only pop-under ads. They especially arrive everytime I try to make a search whether it's in MSN or Google - I get ads with the search words I used. Also, I keep getting a sight called mania.tv (or something like that). I ran RR and it found nothing. I ran SUPERAntispyware and it finds nothing. I ran another software Xoftspy SE and it found a bunch of stuff but would not let me delete it withou paying the $40. It found Blubster, Bonzibuddy, Vundo, and Drivecleaner. Drivecleaner was the first thing RR found when I ran it several days ago. It doesn't find it now. I also had WildTangent which I didn't know was malicious. Although I never used it, I had seen it on my PC. I am attaching my HJT log ran right before logging on and maybe one of you experts can figure out what I should do next. Thanks! Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 4:15:45 PM, on 6/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\Windows\system32\HpSrvUI.exe C:\Program Files\Belkin\F5D9050\Belkinwcui.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\HP\KBD\KBD.EXE C:\Documents and Settings\Owner\Desktop\HiJackThis_v2.exe O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\system32\kuvicjvm.dll O2 - BHO: (no name) - {EAFE6FE4-4D37-4937-8FF8-38036C0F6DFD} - (no file) O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE /P30 "EPSON Stylus Photo R340 Series" /O6 "USB003" /M "Stylus Photo R340" O4 - HKLM\..\Run: [F5D9050] C:\Program Files\Belkin\F5D9050\Belkinwcui.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe O4 - HKLM\..\Run: [ApachInc] rundll32.exe "C:\WINDOWS\system32\leutxysl.dll",realset O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - S-1-5-18 Startup: AutoPlay.exe (User 'SYSTEM') O4 - .DEFAULT Startup: AutoPlay.exe (User 'Default user') O4 - .DEFAULT User Startup: AutoPlay.exe (User 'Default user') O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet5_48.dll' missing O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O15 - Trusted Zone: http://download.windowsupdate.com O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games