Okay, I have installed Avast, and followed instructions... Here we go!
ComboFix Log:
ComboFix 09-01-19.03 - Jeff 2009-01-19 14:07:58.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1027 [GMT -8:00]
Running from: d:\documents and settings\Jeff\Desktop\ComboFix.exe
Command switches used :: d:\documents and settings\Jeff\My Documents\CFScript.txt
* Created a new restore point
FILE ::
d:\windows\imsins.BAK
d:\windows\system32\dafanole.dll
d:\windows\system32\prebak.reg
d:\windows\system32\rituvuza.dll
d:\windows\system32\SET1D.tmp
d:\windows\system32\SET23.tmp
d:\windows\system32\SET28.tmp
d:\windows\system32\SET30.tmp
d:\windows\system32\SETF8.tmp
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\windows\imsins.BAK
d:\windows\system32\dafanole.dll
d:\windows\system32\prebak.reg
d:\windows\system32\rituvuza.dll
d:\windows\system32\SET1D.tmp
d:\windows\system32\SET23.tmp
d:\windows\system32\SET28.tmp
d:\windows\system32\SET30.tmp
d:\windows\system32\SETF8.tmp
.
((((((((((((((((((((((((( Files Created from 2008-12-19 to 2009-01-19 )))))))))))))))))))))))))))))))
.
2009-01-19 14:06 . 2009-01-19 14:06 <DIR> d-------- d:\program files\Alwil Software
2009-01-18 18:22 . 2009-01-18 18:22 <DIR> d-------- D:\f62073db294c8904eda379ca94beb6
2009-01-18 18:16 . 2008-10-16 14:06 268,648 --a------ d:\windows\system32\mucltui.dll
2009-01-18 18:16 . 2008-10-16 14:06 27,496 --a------ d:\windows\system32\mucltui.dll.mui
2009-01-14 11:33 . 2009-01-14 11:33 <DIR> d-------- d:\program files\MSXML 4.0
2009-01-14 11:32 . 2008-08-14 02:11 2,189,184 -----c--- d:\windows\system32\dllcache\ntoskrnl.exe
2009-01-14 11:32 . 2008-08-14 02:09 2,145,280 -----c--- d:\windows\system32\dllcache\ntkrnlmp.exe
2009-01-14 11:32 . 2008-08-14 01:33 2,066,048 -----c--- d:\windows\system32\dllcache\ntkrnlpa.exe
2009-01-14 11:32 . 2008-08-14 01:33 2,023,936 -----c--- d:\windows\system32\dllcache\ntkrpamp.exe
2009-01-14 11:32 . 2008-10-24 03:21 455,296 -----c--- d:\windows\system32\dllcache\mrxsmb.sys
2009-01-14 11:32 . 2008-06-13 03:05 272,128 --------- d:\windows\system32\drivers\bthport.sys
2009-01-14 11:32 . 2008-06-13 03:05 272,128 -----c--- d:\windows\system32\dllcache\bthport.sys
2009-01-14 01:59 . 2009-01-14 01:59 22,328 --a------ d:\documents and settings\Jeff\Application Data\PnkBstrK.sys
2009-01-13 23:38 . 2009-01-13 23:39 <DIR> d-------- d:\documents and settings\Jeff\Application Data\Bioshock
2009-01-13 23:38 . 2007-05-16 16:45 3,497,832 --a------ d:\windows\system32\d3dx9_34.dll
2009-01-13 23:38 . 2007-05-16 16:45 1,124,720 --a------ d:\windows\system32\D3DCompiler_34.dll
2009-01-13 23:38 . 2007-05-16 16:45 443,752 --a------ d:\windows\system32\d3dx10_34.dll
2009-01-13 23:38 . 2007-06-20 20:46 266,088 --a------ d:\windows\system32\xactengine2_8.dll
2009-01-13 23:38 . 2007-10-22 03:37 17,928 --a------ d:\windows\system32\X3DAudio1_2.dll
2009-01-13 23:06 . 2009-01-19 11:04 <DIR> d--h----- d:\windows\$hf_mig$
2009-01-13 23:06 . 2006-09-06 17:43 22,752 --a------ d:\windows\system32\spupdsvc.exe
2009-01-13 23:05 . 2009-01-13 23:05 <DIR> d---s---- d:\documents and settings\Jeff\UserData
2009-01-13 17:55 . 2009-01-13 17:55 <DIR> d-------- d:\program files\CCleaner
2009-01-13 12:41 . 2009-01-13 12:41 <DIR> d-------- d:\documents and settings\All Users\Application Data\HP Product Assistant
2009-01-12 22:13 . 2009-01-12 22:15 94,208 --a------ d:\windows\ScUnin.exe
2009-01-12 22:13 . 2009-01-12 22:15 35,190 --a------ d:\windows\scunin.dat
2009-01-12 22:13 . 2009-01-12 22:15 967 --a------ d:\windows\ScUnin.pif
2009-01-12 22:02 . 2009-01-13 18:40 <DIR> d-------- d:\program files\Starcraft
2009-01-12 09:29 . 2009-01-12 09:29 <DIR> d-------- d:\documents and settings\Jeff\Application Data\HP
2009-01-12 00:51 . 2009-01-12 00:51 <DIR> d-------- d:\documents and settings\All Users\Application Data\WEBREG
2009-01-11 21:41 . 2009-01-11 21:41 <DIR> d-------- d:\documents and settings\LocalService\Application Data\HP
2009-01-11 21:39 . 2009-01-11 21:41 <DIR> d-------- d:\program files\Common Files\HP
2009-01-11 21:39 . 2009-01-11 21:39 <DIR> d-------- d:\documents and settings\All Users\Application Data\HPSSUPPLY
2009-01-11 21:39 . 2009-01-11 21:39 <DIR> d-------- d:\documents and settings\All Users\Application Data\HP
2009-01-11 21:38 . 2009-01-11 21:38 <DIR> d-------- d:\program files\Hewlett-Packard
2009-01-11 21:38 . 2009-01-11 21:38 <DIR> d-------- d:\program files\Common Files\Hewlett-Packard
2009-01-11 21:37 . 2009-01-11 21:41 <DIR> d-------- d:\program files\HP
2009-01-11 21:37 . 2006-12-05 21:50 892,928 -ra------ d:\windows\system32\hpotiop4.dll
2009-01-11 21:37 . 2006-12-05 21:50 294,912 -ra------ d:\windows\system32\hpovst11.dll
2009-01-11 21:26 . 2006-12-05 22:02 49,920 -ra------ d:\windows\system32\drivers\HPZid412.sys
2009-01-11 21:26 . 2006-12-05 22:02 16,496 -ra------ d:\windows\system32\drivers\HPZipr12.sys
2009-01-11 21:25 . 2009-01-11 21:25 <DIR> d-------- d:\documents and settings\All Users\Application Data\Hewlett-Packard
2009-01-11 21:25 . 2006-12-05 22:02 364,544 -ra------ d:\windows\system32\hppldcoi.dll
2009-01-11 21:25 . 2006-12-05 22:02 309,760 -ra------ d:\windows\system32\difxapi.dll
2009-01-11 21:25 . 2006-12-15 08:36 258,048 -ra------ d:\windows\system32\hpzids01.dll
2009-01-11 21:25 . 2009-01-11 21:51 130,362 --a------ d:\windows\hpoins13.dat
2009-01-11 21:25 . 2006-12-29 09:57 117,760 --a------ d:\windows\system32\hpz3l4v2.dll
2009-01-11 21:25 . 2006-12-05 22:02 21,568 -ra------ d:\windows\system32\drivers\HPZius12.sys
2009-01-11 21:25 . 2007-01-22 08:05 811 --------- d:\windows\hpomdl13.dat
2009-01-11 21:23 . 2008-04-14 00:17 25,856 --a------ d:\windows\system32\drivers\usbprint.sys
2009-01-11 21:23 . 2008-04-14 00:17 25,856 --a--c--- d:\windows\system32\dllcache\usbprint.sys
2009-01-11 14:38 . 2009-01-13 18:20 <DIR> d-a------ d:\documents and settings\All Users\Application Data\TEMP
2008-12-27 15:49 . 2008-12-27 15:49 <DIR> d-------- d:\documents and settings\Jeff\Application Data\DivX
2008-12-27 15:45 . 2008-04-14 05:42 159,232 --a------ d:\windows\system32\ptpusd.dll
2008-12-27 15:45 . 2008-04-14 00:15 15,104 --a------ d:\windows\system32\drivers\usbscan.sys
2008-12-27 15:45 . 2008-04-14 00:15 15,104 --a--c--- d:\windows\system32\dllcache\usbscan.sys
2008-12-27 15:45 . 2001-08-17 22:36 5,632 --a------ d:\windows\system32\ptpusb.dll
2008-12-22 21:14 . 2008-12-22 21:14 <DIR> d-------- d:\documents and settings\Jeff\Application Data\vlc
2008-12-22 20:41 . 2008-12-22 20:41 <DIR> d-------- d:\program files\VideoLAN
2008-12-22 11:32 . 2009-01-09 01:01 <DIR> d-------- d:\documents and settings\Jeff\Application Data\Azureus
2008-12-22 11:32 . 2008-12-22 11:32 <DIR> d-------- d:\documents and settings\All Users\Application Data\Azureus
2008-12-22 11:22 . 2009-01-19 11:45 <DIR> d-------- d:\program files\Vuze
2008-12-22 11:22 . 2008-12-22 11:22 <DIR> d-------- d:\program files\Common Files\i4j_jres
2008-12-20 21:45 . 2008-12-20 21:49 139,264 --a------ d:\windows\War3Unin.exe
2008-12-20 21:45 . 2008-12-20 22:03 77,385 --a------ d:\windows\War3Unin.dat
2008-12-20 21:45 . 2008-12-20 21:49 2,829 --a------ d:\windows\War3Unin.pif
2008-12-20 21:44 . 2009-01-19 13:19 <DIR> d-------- d:\program files\Warcraft III
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-19 19:10 --------- d-----w d:\program files\Steam
2009-01-19 05:17 139,280 ----a-w d:\windows\system32\drivers\PnkBstrK.sys
2009-01-19 05:16 202,000 ----a-w d:\windows\system32\PnkBstrB.exe
2009-01-14 09:59 682,280 ----a-w d:\windows\system32\pbsvc.exe
2009-01-14 09:59 66,872 ----a-w d:\windows\system32\PnkBstrA.exe
2008-12-27 00:52 --------- d-----w d:\program files\Common Files\Blizzard Entertainment
2008-12-11 10:57 333,952 ----a-w d:\windows\system32\drivers\srv.sys
2008-12-06 20:25 --------- d-----w d:\program files\iTunes
2008-12-06 20:25 --------- d-----w d:\program files\iPod
2008-12-06 20:25 --------- d-----w d:\program files\Common Files\Apple
2008-12-06 20:25 --------- d-----w d:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-06 09:49 --------- d-----w d:\program files\Common Files\eSellerate
2008-12-06 09:40 --------- d-----w d:\program files\QuickTime
2008-12-06 09:40 --------- d-----w d:\program files\Apple Software Update
2008-12-06 09:40 --------- d-----w d:\documents and settings\Jeff\Application Data\Apple Computer
2008-12-06 09:40 --------- d-----w d:\documents and settings\All Users\Application Data\Apple Computer
2008-12-06 09:39 --------- d-----w d:\documents and settings\All Users\Application Data\Apple
2008-12-06 04:18 --------- d-----w d:\documents and settings\All Users\Application Data\Blizzard
2008-12-06 02:01 --------- d-----w d:\documents and settings\Jeff\Application Data\Ventrilo
2008-12-06 01:16 --------- d-----w d:\program files\Ventrilo
2008-12-06 01:16 --------- d-----w d:\program files\Common Files\Wise Installation Wizard
2008-12-06 00:53 --------- d-----w d:\program files\Google
2008-12-06 00:21 --------- d-----w d:\program files\DivX
2008-12-06 00:17 --------- d--h--w d:\program files\InstallShield Installation Information
2008-12-06 00:17 --------- d-----w d:\program files\Realtek
2008-12-06 00:15 --------- d-----w d:\program files\Common Files\InstallShield
2008-12-05 23:50 --------- d-----w d:\program files\microsoft frontpage
2008-10-23 12:36 286,720 ----a-w d:\windows\system32\gdi32.dll
.
((((((((((((((((((((((((((((( snapshot_2009-01-18_18.30.37.21 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-06-24 16:53:10 74,240 ----a-w d:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 12:39:22 17,272 ----a-w d:\windows\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w d:\windows\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w d:\windows\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w d:\windows\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w d:\windows\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-13 11:05:51 272,128 ------w d:\windows\Driver Cache\i386\bthport.sys
+ 2001-07-15 01:32:24 69,632 ----a-w d:\windows\setupupd\temp\wsdueng.dll
+ 2008-11-26 17:21:30 1,236,208 ----a-w d:\windows\system32\aswBoot.exe
+ 2008-11-26 17:15:10 97,480 ----a-w d:\windows\system32\AvastSS.scr
- 2008-06-20 11:40:08 138,496 -c--a-w d:\windows\system32\dllcache\afd.sys
+ 2008-08-14 10:04:36 138,496 -c--a-w d:\windows\system32\dllcache\afd.sys
- 2008-04-14 12:00:00 73,728 -c--a-w d:\windows\system32\dllcache\mscms.dll
+ 2008-06-24 16:43:16 74,240 -c--a-w d:\windows\system32\dllcache\mscms.dll
+ 2008-11-26 17:15:35 26,944 ----a-w d:\windows\system32\drivers\aavmker4.sys
- 2008-06-20 11:40:08 138,496 ----a-w d:\windows\system32\drivers\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w d:\windows\system32\drivers\afd.sys
+ 2008-11-26 17:17:25 20,560 ----a-w d:\windows\system32\drivers\aswFsBlk.sys
+ 2008-11-26 17:18:25 93,296 ----a-w d:\windows\system32\drivers\aswmon.sys
+ 2008-11-26 17:18:18 94,032 ----a-w d:\windows\system32\drivers\aswmon2.sys
+ 2008-11-26 17:16:29 23,152 ----a-w d:\windows\system32\drivers\aswRdr.sys
+ 2008-11-26 17:17:36 111,184 ----a-w d:\windows\system32\drivers\aswSP.sys
+ 2008-11-26 17:16:38 50,864 ----a-w d:\windows\system32\drivers\aswTdi.sys
- 2008-04-14 12:00:00 73,728 ----a-w d:\windows\system32\mscms.dll
+ 2008-06-24 16:43:16 74,240 ----a-w d:\windows\system32\mscms.dll
- 2007-11-30 12:39:22 17,272 ------w d:\windows\system32\spmsg.dll
+ 2007-11-30 11:18:51 17,272 ------w d:\windows\system32\spmsg.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="d:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Steam"="d:\program files\Steam\Steam.exe" [2008-12-05 1410296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2007-04-12 8429568]
"NvMediaCenter"="d:\windows\system32\NvMcTray.dll" [2007-04-12 81920]
"QuickTime Task"="d:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"HP Software Update"="d:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-18 d:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 d:\windows\SkyTel.exe]
"nwiz"="nwiz.exe" [2007-04-12 d:\windows\system32\nwiz.exe]
d:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - d:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 210520]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Messenger\\msmsgs.exe"=
"d:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"d:\\World of Warcraft\\WoW-2.3.0-enUS-downloader.exe"=
"d:\\Program Files\\iTunes\\iTunes.exe"=
"d:\\WINDOWS\\system32\\spoolsv.exe"=
"d:\\Program Files\\Starcraft\\StarCraft.exe"=
"d:\\WINDOWS\\system32\\PnkBstrA.exe"=
"d:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\call of duty world at war\\CoDWaW.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\call of duty world at war\\CoDWaWmp.exe"=
"d:\\WINDOWS\\system32\\cscript.exe"=
"d:\\WINDOWS\\RTHDCPL.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
R0 Si3531;SiI-3531 SATA Controller;d:\windows\system32\drivers\Si3531.sys [2008-12-05 210224]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
2009-01-13 d:\windows\Tasks\AppleSoftwareUpdate.job
- d:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
.
------- Supplementary Scan -------
.
FF - ProfilePath - d:\documents and settings\Jeff\Application Data\Mozilla\Firefox\Profiles\zar3tta2.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
hxxp://en.wikipedia.org/wiki/Main_Page---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-01-19 14:08:26
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-01-19 14:08:57
ComboFix-quarantined-files.txt 2009-01-19 22:08:55
ComboFix2.txt 2009-01-19 19:50:48
ComboFix3.txt 2009-01-19 02:30:53
ComboFix4.txt 2009-01-19 02:16:05
Pre-Run: 244,233,408,512 bytes free
Post-Run: 244,217,032,704 bytes free
236 --- E O F --- 2009-01-19 19:04:23
HJT Log:
Logfile of HijackThis v1.99.1
Scan saved at 2:11:12 PM, on 1/19/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\RTHDCPL.EXE
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
D:\Program Files\Steam\Steam.exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
D:\Program Files\iTunes\iTunes.exe
D:\WINDOWS\system32\notepad.exe
D:\WINDOWS\system32\notepad.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\explorer.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Hijackthis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - D:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftup ... 1916737390O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
Thank you for your continued support!