Link to home
Create AccountLog in
Avatar of anctech
anctech

asked on

Can someone review a combofix log

Can someone please review this combofix log.  My computer has been acting strange lately.
ComboFix 09-03-01.01 - sparzatka 2009-03-02 10:54:01.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2047.1426 [GMT -5:00]
Running from: c:\documents and settings\sparzatka\Desktop\ComboFix.exe
AV: Total Protection Service *On-access scanning disabled* (Updated)
 * Created a new restore point
.
 
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
 
c:\docume~1\SPARZA~1\LOCALS~1\Temp\ntdll64.dll
c:\winnt\a3kebook.ini
c:\winnt\akebook.ini
c:\winnt\ANS2000.INI
c:\winnt\system32\dbxDgrevCheck.dll
c:\winnt\system32\dumphive.exe
c:\winnt\system32\frmwrk32.exe
c:\winnt\system32\ntdll64.exe
c:\winnt\system32\setup.ini
c:\winnt\system32\SrchSTS.exe
c:\winnt\system32\uninstall.exe
c:\winnt\system32\uniq.tll
c:\winnt\Tasks\dkhzlmjh.job
 
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
 
-------\Legacy_TDSSSERV
-------\Service_TDSSserv
 
 
(((((((((((((((((((((((((   Files Created from 2009-02-02 to 2009-03-02  )))))))))))))))))))))))))))))))
.
 
2009-02-26 15:49 . 2001-08-17 13:28	714,698	--a------	c:\winnt\system32\dllcache\cbmdmkxx.sys
2009-02-26 15:49 . 2001-08-17 12:13	49,182	--a------	c:\winnt\system32\dllcache\cem56n5.sys
2009-02-26 15:49 . 2001-08-17 12:13	46,108	--a------	c:\winnt\system32\dllcache\cben5.sys
2009-02-26 15:49 . 2001-08-17 12:12	39,680	--a------	c:\winnt\system32\dllcache\cb325.sys
2009-02-26 15:49 . 2001-08-17 12:12	37,916	--a------	c:\winnt\system32\dllcache\cb102.sys
2009-02-26 15:49 . 2001-08-17 22:36	32,256	--a------	c:\winnt\system32\dllcache\diapi2NT.dll
2009-02-26 15:49 . 2001-08-17 12:13	27,164	--a------	c:\winnt\system32\dllcache\ce3n5.sys
2009-02-26 15:49 . 2001-08-17 12:13	22,044	--a------	c:\winnt\system32\dllcache\cem33n5.sys
2009-02-26 15:49 . 2001-08-17 12:13	22,044	--a------	c:\winnt\system32\dllcache\cem28n5.sys
2009-02-26 15:49 . 2001-08-17 12:13	21,530	--a------	c:\winnt\system32\dllcache\ce2n5.sys
2009-02-26 15:49 . 2008-02-12 03:13	8,192	--a------	c:\winnt\system32\dllcache\changer.sys
2009-02-26 15:49 . 2003-03-31 07:00	7,680	--a------	c:\winnt\system32\dllcache\cd20xrnt.sys
2009-02-26 15:47 . 2001-08-17 12:19	747,392	--a------	c:\winnt\system32\dllcache\adm8830.sys
2009-02-26 15:46 . 2008-02-12 04:04	2,188,928	--a------	c:\winnt\system32\dllcache\ntoskrnl.exe
2009-02-26 15:46 . 2001-08-17 13:28	762,780	--a------	c:\winnt\system32\dllcache\3cwmcru.sys
2009-02-26 15:46 . 2001-08-17 14:55	689,216	--a------	c:\winnt\system32\dllcache\3dfxvs.dll
2009-02-26 15:46 . 2001-08-17 12:48	148,352	--a------	c:\winnt\system32\dllcache\3dfxvsm.sys
2009-02-26 15:46 . 2001-08-17 14:56	66,048	--a------	c:\winnt\system32\dllcache\s3legacy.dll
2009-02-26 15:46 . 2008-02-12 03:13	12,288	--a------	c:\winnt\system32\dllcache\4mmdat.sys
2009-02-26 15:46 . 2003-03-31 07:00	11,264	--a------	c:\winnt\system32\dllcache\1394vdbg.sys
2009-02-25 17:30 . 2009-02-25 17:30	<DIR>	d--------	c:\program files\SiteAdvisor
2009-02-25 17:30 . 2009-02-26 15:43	<DIR>	d--------	c:\documents and settings\LocalService\Application Data\SiteAdvisor
2009-02-25 17:23 . 2009-02-25 17:23	<DIR>	d--------	c:\program files\McAfee
2009-02-25 16:33 . 2009-01-21 12:16	<DIR>	d--------	c:\documents and settings\sparzatka\Application Data\SiteAdvisor
2009-02-25 16:03 . 2006-12-05 17:17	240	--a------	c:\winnt\myClean.bat
2009-02-25 14:59 . 2009-02-25 16:33	<DIR>	d--------	c:\documents and settings\sparzatka\Application Data\Desktopicon
2009-02-24 11:15 . 2009-02-24 05:15	52,224	--a------	c:\winnt\system32\javame1.1.exe
2009-02-06 15:57 . 2009-02-06 15:58	1,908	--a------	c:\winnt\diagwrn.xml
2009-02-06 15:57 . 2009-02-06 15:58	1,908	--a------	c:\winnt\diagerr.xml
2009-02-06 13:11 . 2009-02-06 14:18	<DIR>	d--------	C:\Microsoft Winows 7 Beta 32 Bit
2009-02-06 13:10 . 2009-02-06 13:12	<DIR>	d--------	c:\documents and settings\sparzatka\Application Data\Download Manager
2009-02-05 15:11 . 2009-02-09 12:22	<DIR>	d--------	c:\documents and settings\All Users\Application Data\AMMYY
 
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-25 23:30	---------	d-----w	c:\program files\MOV to AVI MPEG WMV Converter
2009-02-25 22:30	---------	d-----w	c:\documents and settings\All Users\Application Data\SiteAdvisor
2009-02-25 21:01	---------	d-----w	c:\program files\Symantec
2009-02-25 21:01	---------	d-----w	c:\program files\Common Files\Symantec Shared
2009-02-25 20:52	---------	d-----w	c:\documents and settings\All Users\Application Data\McAfee
2009-02-25 20:49	---------	d--h--w	c:\program files\InstallShield Installation Information
2009-02-20 22:14	---------	d-----w	c:\documents and settings\sparzatka\Application Data\U3
2009-01-27 17:22	---------	d-----w	c:\documents and settings\All Users\Application Data\ATI MMC
2009-01-27 15:16	---------	d-----w	c:\documents and settings\sparzatka\Application Data\gtk-2.0
2007-02-27 19:03	56,912	----a-w	c:\documents and settings\sparzatka\g2mdlhlpx.exe
2005-03-01 16:04	1,061,769	----a-w	c:\program files\CuteFTP.zip
2008-08-25 16:05	23	--sha-w	c:\winnt\system32\efdd2_z.dll
2007-11-30 16:32	56	--sh--r	c:\winnt\system32\F48807E1F1.sys
2007-11-30 16:33	3,350	--sha-w	c:\winnt\system32\KGyGaAvL.sys
2008-04-22 15:15	32,768	--sha-w	c:\winnt\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008042220080423\index.dat
.
 
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MVS Splash"="c:\program files\McAfee\Managed VirusScan\Agent\Splash.exe" [2008-01-22 468288]
"McAfee Managed Services Tray"="c:\program files\McAfee\Managed VirusScan\Agent\StartMyagtTry.exe" [2008-01-22 87360]
"SiteAdvisor"="c:\program files\SiteAdvisor\6173\SiteAdv.exe" [2007-08-28 36640]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2004-11-01 77824]
 
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Cisco Systems VPN Client.lnk - c:\program files\Cisco Systems\VPN Client\vpngui.exe [2006-01-20 1524776]
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2005-05-11 282624]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]
 
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"SpecifyDefaultButtons"= 1 (0x1)
"Btn_Back"= 1 (0x1)
"Btn_Forward"= 1 (0x1)
"Btn_Stop"= 1 (0x1)
"Btn_Refresh"= 1 (0x1)
"Btn_Home"= 1 (0x1)
"Btn_Search"= 2 (0x2)
"Btn_Favorites"= 1 (0x1)
"Btn_History"= 2 (0x2)
"Btn_Media"= 2 (0x2)
"Btn_Folders"= 2 (0x2)
"Btn_Fullscreen"= 1 (0x1)
"Btn_Tools"= 2 (0x2)
"Btn_MailNews"= 1 (0x1)
"Btn_Size"= 2 (0x2)
"Btn_Print"= 1 (0x1)
"Btn_Edit"= 2 (0x2)
"Btn_Discussions"= 2 (0x2)
"Btn_Cut"= 2 (0x2)
"Btn_Copy"= 2 (0x2)
"Btn_Paste"= 2 (0x2)
"Btn_Encoding"= 2 (0x2)
 
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PCANotify]
2002-02-15 09:51 24638 c:\winnt\system32\PCANotify.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YU12"= ATIYUV12.DLL 
"VIDC.PIM1"= pclepim1.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\Machine\Scripts\Startup\[u]0[/u]\[u]0[/u]]
"Script"=router.cmd
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders	msapsspc.dll schannel.dll digest.dll msnsspc.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
 
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
 
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\McAfee\\Managed VirusScan\\Agent\\myAgtSvc.exe"=
 
R2 EngineServer;EngineServer;c:\program files\McAfee\Managed VirusScan\VScan\EngineServer.exe [2009-02-25 14144]
R2 myAgtSvc;McAfee Virus and Spyware Protection Service;c:\program files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe [2009-02-25 169280]
S1 32b957c0;32b957c0;c:\winnt\system32\drivers\32b957c0.sys --> c:\winnt\system32\drivers\32b957c0.sys [?]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 ACCSKMD;Canon Camera Storage Device;c:\winnt\system32\drivers\accskmd.sys [2003-05-13 32640]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\winnt\system32\drivers\teamviewervpn.sys [2008-01-25 25088]
 
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - G:\LaunchU3.exe -a
.
Contents of the 'Scheduled Tasks' folder
 
2009-03-02 c:\winnt\Tasks\User_Feed_Synchronization-{B45B2CFA-750A-452B-B38E-71BC5DD4C2CD}.job
- c:\winnt\system32\msfeedssync.exe [2006-10-17 10:58]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
DPF: Microsoft XML Parser for Java - file://c:\winnt\Java\classes\xmldso.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.2.cab
.
 
**************************************************************************
 
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-02 11:06:01
Windows 5.1.2600 Service Pack 3, v.3311 NTFS
 
scanning hidden processes ...  
 
scanning hidden autostart entries ... 
 
scanning hidden files ...  
 
scan completed successfully
hidden files: 0
 
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
 
- - - - - - - > 'winlogon.exe'(1088)
c:\winnt\system32\Ati2evxx.dll
 
- - - - - - - > 'lsass.exe'(1144)
c:\winnt\system32\relog_ap.dll
.
------------------------ Other Running Processes ------------------------
.
c:\winnt\system32\ati2evxx.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\winnt\system32\HPZipm12.exe
c:\program files\SiteAdvisor\6173\SAService.exe
c:\program files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
c:\winnt\system32\WFXSVC.EXE
c:\program files\Symantec\WinFax\WFXMOD32.EXE
c:\winnt\system32\searchindexer.exe
c:\winnt\system32\searchprotocolhost.exe
c:\winnt\system32\ati2evxx.exe
c:\program files\McAfee\Managed VirusScan\Agent\myAgtTry.exe
c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
c:\progra~1\HEWLET~1\DIGITA~1\PRODUC~1\bin\hprblog.exe
c:\winnt\system32\searchfilterhost.exe
.
**************************************************************************
.
Completion time: 2009-03-02 11:10:52 - machine was rebooted
ComboFix-quarantined-files.txt  2009-03-02 16:10:49
 
Pre-Run: 21,314,072,576 bytes free
Post-Run: 21,343,592,448 bytes free
 
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINNT
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINNT="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
 
204	--- E O F ---	2008-12-02 13:09:47

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of David-Howard
David-Howard

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of anctech
anctech

ASKER

Please see the Hijackthis log below.    I do use Malwarebytes to periodically scan for malware.   Do you see anything that looks out of the ordinary in the HiJackthis log?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:39, on 2009-03-02
Platform: Windows XP SP3, v.3311 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
 
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
C:\WINNT\System32\HPZipm12.exe
C:\Program Files\SiteAdvisor\6173\SAService.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINNT\System32\WFXSVC.EXE
C:\Program Files\Symantec\WinFax\WFXMOD32.EXE
C:\WINNT\system32\SearchIndexer.exe
C:\WINNT\system32\Ati2evxx.exe
C:\Program Files\SiteAdvisor\6173\SiteAdv.exe
C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtTry.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\HEWLET~1\DIGITA~1\PRODUC~1\bin\hprblog.exe
C:\WINNT\explorer.exe
C:\WINNT\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\sparzatka\Local Settings\Temporary Internet Files\Content.IE5\75T556KR\HiJackThis[1].exe
 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6173\SiteAdv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6173\SiteAdv.dll
O4 - HKLM\..\Run: [MVS Splash] "C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe"
O4 - HKLM\..\Run: [McAfee Managed Services Tray] "C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyagtTry.exe"
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6173\SiteAdv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.2.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-03.sun.com/s/ESD5/JSCDL/jre/6u10-b92-b/jinstall-6u10-windows-i586-jc.cab?e=1227289868121&h=5fef71a67cd83d7ae2aff16d36369723/&filename=jinstall-6u10-windows-i586-jc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = aandc.local
O17 - HKLM\Software\..\Telephony: DomainName = aandc.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = aandc.local
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINNT\
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: EngineServer - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McShield - McAfee, Inc. - C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
O23 - Service: McAfee Virus and Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\System32\HPZipm12.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6173\SAService.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: WinFax PRO (wfxsvc) - Symantec Corporation - C:\WINNT\System32\WFXSVC.EXE
O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\WINNT\
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)
 
--
End of file - 7041 bytes

Open in new window

This entries are listed as unknown but not dangerous.
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINNT\
O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\WINNT\
Other than that your log file is completely clean.
There are a few entries for HP digital imaging in your log file. I just wanted to make sure that this is software that you installed and are aware of.
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\HEWLET~1\DIGITA~1\PRODUC~1\bin\hprblog.exe