combofix.exe logThomas - 06-10-12 14:26:29.03 Service Pack 2
ComboFix 06.10.11 - Running from: "C:\spyware apps"
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\components
C:\Program Files\Common Files\{E4C2E236-0702-3081-0517-02011102003d}
((((((((((((((((((((((((((((((( Files Created from 2006-09-12 to 2006-10-12 ))))))))))))))))))))))))))))))))))
2006-10-11 17:44 18,944 --a------ C:\WINDOWS\system32\simptcp.dll
2006-10-09 23:39 21,312 --a------ C:\WINDOWS\choice.exe
2006-10-09 17:39 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-10-08 12:10 26,787 --a------ C:\WINDOWS\system32\drivers\vetmonnt.sys
2006-10-08 12:03 95,784 --a------ C:\WINDOWS\system32\ISafeIf.dll
2006-10-08 12:03 75,304 --a------ C:\WINDOWS\system32\VetRedir.dll
2006-10-08 12:03 75,304 --a------ C:\WINDOWS\system32\iSafProd.dll
2006-10-08 12:03 629,264 --a------ C:\WINDOWS\system32\drivers\VetEFile.sys
2006-10-08 12:03 21,031 --a------ C:\WINDOWS\system32\drivers\Vet-Filt.sys
2006-10-08 12:03 15,735 --a------ C:\WINDOWS\system32\drivers\VetFDDNT.sys
2006-10-08 12:03 15,478 --a------ C:\WINDOWS\system32\drivers\Vet-Rec.sys
2006-10-08 12:03 116,264 --a------ C:\WINDOWS\UnVet32.exe
2006-10-08 12:03 112,168 --a------ C:\WINDOWS\AVShlExt.dll
2006-10-08 12:03 108,592 --a------ C:\WINDOWS\system32\drivers\VetEBoot.sys
2006-10-07 00:32 724,992 --a------ C:\WINDOWS\iun6002.exe
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-10-12 14:27 -------- d-a------ C:\Program Files\Common Files
2006-10-12 13:43 -------- d-------- C:\Documents and Settings\Thomas\Application Data\uTorrent
2006-10-11 17:44 -------- d-------- C:\Program Files\Online Services
2006-10-11 17:25 -------- d-------- C:\Program Files\MSN
2006-10-10 20:03 -------- d-------- C:\Program Files\CCleaner
2006-10-09 23:59 663 --a------ C:\Documents and Settings\Thomas\Application Data\AdobeDLM.log
2006-10-09 23:59 508 --a------ C:\Documents and Settings\Thomas\Application Data\dm.ini
2006-10-09 23:55 -------- d-------- C:\Program Files\Windows Defender
2006-10-09 23:08 -------- d-------- C:\Program Files\Common Files\Adobe
2006-10-09 23:08 -------- d-------- C:\Documents and Settings\Thomas\Application Data\Adobe
2006-10-09 22:30 -------- d-------- C:\Program Files\TrojanHunter 4.6
2006-10-09 22:27 -------- d-------- C:\Documents and Settings\Thomas\Application Data\TrojanHunter
2006-10-09 22:15 -------- d-------- C:\Documents and Settings\Thomas\Application Data\Syntrillium
2006-10-09 17:38 -------- d-------- C:\Program Files\Grisoft
2006-10-08 12:03 -------- d-------- C:\Program Files\CA
2006-10-05 13:37 -------- d-------- C:\Program Files\Smart Projects
2006-09-27 16:46 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-09-08 18:04 -------- d-------- C:\Program Files\iPod
2006-09-06 21:18 -------- d-------- C:\Documents and Settings\Thomas\Application Data\SAS
2006-09-03 01:32 -------- d-------- C:\Program Files\Hardwood Hearts
2006-08-25 22:52 -------- d---s---- C:\Documents and Settings\Thomas\Application Data\Microsoft
2006-08-21 21:51 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 18:44 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-21 18:44 128896 --------- C:\WINDOWS\system32\drivers\fltmgr.sys
2006-08-20 19:29 -------- d-------- C:\Program Files\SilverCreekCommonFiles
2006-08-20 19:29 -------- d-------- C:\Program Files\Silver Creek Installer
2006-08-16 22:42 -------- d-------- C:\Program Files\NoAdware4
2006-08-15 09:36 -------- d-------- C:\Program Files\Internet Explorer
2006-07-27 22:54 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-07-21 17:54 72704 --a------ C:\WINDOWS\system32\hlink.dll
2006-07-16 11:21 45568 --------- C:\WINDOWS\ATF-Cleaner.exe
2006-07-16 11:01 2144 --------- C:\WINDOWS\FixTC.reg
2006-07-14 20:12 67176 --a------ C:\Documents and Settings\Thomas\Application Data\GDIPFONTCACHEV1.DAT
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"zBrowser Launcher"="C:\\Program Files\\Logitech\\iTouch\\iTouch.exe"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"MsmqIntCert"="regsvr32 /s mqrt.dll"
"AdwareAlert"="C:\\Program Files\\AdwareAlert\\AdwareAlert.exe -boot"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000000
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^.protected]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\.protected"
"backup"="C:\\WINDOWS\\pss\\.protectedCommon Startup"
"location"="Common Startup"
"command"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\.protected"
"item"=".protected"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NkvMon.exe.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\NkvMon.exe.lnk"
"backup"="C:\\WINDOWS\\pss\\NkvMon.exe.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Nikon\\NkView6\\NkvMon.exe "
"item"="NkvMon.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^Thomas^Start Menu^Programs^Startup^.protected]
"path"="C:\\Documents and Settings\\Thomas\\Start Menu\\Programs\\Startup\\.protected"
"backup"="C:\\WINDOWS\\pss\\.protectedStartup"
"location"="Startup"
"command"="C:\\Documents and Settings\\Thomas\\Start Menu\\Programs\\Startup\\.protected"
"item"=".protected"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\!AVG Anti-Spyware]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="avgas"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\CaAvTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CAVTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\CA\\eTrust Vet Antivirus\\CAVTray.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\CAVRID]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CAVRID"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\CA\\eTrust Vet Antivirus\\CAVRID.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\dlmMgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeDownloadManager"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ESD\\AdobeDownloadManager.exe\" restart=1"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\IMONTRAY]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="imontray"
"hkey"="HKLM"
"command"="C:\\Program Files\\Intel\\Intel® Active Monitor\\imontray.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\nwiz]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="nwiz"
"hkey"="HKLM"
"command"="nwiz.exe /install"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SpyKiller]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="spykiller"
"hkey"="HKCU"
"command"="C:\\Program Files\\SpyKiller\\spykiller.exe /startup"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\THGuard]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="THGuard"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\TrojanHunter 4.6\\THGuard.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\UserFaultCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="dumprep 0 -u"
"hkey"="HKLM"
"command"="%systemroot%\\system32\\dumprep 0 -u"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Windows Defender]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MSASCui"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\xgicmfm.dll]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="xgicmfm"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\rundll32.exe C:\\WINDOWS\\system32\\xgicmfm.dll,ebsywze"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\services]
"SuperProServer"=dword:00000003
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
backup-20061010-213404-285
O20 - Winlogon Notify: winpdc32 - winpdc32.dll (file missing)
backup-20061010-213403-763
O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} (ZPA_HRTZ Object) -
http://zone.msn.com/...tz.cab40641.cabbackup-20061010-213402-371
O16 - DPF: {590FFB84-6A29-4797-9C0E-B15DF2C4CDCB} -
http://soft.trustinc...stall/tload.cabbackup-20061010-213402-622
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Documents and Settings\Thomas\My Documents\Police Quest 3\dsd\PartyPoker.exe (file missing)
backup-20061010-213402-915
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Documents and Settings\Thomas\My Documents\Police Quest 3\dsd\PartyPoker.exe (file missing)
backup-20061010-213401-346
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
backup-20061010-213401-741
O2 - BHO: (no name) - {0995F025-BE6E-4812-3AE1-047F85303F70} - C:\WINDOWS\system32\svpenim.dll
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Ad-Aware SE Professional.job
C:\WINDOWS\tasks\C9E42F3C94E00BB0.job
C:\WINDOWS\tasks\eTrust Vet Antivirus.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
Completion time: 06-10-12 14:28:20.45
ComboFix.txt
Hijackthis logLogfile of HijackThis v1.99.1
Scan saved at 14:41, on 06-10-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\CA\eTrust Vet Antivirus\ISafe.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\eTrust Vet Antivirus\VetMsg.exe
C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\Explorer.EXE
C:\HJT\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Shorten URL -
http://www.cjb.net/menuext.htmlO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) -
http://zone.msn.com/...UI.cab46479.cabO16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) -
http://zone.msn.com/...dy.cab32846.cabO16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) -
http://zone.msn.com/...at.cab32846.cabO16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) -
http://www.pcpitstop.com/mhLbl.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://cdn2.zone.msn...ro.cab34246.cabO16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) -
http://zone.msn.com/...xy.cab41227.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{2812B84C-17DD-46F7-8EDE-744965F537D0}: NameServer = 61.9.128.16,61.9.128.13
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = bigpond.net.au
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = bigpond.net.au
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = bigpond.net.au
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Vet Antivirus\ISafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel® Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Vet Antivirus\VetMsg.exe
Cheers!