Scratch that last post, I think I finally managed to complete the instructions.
Here is the vundofix.txt file results:
VundoFix V6.5.1
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Scan started at 5:34:31 PM 6/19/2007
Listing files found while scanning....
C:\WINDOWS\msagent\chars\adbli.bak1
C:\WINDOWS\msagent\chars\adbli.bak2
C:\WINDOWS\msagent\chars\adbli.ini
C:\WINDOWS\msagent\chars\adbli.ini2
C:\WINDOWS\msagent\chars\adbli.tmp
C:\WINDOWS\msagent\chars\ilbda.dll
C:\WINDOWS\system32\awvvt.dll
C:\WINDOWS\system32\bxgijggx.dll
C:\WINDOWS\system32\cbxxxwv.dll
C:\WINDOWS\system32\cdygopdy.dll
C:\windows\system32\ddccbcy.dll
C:\WINDOWS\system32\djktcoaa.dll
C:\WINDOWS\system32\etdowvok.dll
C:\windows\system32\gebaxxx.dll
C:\WINDOWS\system32\gxmrtqyq.dll
C:\WINDOWS\system32\hvnroees.dll
C:\windows\system32\iifggec.dll
C:\WINDOWS\system32\ixhaxcid.dll
C:\WINDOWS\system32\ixtjnpce.dll
C:\WINDOWS\system32\lxuiebfv.dll
C:\windows\system32\ncgxleis.dll
C:\windows\system32\nmeicfbu.ini
C:\windows\system32\nnnonlj.dll
C:\WINDOWS\system32\qaothkxl.dll
C:\WINDOWS\system32\qpihrnrh.dll
C:\WINDOWS\system32\ryfvjwyy.dll
C:\windows\system32\sielxgcn.ini
C:\windows\system32\tvvwa.bak1
C:\windows\system32\tvvwa.bak2
C:\windows\system32\tvvwa.ini
C:\windows\system32\tvvwa.ini2
C:\windows\system32\tvvwa.tmp
C:\WINDOWS\system32\ubfciemn.dll
C:\windows\system32\vtutsst.dll
Beginning removal...
Attempting to delete C:\WINDOWS\msagent\chars\adbli.bak1
C:\WINDOWS\msagent\chars\adbli.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\msagent\chars\adbli.bak2
C:\WINDOWS\msagent\chars\adbli.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\msagent\chars\adbli.ini
C:\WINDOWS\msagent\chars\adbli.ini Has been deleted!
Attempting to delete C:\WINDOWS\msagent\chars\adbli.ini2
C:\WINDOWS\msagent\chars\adbli.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\msagent\chars\adbli.tmp
C:\WINDOWS\msagent\chars\adbli.tmp Has been deleted!
Attempting to delete C:\WINDOWS\system32\awvvt.dll
C:\WINDOWS\system32\awvvt.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cbxxxwv.dll
C:\WINDOWS\system32\cbxxxwv.dll Has been deleted!
Attempting to delete C:\windows\system32\ddccbcy.dll
C:\windows\system32\ddccbcy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\djktcoaa.dll
C:\WINDOWS\system32\djktcoaa.dll Has been deleted!
Attempting to delete C:\windows\system32\gebaxxx.dll
C:\windows\system32\gebaxxx.dll Has been deleted!
Attempting to delete C:\windows\system32\iifggec.dll
C:\windows\system32\iifggec.dll Has been deleted!
Attempting to delete C:\windows\system32\ncgxleis.dll
C:\windows\system32\ncgxleis.dll Has been deleted!
Attempting to delete C:\windows\system32\nmeicfbu.ini
C:\windows\system32\nmeicfbu.ini Has been deleted!
Attempting to delete C:\windows\system32\nnnonlj.dll
C:\windows\system32\nnnonlj.dll Has been deleted!
Attempting to delete C:\windows\system32\sielxgcn.ini
C:\windows\system32\sielxgcn.ini Has been deleted!
Attempting to delete C:\windows\system32\tvvwa.bak1
C:\windows\system32\tvvwa.bak1 Has been deleted!
Attempting to delete C:\windows\system32\tvvwa.bak2
C:\windows\system32\tvvwa.bak2 Has been deleted!
Attempting to delete C:\windows\system32\tvvwa.ini
C:\windows\system32\tvvwa.ini Has been deleted!
Attempting to delete C:\windows\system32\tvvwa.ini2
C:\windows\system32\tvvwa.ini2 Has been deleted!
Attempting to delete C:\windows\system32\tvvwa.tmp
C:\windows\system32\tvvwa.tmp Has been deleted!
Attempting to delete C:\WINDOWS\system32\ubfciemn.dll
C:\WINDOWS\system32\ubfciemn.dll Could not be deleted.
Attempting to delete C:\windows\system32\vtutsst.dll
C:\windows\system32\vtutsst.dll Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.5.1
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Scan started at 5:38:55 PM 6/19/2007
Listing files found while scanning....
C:\WINDOWS\msagent\chars\ilbda.dll
C:\windows\system32\ubfciemn.dll
Beginning removal...
Attempting to delete C:\windows\system32\ubfciemn.dll
C:\windows\system32\ubfciemn.dll Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.5.1
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Scan started at 5:56:18 PM 6/19/2007
Listing files found while scanning....
C:\WINDOWS\msagent\chars\ilbda.dll
Beginning removal...
Performing Repairs to the registry.
Done!
Beginning removal...
VundoFix V6.5.1
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Scan started at 6:04:15 PM 6/19/2007
Listing files found while scanning....
C:\WINDOWS\msagent\chars\ilbda.dll
Beginning removal...
Performing Repairs to the registry.
Done!
VundoFix V6.5.1
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Scan started at 6:38:21 PM 6/19/2007
Listing files found while scanning....
C:\WINDOWS\msagent\chars\ilbda.dll
C:\WINDOWS\system32\awtsr.dll
C:\WINDOWS\system32\rstwa.bak1
C:\WINDOWS\system32\rstwa.ini
Beginning removal...
Attempting to delete C:\WINDOWS\system32\awtsr.dll
C:\WINDOWS\system32\awtsr.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\rstwa.bak1
C:\WINDOWS\system32\rstwa.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\system32\rstwa.ini
C:\WINDOWS\system32\rstwa.ini Has been deleted!
Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\WINDOWS\system32\awtsr.dll
C:\WINDOWS\system32\awtsr.dll Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.5.1
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Scan started at 6:50:49 PM 6/19/2007
Listing files found while scanning....
C:\WINDOWS\msagent\chars\ilbda.dll
Beginning removal...
Performing Repairs to the registry.
Done!
VundoFix V6.5.1
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Scan started at 8:16:37 PM 6/19/2007
Listing files found while scanning....
C:\WINDOWS\msagent\chars\ilbda.dll
C:\WINDOWS\system32\ststv.bak1
C:\WINDOWS\system32\ststv.ini
C:\WINDOWS\system32\vtsts.dll
Beginning removal...
Attempting to delete C:\WINDOWS\system32\ststv.bak1
C:\WINDOWS\system32\ststv.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\system32\ststv.ini
C:\WINDOWS\system32\ststv.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtsts.dll
C:\WINDOWS\system32\vtsts.dll Could not be deleted.
Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\WINDOWS\system32\vtsts.dll
C:\WINDOWS\system32\vtsts.dll Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.5.1
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Scan started at 10:37:45 PM 6/19/2007
Listing files found while scanning....
C:\WINDOWS\msagent\chars\ilbda.dll
C:\WINDOWS\system32\ihhkj.bak1
C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\jkhhi.dll
Beginning removal...
Attempting to delete C:\WINDOWS\system32\ihhkj.bak1
C:\WINDOWS\system32\ihhkj.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\ihhkj.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkhhi.dll
C:\WINDOWS\system32\jkhhi.dll Could not be deleted.
Performing Repairs to the registry.
Done!
VundoFix V6.5.1
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Scan started at 10:41:40 PM 6/19/2007
Listing files found while scanning....
C:\WINDOWS\msagent\chars\ilbda.dll
Beginning removal...
Performing Repairs to the registry.
Done!
Beginning removal...
Performing Repairs to the registry.
Done!
VundoFix V6.5.1
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Scan started at 10:56:27 PM 6/19/2007
Listing files found while scanning....
C:\WINDOWS\msagent\chars\ilbda.dll
C:\WINDOWS\system32\gebyx.dll
C:\WINDOWS\system32\xybeg.bak1
C:\WINDOWS\system32\xybeg.ini
Beginning removal...
Attempting to delete C:\WINDOWS\system32\gebyx.dll
C:\WINDOWS\system32\gebyx.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\xybeg.bak1
C:\WINDOWS\system32\xybeg.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\system32\xybeg.ini
C:\WINDOWS\system32\xybeg.ini Has been deleted!
Performing Repairs to the registry.
Done!
----------------------
And here is a fresh HiJackThis file ran directly after the vundo fix this evening:
Logfile of HijackThis v1.99.1
Scan saved at 11:04:13 PM, on 6/19/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\AGRSMMSG.exe
C:\hp\drivers\keyboard\PS2.EXE
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\poolsv.exe
C:\WINDOWS\retadpu2000219.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\PROGRA~1\HPINST~1\Pavilion\XPHNABP4EN\plugin\bin\PCHButton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Outerinfo\Outerinfo.exe
C:\Program Files\Outerinfo\OuterinfoUpdate.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\betqxpab.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\Crusty.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://us10.hpwis.com/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://srch-us10.hpwis.com/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.c...//www.yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://us.rd.yahoo.c...//www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.c...//www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.c...//www.yahoo.comR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: (no name) - {11A8E3B1-18F6-4DE3-B689-62768733D2FA} - C:\WINDOWS\msagent\chars\ilbda.dll (file missing)
O2 - BHO: (no name) - {257DF5E6-86B0-4F93-A4B4-62CDF5A5968F} - C:\Program Files\Windows Media Player\mepowyzyl58441.dll
O2 - BHO: (no name) - {2E9D4C81-9F27-4c14-B804-7B0F6BC88A4F} - C:\Program Files\Outerinfo\Outerinfo.dll
O2 - BHO: (no name) - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
O2 - BHO: (no name) - {5ADF3862-9E2E-4ad3-86F7-4510E6550CD0} - C:\WINDOWS\system32\bysmmxrs.dll
O2 - BHO: (no name) - {5C5632F4-BDD7-4895-9BFF-66975B55938F} - C:\WINDOWS\system32\awvvt.dll (file missing)
O2 - BHO: (no name) - {84E1D979-0594-4313-AB51-25AACD0B7DC9} - C:\Program Files\Windows Media Player\mepowyzyl43855.dll
O2 - BHO: (no name) - {99DEF144-1C36-42FB-9642-64728EB36375} - C:\WINDOWS\system32\jkhhi.dll
O2 - BHO: (no name) - {ADAF85CB-07F6-4719-B9EB-04FA96C0ACCA} - C:\WINDOWS\system32\gebyx.dll (file missing)
O2 - BHO: (no name) - {B048BA72-A8AD-49AA-BAF1-A4FB40734D53} - C:\WINDOWS\system32\vtsts.dll (file missing)
O2 - BHO: (no name) - {C143A4E9-F177-415A-98E4-3B6D263CC3F6} - C:\WINDOWS\system32\awtsr.dll (file missing)
O2 - BHO: (no name) - {DC192567-65F9-4AB6-ADB7-E13575F81726} - C:\WINDOWS\system32\fcccbcd.dll
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\hp\drivers\keyboard\PS2.EXE
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HEProtect] C:\Program Files\Hauri\ViRobot Desktop 5.0\AntiSpam\HSockPE.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [poolsv] "C:\WINDOWS\poolsv.exe"
O4 - HKLM\..\Run: [{ZN}] C:\Documents and Settings\Owner\Local Settings\Temp\thinksnet.exe CHD003
O4 - HKLM\..\Run: [qjknzngA] C:\WINDOWS\qjknzngA.exe
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\retadpu2000219.exe 61A847B5BBF72810329B385473F001F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\Pavilion\XPHNABP4EN\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Outerinfo] "C:\Program Files\Outerinfo\Outerinfo.exe"
O4 - HKCU\..\Run: [OuterinfoUpdate] "C:\Program Files\Outerinfo\OuterinfoUpdate.exe"
O4 - Startup: TA_Start.lnk = C:\Documents and Settings\Owner\Local Settings\Temp\thinksnet.exe
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
O8 - Extra context menu item: &Search -
http://kb.bar.need2f...earch.html?p=KBO8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: *.drivecleaner.com
O15 - Trusted Zone: *.winantispyware.com
O15 - Trusted Zone: *.winantivirus.com
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} -
http://download.shoc...otoy/OTOYAX.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn...pDownloader.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://zone.msn.com/...ro.cab34246.cabO16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) -
http://us.dl1.yimg.c...utocomplete.cabO20 - Winlogon Notify: fcccbcd - C:\WINDOWS\SYSTEM32\fcccbcd.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: ilbda - C:\WINDOWS\msagent\chars\ilbda.dll (file missing)
O20 - Winlogon Notify: jkhhi - C:\WINDOWS\system32\jkhhi.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: DomainService - - C:\WINDOWS\system32\betqxpab.exe
O23 - Service: ViRobot for WinNT Folder Protect (HFACSVC) - Unknown owner - C:\Program Files\Hauri\ViRobot Desktop 5.0\AccessControl\HFACSvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Hauri Firewall (vrfwsvc) - Unknown owner - C:\Program Files\Hauri\ViRobot Desktop 5.0\PCFirewall\vrfwsvc.exe (file missing)
O23 - Service: ViRobot Desktop Monitoring (vrmonsvc) - Unknown owner - C:\Program Files\Hauri\Common\Base\vrmonsvc.exe (file missing)