thanks for the reply. for the record i used trend micro HouseCall prior to posting in this forum. to adhere to your request i have installed avira and the requested logs are listed below. thanks again for the help.
AntiVir PersonalEdition Classic
Report file date: Saturday, February 02, 2008 01:11
Scanning for 1089295 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: L19472-037-2
Version information:
BUILD.DAT : 270 15603 Bytes 9/19/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 8/23/2007 20:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 8/16/2007 19:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 8/14/2007 22:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 8/21/2007 19:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 7/18/2007 07:07:03
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 12/14/2007 07:07:04
ANTIVIR2.VDF : 7.0.2.49 1339904 Bytes 1/25/2008 07:07:05
ANTIVIR3.VDF : 7.0.2.82 259072 Bytes 2/1/2008 07:07:05
AVEWIN32.DLL : 7.6.0.62 3240448 Bytes 2/2/2008 07:07:08
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2/26/2007 17:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 7/18/2007 14:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 4/16/2007 20:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 2/2/2008 07:07:09
AVREG.DLL : 7.0.1.6 30760 Bytes 7/18/2007 14:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 8/28/2007 19:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 7/18/2007 14:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 3/8/2007 18:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 8/7/2007 19:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 8/21/2007 19:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 7/23/2007 16:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: Saturday, February 02, 2008 01:11
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'hamachi.exe' - '1' Module(s) have been scanned
Scan process 'DLG.exe' - '1' Module(s) have been scanned
Scan process 'TosBtHSP.exe' - '1' Module(s) have been scanned
Scan process 'TosA2dp.exe' - '1' Module(s) have been scanned
Scan process 'TosBtMng.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'WUSB54GC.exe' - '1' Module(s) have been scanned
Scan process 'WLService.exe' - '1' Module(s) have been scanned
Scan process 'winvnc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned
Scan process 'NicConfigSvc.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'BAsfIpM.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
Scan process 'SUPERAntiSpyware.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'point32.exe' - '1' Module(s) have been scanned
Scan process 'quickset.exe' - '1' Module(s) have been scanned
Scan process 'iFrmewrk.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'SynTPLpr.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ZCfgSvc.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'WLKEEPER.exe' - '1' Module(s) have been scanned
Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned
Scan process 'EvtEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
49 processes with 49 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '37' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Administrator\.housecall6.6\Quarantine\windows.vir.bac_a02532
[DETECTION] Is the Trojan horse TR/Zapchast.DT.1
[INFO] The file was moved to '48121851.qua'!
C:\Documents and Settings\Administrator\Desktop\Tools\OiUninstaller.exe
[DETECTION] Contains detection pattern of the dropper DR/PurityScan.GR
[WARNING] The file was ignored!
C:\Program Files\SDFix\backups\backups.zip
[0] Archive type: ZIP
--> backups/backup-20080125-231949-152-source.html
[DETECTION] Is the Trojan horse TR/Click.HTML.IFrame.DN
[WARNING] The file was ignored!
C:\QooBox\Quarantine\catchme2008-01-27_140429.42.zip
[0] Archive type: ZIP
--> kcoziqcs.dll
[DETECTION] Is the Trojan horse TR/Vundo.DWB
--> ssttr.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48181d3c.qua'!
C:\QooBox\Quarantine\C\Program Files\Temporary\kernInst.exe.vir
[DETECTION] Is the Trojan horse TR/Agent.edq
[INFO] The file was moved to '48161dd5.qua'!
C:\QooBox\Quarantine\C\WINDOWS\b122.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Agent.hvj.1
[INFO] The file was moved to '47d61da6.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\awtstuu.dll.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '48181df0.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\bnsxoxsu.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.dvc.6
[INFO] The file was moved to '48171de9.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\brqplmof.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48151dee.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\cgrfapva.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48161de6.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\cslpnusr.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48101df4.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\jljeyggm.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.dvc.6
[INFO] The file was moved to '480e1dee.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\kcoziqcs.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.DWB
[INFO] The file was moved to '48131de7.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\qijiomsa.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.DWB
[INFO] The file was moved to '480e1def.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\ssttr.dll.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '48181dfb.qua'!
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP220\A0020467.exe
[DETECTION] Contains detection pattern of the dropper DR/PurityScan.GP
[INFO] The file was moved to '47d41dc7.qua'!
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP220\A0020468.exe
[DETECTION] Is the Trojan horse TR/Dldr.Purity.BV.7
[INFO] The file was moved to '47d41dcb.qua'!
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP220\A0020492.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47d41dcd.qua'!
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP222\A0022559.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47d41dd4.qua'!
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP222\A0022560.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47d41dd6.qua'!
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP222\A0022561.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47d41dd8.qua'!
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP223\A0022752.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.hvj.1
[INFO] The file was moved to '47d41ddf.qua'!
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP223\A0022758.dll
[DETECTION] Is the Trojan horse TR/Vundo.dvc.6
[INFO] The file was moved to '47d41de1.qua'!
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP223\A0022759.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '47d41de5.qua'!
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP223\A0022760.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '47d41de7.qua'!
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP223\A0022761.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '47d41de9.qua'!
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP223\A0022762.dll
[DETECTION] Is the Trojan horse TR/Vundo.dvc.6
[INFO] The file was moved to '47d41dea.qua'!
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP223\A0022763.dll
[DETECTION] Is the Trojan horse TR/Vundo.DWB
[INFO] The file was moved to '47d41deb.qua'!
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP223\A0022766.exe
[DETECTION] Is the Trojan horse TR/Agent.edq
[INFO] The file was moved to '47d41ded.qua'!
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP223\A0022777.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '47d41df1.qua'!
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP223\A0022778.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '47d41df2.qua'!
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP223\A0022779.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '47d41df4.qua'!
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP223\A0022788.dll
[DETECTION] Is the Trojan horse TR/Vundo.DWB
[INFO] The file was moved to '47d41df6.qua'!
C:\WINDOWS\system32\ahuaxmep.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '48192027.qua'!
C:\WINDOWS\system32\ilkwrelk.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '480f204d.qua'!
C:\WINDOWS\system32\drivers\parvdmm.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\nGpxx01\nGpxx011065.exe
[DETECTION] Is the Trojan horse TR/Dldr.VB.cge
[INFO] The file was moved to '48142081.qua'!
End of the scan: Saturday, February 02, 2008 01:48
Used time: 36:56 min
The scan has been done completely.
3343 Scanning directories
210408 Files were scanned
37 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
34 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
210371 Files not concerned
3074 Archives were scanned
5 Warnings
0 Notes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:57:16 AM, on 2/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\RealVNC\WinVNC\WinVNC.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Hamachi\hamachi.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {de9f9b1a-90eb-482f-99f1-4e28470171d5} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\RealVNC\WinVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [SpybotDeletingA8292] command /c del "C:\WINDOWS\system32\drivers\core.cache.dsk"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6275] cmd /c del "C:\WINDOWS\system32\drivers\core.cache.dsk"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O14 - IERESET.INF: START_PAGE_URL=http://www.thomashospital.com/
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) -
http://lads.myspace....ploader1005.cabO17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = admin
O17 - HKLM\Software\..\Telephony: DomainName = admin
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = admin
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = admin
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Microsoft cache control (MSControlService) - Unknown owner - C:\WINDOWS\system32\windows (file missing)
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: VNC Server (winvnc) - RealVNC Ltd. - C:\Program Files\RealVNC\WinVNC\WinVNC.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
--
End of file - 6730 bytes