Wasn't sure how to post the results of Jotti/VirusTotal but both displayed "Found Nothing" (or was it "Nothing Found"?) Anyway, hopefully that is good enough. Here is the remaining info requested.
ComboFix 08-07-05.1 - 9X7J 2008-07-07 13:02:57.4 - NTFSx86
Running from: C:\Documents and Settings\9X7J\Desktop\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2008-06-07 to 2008-07-07 )))))))))))))))))))))))))))))))
.
2008-07-04 20:47 . 2008-07-04 20:47 89,088 --a------ C:\WINDOWS\system32\nxfscsss.dll
2008-07-04 20:45 . 2008-07-04 20:45 108,360 --a------ C:\WINDOWS\system32\tawvswxj.exe
2008-07-04 10:44 . 2008-07-04 10:44 <DIR> d-------- C:\Program Files\Trend Micro
2008-07-03 07:54 . 2008-07-03 07:54 <DIR> d-------- C:\WINDOWS\system32\734914
2008-07-02 23:19 . 2008-07-02 23:19 <DIR> d-------- C:\Program Files\Lavasoft
2008-07-02 23:19 . 2008-07-02 23:19 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-02 22:31 . 2008-07-03 14:03 579 --a------ C:\WINDOWS\wininit.ini
2008-06-23 20:51 . 2008-06-23 20:51 <DIR> d-------- C:\Program Files\Astraware
2008-06-23 00:05 . 2008-06-23 00:05 <DIR> d-------- C:\Program Files\Resco
2008-06-23 00:05 . 2006-12-08 12:23 90,112 --a------ C:\WINDOWS\RSetupCE.exe
2008-06-13 23:06 . 2008-06-13 23:06 <DIR> d-------- C:\GameSpy Arcade Setup
2008-06-13 22:36 . 2008-06-13 23:07 <DIR> d-------- C:\Program Files\PANZERS - Phase1
2008-06-10 17:22 . 2008-06-13 09:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-10 17:22 . 2008-06-13 09:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-07 17:00 --------- d-----w C:\Program Files\WorksitePro
2008-07-07 17:00 --------- d-----w C:\Program Files\Symantec AntiVirus
2008-07-07 13:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-03 03:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-03 00:21 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-03 00:21 --------- d-----w C:\Documents and Settings\9X7J\Application Data\CaribbeanHideaway
2008-06-23 04:05 --------- d-----w C:\Program Files\Microsoft ActiveSync
2008-06-05 03:39 --------- d-----w C:\Program Files\Chill
2008-05-21 04:55 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-05-18 19:06 --------- d-----w C:\Documents and Settings\9X7J\Application Data\MSNInstaller
2008-05-16 15:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-05-12 02:31 --------- d-----w C:\Program Files\iTunes
2008-05-12 02:31 --------- d-----w C:\Program Files\iPod
2008-05-12 02:28 --------- d-----w C:\Program Files\QuickTime
2008-05-12 02:28 --------- d-----w C:\Program Files\Bonjour
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-21 07:04 659,456 ----a-w C:\WINDOWS\system32\wininet.dll
2007-07-02 02:39 64,048 -c--a-w C:\Documents and Settings\9X7J\Application Data\GDIPFONTCACHEV1.DAT
2007-06-07 13:52 143,360 --sha-r C:\WINDOWS\IdleProc.exe
2007-06-07 13:52 200,704 --sha-r C:\WINDOWS\MsCae32.dll
2007-06-07 13:52 172,032 --sha-r C:\WINDOWS\system32\MsChkSys.dll
2007-06-07 13:52 339,968 --sha-r C:\WINDOWS\system32\MsChkSys.exe
2007-06-07 13:52 22,528 --sha-r C:\WINDOWS\system32\Optic32.dll
2007-06-07 13:52 176,128 -csha-r C:\WINDOWS\system32\SafPwd32.dll
2007-06-07 13:52 77,824 -csha-r C:\WINDOWS\system32\SdwChang.exe
2007-06-07 13:52 90,112 -csha-r C:\WINDOWS\system32\SdwCreat.exe
2007-06-07 13:52 77,824 -csha-r C:\WINDOWS\system32\SdwExpan.exe
2007-06-07 13:52 282,624 --sha-r C:\WINDOWS\system32\SdwLib.dll
2007-06-07 13:52 110,592 --sha-r C:\WINDOWS\system32\SdwMap32.exe
2007-06-07 13:52 77,824 --sha-w C:\WINDOWS\system32\drivers\SafDskNT.sys
.
((((((((((((((((((((((((((((( snapshot@2008-07-07_ 8.06.26.28 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-07-07 11:48:33 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-07 16:59:54 2,048 --s-a-w C:\WINDOWS\bootstat.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:00 15360]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 13:39 1289000]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 12:43 2097488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WSPPurge"="C:\Program Files\Aflac\Common\WSPPurge.exe" [2007-12-26 11:41 20480]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-08-01 12:07 729177]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-05-11 11:47 151552]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2004-07-02 07:48 163840]
"Afaria Client File Differencing"="C:\Program Files\AClient\Bin\XCDiffCache.exe" [2006-11-30 23:03 167936]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-07-19 20:26 52896]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2006-09-27 21:33 125168]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-02-27 04:59 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-02-27 04:56 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-02-27 05:00 118784]
"Aflac_Do_Not_Remove"="C:\Aflac2000\WSPInfo.exe" [2006-09-12 08:15 45056]
"!SysInit"="c:\windows\system32\mschksys.exe" [2007-06-07 09:52 339968]
"CMGCredUI"="C:\WINDOWS\system32\CredUI.exe" [2007-05-08 11:56 204878]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 01:50 88204 C:\WINDOWS\AGRSMMSG.exe]
"RTHDCPL"="RTHDCPL.EXE" [2005-12-09 02:49 15691264 C:\WINDOWS\RTHDCPL.EXE]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Afaria Client Generic Scheduler.lnk - C:\Program Files\AClient\Bin\XCGSTask.exe [2006-11-07 10:01:42 552960]
Cisco Systems VPN Client.lnk - C:\Program Files\Cisco Systems\VPN Client\vpngui.exe [2006-11-07 10:00:49 1459392]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PCANotify]
2003-10-31 11:01 8704 C:\WINDOWS\system32\PCANotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Symantec\\pcAnywhere\\Winaw32.exe"=
"C:\\Program Files\\Symantec\\pcAnywhere\\awhost32.exe"=
"C:\\Program Files\\Symantec\\pcAnywhere\\awrem32.exe"=
"C:\\Program Files\\Steam\\SteamApps\\jeschman\\the ship\\ship.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 CredCEF;CredCEF;C:\WINDOWS\system32\Drivers\CredCEF.sys [2007-05-08 11:53]
R0 O2MDRDR;O2MDRDR;C:\WINDOWS\system32\DRIVERS\o2media.sys [2005-07-08 17:06]
R0 O2SDRDR;O2SDRDR;C:\WINDOWS\system32\DRIVERS\o2sd.sys [2005-09-23 10:48]
R1 SafDskNT;SafDskNT;C:\WINDOWS\system32\drivers\SafDskNT.sys [2007-06-07 09:52]
R2 CMGShield;CMG Shield;C:\WINDOWS\system32\Credant.exe [2007-05-08 11:55]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{97d0f274-1506-11dc-9956-0019d26e488a}]
\Shell\AutoRun\command - E:\Setup.exe
*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2008-06-19 23:27:26 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
- - - - ORPHANS REMOVED - - - -
BHO-{0E2E6382-7A6A-4B56-B646-0F11C13B3EA8} - (no file)
BHO-{19F985B9-1B7F-47DD-9A76-944B205AAEB8} - (no file)
BHO-{4022B044-363A-4158-BC53-0B1512D7289F} - (no file)
BHO-{550DCA36-F7CE-427D-96C3-478FE2991EA3} - (no file)
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-07-07 13:06:20
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
C:\Documents and Settings\9X7J\Local Settings\Application Data\Identities\{EEF7A7A2-42D0-4B8F-A56B-CBF44109853B}\Microsoft\Outlook Express\CredDB.CEF 1184 bytes
C:\Documents and Settings\9X7J\Local Settings\Application Data\Microsoft\Office\ONetConfig\CredDB.CEF 612 bytes
C:\Documents and Settings\9X7J\Application Data\Adobe\Acrobat\7.0\Messages\ENU\CredDB.CEF 296 bytes
C:\Documents and Settings\9X7J\Application Data\Adobe\Acrobat\7.0\Updater\CredDB.CEF 296 bytes
C:\Documents and Settings\9X7J\Application Data\Adobe\Flash Player\AssetCache\5A7VTE23\CredDB.CEF 296 bytes
C:\Documents and Settings\9X7J\Application Data\Adobe\Linguistics\Dictionaries\Adobe Custom Dictionary\eng\CredDB.CEF 296 bytes
C:\Documents and Settings\9X7J\Application Data\Big Fish Games\Azada\CredDB.CEF 296 bytes
C:\Documents and Settings\9X7J\Application Data\Gamelab\Jojos Fashion Show\CredDB.CEF 296 bytes
C:\Documents and Settings\9X7J\Application Data\Google\GoogleEarth\CredDB.CEF 296 bytes
C:\Documents and Settings\9X7J\Application Data\Macromedia\Director MX 2004\Escape\Prefs\CredDB.CEF 592 bytes
C:\Documents and Settings\9X7J\Application Data\Macromedia\Shockwave Player\Prefs\5B2PQYNL\CredDB.CEF 296 bytes
C:\Documents and Settings\9X7J\Application Data\Microsoft\Internet Explorer\CredDB.CEF 296 bytes
C:\Documents and Settings\9X7J\Application Data\Microsoft\Office\CredDB.CEF 1480 bytes
C:\Documents and Settings\9X7J\Application Data\PlayFirst\chocolatier\CredDB.CEF 296 bytes
C:\Documents and Settings\9X7J\Application Data\PlayFirst\chocolatier2\CredDB.CEF 296 bytes
C:\Documents and Settings\9X7J\Application Data\PlayFirst\nightshiftcode\CredDB.CEF 296 bytes
C:\Documents and Settings\9X7J\Application Data\ScreenSeven\HuhnerRacheDeluxe\CredDB.CEF 296 bytes
C:\Documents and Settings\9X7J\Application Data\Uniblue\Registry Booster2\CredDB.CEF 2664 bytes
C:\Documents and Settings\9X7J\Application Data\Valusoft\HotDish\CredDB.CEF 296 bytes
scan completed successfully
hidden files: 19
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\CredNP.dll
PROCESS: C:\WINDOWS\Explorer.exe
-> ?:\WINDOWS\system32\mslbui.dll
.
Completion time: 2008-07-07 13:07:52
ComboFix-quarantined-files.txt 2008-07-07 17:07:45
ComboFix2.txt 2008-07-07 16:48:45
ComboFix3.txt 2008-07-07 14:28:21
ComboFix4.txt 2008-07-07 12:06:48
Pre-Run: 29,068,890,112 bytes free
Post-Run: 29,056,249,856 bytes free
170 --- E O F --- 2008-06-22 03:40:39
HiJack This ...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:11:47 PM, on 7/7/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Credant.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\o2flash.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\AClient\Bin\XCDiffCache.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\CredUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\Dll32Agent.Exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\AClient\Bin\XCGSTask.exe
C:\WINDOWS\IdleProc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.comcast.net/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0E2E6382-7A6A-4B56-B646-0F11C13B3EA8} - (no file)
O2 - BHO: (no name) - {19F985B9-1B7F-47DD-9A76-944B205AAEB8} - (no file)
O2 - BHO: (no name) - {4022B044-363A-4158-BC53-0B1512D7289F} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {550DCA36-F7CE-427D-96C3-478FE2991EA3} - (no file)
O4 - HKLM\..\Run: [WSPPurge] C:\Program Files\Aflac\Common\WSPPurge.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Afaria Client File Differencing] C:\Program Files\AClient\Bin\XCDiffCache.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Aflac_Do_Not_Remove] C:\Aflac2000\WSPInfo.exe
O4 - HKLM\..\Run: [!SysInit] c:\windows\system32\mschksys.exe
O4 - HKLM\..\Run: [CMGCredUI] C:\WINDOWS\system32\CredUI.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Afaria Client Generic Scheduler.lnk = C:\Program Files\AClient\Bin\XCGSTask.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) -
http://playgames.com...ronGameHost.cabO23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: CMG Shield (CMGShield) - Credant Technologies, Inc. - C:\WINDOWS\system32\Credant.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: O2Micro Flash Memory (O2Flash) - O2Micro International - C:\WINDOWS\system32\o2flash.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
--
End of file - 8500 bytes