Sites still popping up.
Here are the Combo and HijackThis logs:
Chris and Lori Lock - 06-10-21 14:14:37.14 Service Pack 2
ComboFix 06.10.19 - Running from: "C:\Documents and Settings\Chris and Lori Lock\Desktop"
((((((((((((((((((((((((((((((((((((((((((((( Look2Me's Log ))))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\naprovau.dll
Granting sedebugprivilege to Administrators ... successful
((((((((((((((((((((((((((((((((((((((((((( E-Give / Ssk's Log )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Documents and Settings\Chris and Lori Lock\Application Data\Dxcknwrd.dll
C:\Documents and Settings\Chris and Lori Lock\Application Data\Dxcuknwrd.dll
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\cfg32.exe
C:\WINDOWS\cfg32a.exe
C:\drsmartload.exe
C:\deskbar.exe
C:\deskbar_e31.exe
C:\Documents and Settings\Chris and Lori Lock\Local Settings\Temporary Internet Files\Content.IE5\HZJVHDWE\dfndrff_e_uit[1].exe
C:\Documents and Settings\Chris and Lori Lock\Local Settings\Temporary Internet Files\Content.IE5\B8I5EHG8\deskbar_e[1].exe
C:\tigen001.exe
C:\WINDOWS\offun.exe
C:\WINDOWS\system32\dwdsregt.exe
C:\WINDOWS\system32\WinNB58.dll
C:\Installer4.exe
C:\WINDOWS\uninstall_nmon.vbs
C:\WINDOWS\system32\atmtd.dll
C:\WINDOWS\system32\atmtd.dll._
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Program Files\batty2
C:\Program Files\Deskbar
C:\Program Files\Inetget2
C:\WINDOWS\Q2hyaXMgYW5kIExvcmkgTG9jaw
C:\Program Files\cmfibula
C:\Program Files\network monitor
C:\Program Files\PrintView
C:\Program Files\Common Files\{489EB4BE-0C78-1033-0831-040528040001}
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Folders Quarantined:
C:\QooBox\Purity\Program Files\Common Files\ICROSO~1.NET
C:\QooBox\Purity\Program Files\Common Files\ICROSO~1.NET\ICROSO~1.NET
C:\QooBox\Purity\WINDOWS\system32\MBOLS~1
C:\QooBox\Purity\WINDOWS\system32\MBOLS~1\d?xplore.exe
((((((((((((((((((((((((((((((( Files Created from 2006-09-21 to 2006-10-21 ))))))))))))))))))))))))))))))))))
2006-10-21 10:02 816,288 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2006-10-21 10:02 4,960 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys
2006-10-21 10:02 4,224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys
2006-10-21 10:02 3,968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys
2006-10-21 10:02 28,416 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2006-10-19 12:26 45,070 --a------ C:\WINDOWS\system32\oqdsregk.exe
2006-10-19 12:22 919 --a------ C:\WINDOWS\system32\winpfg32.sys
2006-10-19 12:22 45,056 --a------ C:\WINDOWS\cfg32s.dll
2006-10-19 12:22 397,312 --a------ C:\WINDOWS\cfg32p.dll
2006-10-19 12:22 32,768 --a------ C:\WINDOWS\system32\WinDmy.dll
2006-10-19 12:22 2 --a------ C:\WINDOWS\system32\wnsapicc.exe
2006-10-19 12:22 172,131 --a------ C:\WINDOWS\system32\qwinrpem.exe
2006-10-19 12:22 131,072 --a------ C:\WINDOWS\system32\rkupginstaller.exe
2006-10-19 12:22 131,072 --a------ C:\WINDOWS\system32\hbra.dll
2006-10-19 12:22 110,592 --a------ C:\WINDOWS\cfg32o.dll
2006-10-19 12:22 102,400 --a------ C:\WINDOWS\cfg32r.dll
2006-10-19 12:22 1,429,504 --a------ C:\WINDOWS\system32\rlvknlg.exe
2006-10-19 12:21 349,696 --a------ C:\921_135b.exe
2006-10-19 12:21 326 --a------ C:\WINDOWS\rgvrp.dll
2006-10-19 12:21 32,768 --a------ C:\DXC9.exe
2006-10-19 12:21 183,478 --a------ C:\WINDOWS\srvdvbywwe.exe
2006-10-19 12:21 1,259 --a------ C:\WINDOWS\system32\zxs09277.sys
2006-10-19 12:20 45,056 --a------ C:\WINDOWS\system32\uaw5wah6a.exe
2006-10-19 12:20 45,056 --a------ C:\w77uxb8v9.exe
2006-10-19 12:20 28,672 --a------ C:\WINDOWS\system32drei.exe
2006-10-19 12:20 28,672 --a------ C:\WINDOWS\system32\lkyaekrrr.exe
2006-10-19 12:20 28,672 --a------ C:\WINDOWS\system32\drei.exe
2006-10-19 12:20 24,576 --a------ C:\WINDOWS\system32vypqj.exe
2006-10-19 12:20 24,576 --a------ C:\WINDOWS\system32\vypqj.exe
2006-10-19 12:20 24,576 --a------ C:\WINDOWS\system32\pi2pl.exe
2006-10-19 12:20 200,704 --a------ C:\WINDOWS\system32\lqe2z.dll
2006-10-19 12:20 20,480 --a------ C:\Documents and Settings\Chris and Lori Lock\setup9X.exe
2006-10-19 12:20 192 --a------ C:\Documents and Settings\Chris and Lori Lock\ggg.bat
2006-10-19 12:20 16,384 --a------ C:\Documents and Settings\Chris and Lori Lock\dr.exe
2006-10-19 12:20 135,168 --a------ C:\WINDOWS\system32\ujtnzbw.exe
2006-10-19 12:20 115,947 --a------ C:\Documents and Settings\Chris and Lori Lock\install.exe
2006-10-19 12:20 1,134,592 --a------ C:\WINDOWS\system32\ovauma1ep.exe
2006-10-19 12:20 0 --a------ C:\WINDOWS\system32uaw5wah6a.exe
2006-10-03 16:08 169,984 -ra------ C:\WINDOWS\system32\glut32.dll
2006-10-03 16:08 169,984 -ra------ C:\WINDOWS\system32\glut.dll
2006-10-03 11:34 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2006-10-03 11:34 0 --a------ C:\WINDOWS\system32\taskkill.exe
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-10-21 14:18 -------- d-------- C:\Program Files\Common Files
2006-10-21 13:53 -------- d-------- C:\Program Files\Soldier of Fortune II - Double Helix MP TEST
2006-10-21 13:47 13440 --a------ C:\WINDOWS\system32\drivers\USBCRFT.SYS
2006-10-21 11:54 -------- d-------- C:\Program Files\Common Files\Symantec Shared
2006-10-21 11:21 -------- d-------- C:\Documents and Settings\Chris and Lori Lock\Application Data\AVG7
2006-10-21 10:02 -------- d-------- C:\Program Files\Grisoft
2006-10-20 17:22 -------- d-------- C:\Program Files\XoftSpy
2006-10-19 20:32 13998 --a------ C:\Documents and Settings\Chris and Lori Lock\Application Data\wklnhst.dat
2006-10-19 12:24 517 --a------ C:\Program Files\Common Files\mexo
2006-10-19 12:21 -------- d-------- C:\Program Files\PSDream
2006-10-17 16:13 -------- d-------- C:\Program Files\iTunes
2006-10-17 16:13 -------- d-------- C:\Program Files\iPod
2006-10-17 16:12 -------- d-------- C:\Program Files\QuickTime
2006-10-17 15:51 -------- d-------- C:\Program Files\Apple Software Update
2006-10-08 16:36 -------- d-------- C:\Documents and Settings\Chris and Lori Lock\Application Data\AdobeUM
2006-10-07 09:04 -------- d-------- C:\Documents and Settings\Chris and Lori Lock\Application Data\LimeWire
2006-10-03 15:03 -------- d-------- C:\Program Files\Common Files\Motive
2006-10-03 14:33 -------- d---s---- C:\Documents and Settings\Chris and Lori Lock\Application Data\Microsoft
2006-10-03 14:26 -------- d-------- C:\Program Files\Microsoft ActiveSync
2006-10-03 14:26 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-10-03 14:25 -------- d-------- C:\Program Files\Common Files\System
2006-10-03 14:24 -------- d-------- C:\Program Files\Microsoft Office
2006-09-26 19:23 -------- d-------- C:\Program Files\MSN Messenger
2006-09-13 00:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-09-12 19:56 -------- d-------- C:\Program Files\Darkeden International
2006-09-12 19:39 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-09-08 01:08 -------- d-------- C:\Program Files\SmartAudioConverter
2006-09-08 01:02 -------- d-------- C:\Program Files\AltoMP3 Gold
2006-09-07 23:53 22768 --a------ C:\WINDOWS\system32\drivers\usbsermpt.sys
2006-09-07 23:53 -------- d-------- C:\Program Files\Motorola Phone Tools
2006-09-07 23:51 -------- d-------- C:\Program Files\Avanquest update
2006-09-07 20:39 -------- d-------- C:\Program Files\Motorola
2006-09-07 20:39 -------- d-------- C:\Program Files\Common Files\Motorola Shared
2006-09-07 16:53 -------- d-------- C:\Program Files\WinRAR
2006-09-07 12:03 -------- d-------- C:\Program Files\WinZip
2006-09-04 08:35 -------- d-------- C:\Program Files\EndlessOnline
2006-09-04 08:26 -------- d--h----- C:\Program Files\Zero G Registry
2006-09-04 08:26 -------- d-------- C:\Program Files\War of Conquest
2006-09-04 08:22 9 --a------ C:\winmap.dll
2006-09-04 08:22 9 --a------ C:\Program Files\install_log.dat
2006-08-25 10:45 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-24 06:45 -------- d-------- C:\Program Files\Internet Explorer
2006-08-21 07:21 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 04:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-21 04:14 128896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys
2006-08-16 06:58 100352 --a------ C:\WINDOWS\system32\6to4svc.dll
2006-08-07 10:17 61440 --a------ C:\WINDOWS\system32\BattyRun2.dll
2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll
2006-07-27 08:24 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-07-21 03:24 72704 --a------ C:\WINDOWS\system32\hlink.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"EPSON Stylus CX6600 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATI9EA.EXE /P26 \"EPSON Stylus CX6600 Series\" /M \"Stylus CX6600\" /EF \"HKCU\""
"RCT2_TT.exe"="C:\\DOCUME~1\\CHRISA~1\\Desktop\\RCT2_T~1.EXE /r"
"PSDream"="\"C:\\Program Files\\PSDream\\PSDream.exe\""
"CMFibula"="\"C:\\Program Files\\CMFibula\\CMFibula.exe\""
"Bxgn"="C:\\WINDOWS\\system32\\??mbols\\d?xplore.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe"
"Cmaudio"="RunDll32 cmicnfg.cpl,CMICtrlWnd"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"Dit"="Dit.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"EPSON Stylus CX6600 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATI9EA.EXE /P26 \"EPSON Stylus CX6600 Series\" /O6 \"USB001\" /M \"Stylus CX6600\""
"RegistryMechanic"=""
"SprintModemUpdate"="javaw.exe -cp \"C:\\Program Files\\Motive\\FirmwareUpdater\\lib\\SprintModemUpdate.jar\" com.motive.firmwareUpdater.client.SprintModemUpdate"
"Motive SmartBridge"="C:\\PROGRA~1\\SPRINT~1\\SMARTB~1\\SprintDSLAlert.exe"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_07\\bin\\jusched.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"InCDsrv"=dword:00000002
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Symantec NetDetect.job
Completion time: 06-10-21 14:18:19.40
C:\ComboFix.txt ... 06-10-21 14:18
-----------------------------------------------------------------------------------------------------------------------
-----------------------------------------------------------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 2:24:45 PM, on 10/21/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE
C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PSDream\PSDream.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\sprint virtual assistant\bin\mpbtn.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Chris and Lori Lock\Desktop\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
O4 - HKLM\..\Run: [SprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Virtual Assistant.lnk = C:\Program Files\sprint virtual assistant\bin\matcli.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) -
http://www.fileplane...DC_1_0_0_44.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupd...b?1094995388640O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://zone.msn.com/...ro.cab34246.cabO18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe