Ok, here we go...
Panda Scan Log:
Panda Platinum 2005 Internet Security incident report
Filter selected:Virus detected, Suspicious file, Dangerous file, Script execution, Phone connection, Connection attempt, Port scan attack, Denial of service attack, Spoofing, Attacking IP address blocked, Enabled, Disabled, Update, Scan started, Scan complete, Date: All
INCIDENT NOTIFIED BY DATE-TIME RESULT ADDITIONAL INFORMATION
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Scan complete On-demand antivirus scan 06/11/05 13:46:21 Scan: My Computer
Hacking tool detected: Application/K... On-demand antivirus scan 06/11/05 13:41:24 Disinfected Path: C:\System Volume Information\_restore{0A438C3B-A487-4C6D-850C-C76CC3327FD0}\RP1\A0001003.exe
Hacking tool detected: Application/K... On-demand antivirus scan 06/11/05 13:41:23 Disinfected Path: C:\System Volume Information\_restore{0A438C3B-A487-4C6D-850C-C76CC3327FD0}\RP1\A0001002.exe
Adware detected: Adware/Startpage.CM On-demand antivirus scan 06/11/05 13:40:11 Disinfected Path: C:\Program Files\Sunbelt Software\CounterSpy Client\Quarantine\E2781BAF-56BE-4395-BCBF-FA4023\79371421-512F-4DCA-AB06-22250B
Connection attempt Firewall protection 06/11/05 13:24:28 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 13:24:03 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 13:24:03 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 13:22:56 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 13:22:56 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 13:22:45 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 13:22:33 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 13:22:27 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 13:22:21 Blocked Source IP address: 192.168.0.1
Hacking tool detected: Application/K... On-demand antivirus scan 06/11/05 13:15:02 Disinfected Path: C:\hp\bin\Terminator.exe
Hacking tool detected: Application/K... On-demand antivirus scan 06/11/05 13:14:58 Disinfected Path: C:\hp\bin\KillIt.exe
Spyware detected: Cookie/Yadro On-demand antivirus scan 06/11/05 13:12:37 Disinfected Path: C:\Documents and Settings\LocalService\Cookies\system@yadro[2].txt
Spyware detected: Cookie/BurstBeacon On-demand antivirus scan 06/11/05 13:12:37 Disinfected Path: C:\Documents and Settings\LocalService\Cookies\system@www.burstbeacon[2].txt
Spyware detected: Cookie/Twain-Tech On-demand antivirus scan 06/11/05 13:12:36 Disinfected Path: C:\Documents and Settings\LocalService\Cookies\system@servlet[2].txt
Spyware detected: Cookie/OfferOptimizer On-demand antivirus scan 06/11/05 13:12:36 Disinfected Path: C:\Documents and Settings\LocalService\Cookies\system@offeroptimizer[2].txt
Spyware detected: Cookie/Twain-Tech On-demand antivirus scan 06/11/05 13:12:36 Disinfected Path: C:\Documents and Settings\LocalService\Cookies\system@master.mx-targeting[1].txt
Spyware detected: Cookie/Kount On-demand antivirus scan 06/11/05 13:12:36 Disinfected Path: C:\Documents and Settings\LocalService\Cookies\system@kount[2].txt
Spyware detected: Cookie/Belnk On-demand antivirus scan 06/11/05 13:12:36 Disinfected Path: C:\Documents and Settings\LocalService\Cookies\system@dist.belnk[2].txt
Spyware detected: Cookie/Twain-Tech On-demand antivirus scan 06/11/05 13:12:36 Disinfected Path: C:\Documents and Settings\LocalService\Cookies\system@cliks[1].txt
Spyware detected: Cookie/Cassava On-demand antivirus scan 06/11/05 13:12:36 Disinfected Path: C:\Documents and Settings\LocalService\Cookies\system@cassava[1].txt
Spyware detected: Cookie/Enhance On-demand antivirus scan 06/11/05 13:12:36 Disinfected Path: C:\Documents and Settings\LocalService\Cookies\system@c.enhance[1].txt
Spyware detected: Cookie/Belnk On-demand antivirus scan 06/11/05 13:12:36 Disinfected Path: C:\Documents and Settings\LocalService\Cookies\system@belnk[1].txt
Spyware detected: Cookie/YieldManager On-demand antivirus scan 06/11/05 13:12:36 Disinfected Path: C:\Documents and Settings\LocalService\Cookies\system@ad.yieldmanager[1].txt
Spyware detected: Cookie/Abetterinternet On-demand antivirus scan 06/11/05 13:12:35 Disinfected Path: C:\Documents and Settings\LocalService\Cookies\system@abetterinternet[1].txt
Spyware detected: Cookie/888 On-demand antivirus scan 06/11/05 13:12:35 Disinfected Path: C:\Documents and Settings\LocalService\Cookies\system@888[3].txt
Spyware detected: Cookie/888 On-demand antivirus scan 06/11/05 13:12:35 Disinfected Path: C:\Documents and Settings\LocalService\Cookies\system@888[2].txt
Spyware detected: Cookie/Rn11 On-demand antivirus scan 06/11/05 13:11:26 Disinfected Path: C:\Documents and Settings\Owner\Cookies\owner@rn11[2].txt
Spyware detected: Cookie/Belnk On-demand antivirus scan 06/11/05 13:11:26 Disinfected Path: C:\Documents and Settings\Owner\Cookies\owner@dist.belnk[2].txt
Spyware detected: Cookie/DelfinMedia On-demand antivirus scan 06/11/05 13:11:26 Disinfected Path: C:\Documents and Settings\Owner\Cookies\owner@delfinproject[1].txt
Spyware detected: Cookie/Enhance On-demand antivirus scan 06/11/05 13:11:26 Disinfected Path: C:\Documents and Settings\Owner\Cookies\owner@c.enhance[1].txt
Spyware detected: Cookie/nCase On-demand antivirus scan 06/11/05 13:11:26 Disinfected Path: C:\Documents and Settings\Owner\Cookies\owner@banners.searchingbooth[1].txt
Spyware detected: Cookie/Azjmp On-demand antivirus scan 06/11/05 13:11:26 Disinfected Path: C:\Documents and Settings\Owner\Cookies\owner@azjmp[2].txt
Spyware detected: Cookie/YieldManager On-demand antivirus scan 06/11/05 13:11:26 Disinfected Path: C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[1].txt
Spyware detected: Cookie/64.62.232 On-demand antivirus scan 06/11/05 13:11:25 Disinfected Path: C:\Documents and Settings\Owner\Cookies\owner@64.62.232[2].txt
Connection attempt Firewall protection 06/11/05 12:57:27 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:55:54 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:55:54 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:55:48 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:55:47 Blocked Source IP address: 192.168.0.1
Adware detected: Adware/IGetNet On-demand antivirus scan 06/11/05 12:54:23 Disinfected Path: Windows registry
Adware detected: Adware/BookedSpace On-demand antivirus scan 06/11/05 12:54:16 Disinfected Path: Windows registry
Spyware detected: Spyware/ShopNav On-demand antivirus scan 06/11/05 12:54:09 Disinfected Path: Windows registry
Spyware detected: Spyware/Searchcentrix On-demand antivirus scan 06/11/05 12:54:02 Disinfected Path: Windows registry
Adware detected: Adware/FunWeb On-demand antivirus scan 06/11/05 12:53:51 Disinfected Path: Windows registry
Adware detected: Adware/StatBlaster On-demand antivirus scan 06/11/05 12:53:43 Disinfected Path: Windows registry
Dialer detected: Dialer.DK On-demand antivirus scan 06/11/05 12:53:36 Disinfected Path: Windows registry
Adware detected: Adware/Xupiter On-demand antivirus scan 06/11/05 12:53:31 Disinfected Path: Windows registry
Adware detected: Adware/CWS On-demand antivirus scan 06/11/05 12:53:23 Disinfected Path: Windows registry
Adware detected: Adware/SafeSearch On-demand antivirus scan 06/11/05 12:53:08 Disinfected Path: Windows registry
Adware detected: Adware/PowerScan On-demand antivirus scan 06/11/05 12:53:02 Disinfected Path: Windows registry
Adware detected: Adware/PortalScan On-demand antivirus scan 06/11/05 12:52:57 Disinfected Path: C:\WINDOWS\bundles
Spyware detected: Spyware/BetterInet On-demand antivirus scan 06/11/05 12:52:47 Disinfected Path: Windows registry
Adware detected: Adware/BrowserAid On-demand antivirus scan 06/11/05 12:52:39 Disinfected Path: Windows registry
Adware detected: Adware/KeenValue On-demand antivirus scan 06/11/05 12:52:31 Disinfected Path: Windows registry
Adware detected: Adware/TalkStocks On-demand antivirus scan 06/11/05 12:52:21 Disinfected Path: Windows registry
Dialer detected: Dialer.CN On-demand antivirus scan 06/11/05 12:52:16 Disinfected Path: Windows registry
Dialer detected: Dialer.CE On-demand antivirus scan 06/11/05 12:52:11 Disinfected Path: Windows registry
Adware detected: Adware/Lop On-demand antivirus scan 06/11/05 12:52:07 Disinfected Path: Windows registry
Spyware detected: Spyware/ClearSearch On-demand antivirus scan 06/11/05 12:51:59 Disinfected Path: Windows registry
Spyware detected: Spyware/DynaDesk On-demand antivirus scan 06/11/05 12:51:52 Disinfected Path: Windows registry
Spyware detected: Spyware/Dyfuca On-demand antivirus scan 06/11/05 12:51:47 Disinfected Path: Windows registry
Adware detected: Adware/DownloadWare On-demand antivirus scan 06/11/05 12:51:41 Disinfected Path: Windows registry
Adware detected: Adware/ScBar On-demand antivirus scan 06/11/05 12:51:35 Disinfected Path: Windows registry
Adware detected: Adware/MyWay On-demand antivirus scan 06/11/05 12:51:30 Disinfected Path: Windows registry
Adware detected: Adware/Gator On-demand antivirus scan 06/11/05 12:51:22 Disinfected Path: Windows registry
Adware detected: Adware/SaveNow On-demand antivirus scan 06/11/05 12:51:13 Disinfected Path: Windows registry
Dialer detected: Dialer.B On-demand antivirus scan 06/11/05 12:51:03 Disinfected Path: Windows registry
Scan started On-demand antivirus scan 06/11/05 12:50:46 Scan: My Computer
Connection attempt Firewall protection 06/11/05 12:50:03 Blocked Application: C:\WINDOWS\system32\svchost.exe
Connection attempt Firewall protection 06/11/05 12:49:58 Blocked Application: C:\WINDOWS\system32\svchost.exe
Update Update system 06/11/05 12:46:40 Correct New version: 90201
Update Update system 06/11/05 12:46:38 Correct New virus signatures: 2866
Connection attempt Firewall protection 06/11/05 12:45:37 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:45:30 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:45:24 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:45:18 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:45:11 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:45:05 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:44:56 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:44:50 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:44:43 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:44:36 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:44:29 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:44:21 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:44:15 Blocked Source IP address: 192.168.0.1
Update Update system 06/11/05 12:43:58 Incorrect Error: Error in the download process
Connection attempt Firewall protection 06/11/05 12:43:56 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:43:51 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:43:44 Blocked Source IP address: 192.168.0.1
Connection attempt Firewall protection 06/11/05 12:43:37 Blocked Source IP address: 192.168.0.1
---------------------------------
CounterSpy Scan:
Spyware Scan Details
Start Date: 6/11/2005 2:23:10 PM
End Date: 6/11/2005 2:26:00 PM
Total Time: 2 mins 50 secs
Detected spyware
No spyware were found during this scan.
Detected Spyware Cookies
RegNow
-------------------------------------------
HijackThis Log:
Logfile of HijackThis v1.99.1
Scan saved at 3:22:54 PM, on 6/11/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\PackethSvc.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PsImSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\SRVLOAD.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\System32\hphmon03.exe
C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe
C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intuit\QuickBooks Basic\Components\QBAgent\qbdagent2002.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\QUICKENW\QWDLLS.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\HEWLET~1\PHOTOS~1\HPSHAR~1\hpgs2wnf.exe
C:\WINDOWS\System32\HPHipm09.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\apvxdwin.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\WebProxy.exe
C:\Program Files\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_1.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_1.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\System32\hphmon03.exe
O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [sunasDtServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\RunServices: [PANDA ANTISPAM SERVER SERVICE] "C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe"
O4 - HKCU\..\Run: [Extreme Messenger for AIM] C:\Program Files\Extreme Messenger\ExtremeMessenger.exe nosplash
O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Billminder.lnk = C:\Program Files\QUICKENW\BILLMIND.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: QuickBooks 2002 Delivery Agent.lnk = C:\Program Files\Intuit\QuickBooks Basic\Components\QBAgent\qbdagent2002.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\QUICKENW\QWDLLS.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) -
http://download.mcafee.com/molbin/Shared/MGBrwFld.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Me ... b28578.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid= ... lcid=0x409
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/Mi ... b28578.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} (AOL Content Update) -
http://esupport.aol.com/help/acp2/engin ... core_1.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52/200 ... taller.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) -
http://download.mcafee.com/molbin/share ... insctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v ... 7392481625
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) -
http://www3.ca.com/securityadvisor/viru ... ebscan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Me ... b28578.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://messenger.zone.msn.com/binary/ZI ... b28578.cab
O16 - DPF: {C68F9105-04FD-4B48-B6CC-2A076F711C35} (HpodPCFileCtrl2 Class) -
file://E:\MEMDISC\ALBUM_A\VIEW\PLUGIN\HPODPCFC.CAB
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) -
http://ax.phobos.apple.com.edgesuite.ne ... tector.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) -
http://messenger.zone.msn.com/binary/WoF.cab28578.cab
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: IomegaAccess - Iomega Corporation - C:\WINDOWS\System32\IomegaAccess.exe
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\System32\PackethSvc.exe
O23 - Service: Panda Antispam Server Service (PASSRV) - Unknown owner - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
O23 - Service: Panda Pavkre (Pavkre) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
O23 - Service: Panda PavProt (PavProt) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\System32\HPHipm09.exe
O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PsImSvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
----------------------------------
Let me know what's next