as per your request, pasted below are the mbam and hjt logs.
mbam log
Malwarebytes' Anti-Malware 1.04
Database version: 385
Scan type: Full Scan (C:\|)
Objects scanned: 116205
Time elapsed: 42 minute(s), 48 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 26
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 59
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{fa16fe06-b462-470e-9653-79c54b1871ff} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fa16fe06-b462-470e-9653-79c54b1871ff} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fc7ff7dc-c5f6-d3ca-d1f2-cd9e1fc437eb} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fc7ff7dc-c5f6-d3ca-d1f2-cd9e1fc437eb} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\e404.e404mgr (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\e404.e404mgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f10587e9-0e47-4cbe-84ae-7dd20b8684cc} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f10587e9-0e47-4cbe-84ae-7dd20b8684cc} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSControlService (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\E404.e404mgr (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchsearchassistant.auxiliary (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchsearchassistant.auxiliary.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.progressivecounterplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.progressivecounterplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.slotplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.slotplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.textplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.textplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{fa16fe06-b462-470e-9653-79c54b1871ff} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Kernel32_sysdamper (Trojan.Downloader) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\SYSTEM32\frszcsno.dllbox (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Patricia\LOCALS~1\Temp\GLC10.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\Deckard\System Scanner\backup\DOCUME~1\Patricia\LOCALS~1\Temp\GLK2.tmp (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Deckard\System Scanner\backup\WINDOWS\temp\AE8AB41F91F72503.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\bob\Local Settings\Temp\win22.exe (Adware.Clickspring) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\WU0C27VZ\df34[1].htm (Trojan.Alphabet) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP694\A0089645.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP694\A0089670.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP694\A0089685.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP694\A0089713.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP694\A0089714.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP694\A0089718.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP694\A0089735.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP694\A0089746.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP694\A0089800.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP695\A0090796.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP695\A0090810.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP695\A0090836.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP696\A0090964.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP696\A0090991.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP696\A0091009.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP696\A0091029.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP696\A0092027.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP696\A0092041.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP696\A0092109.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP696\A0092129.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP696\A0092148.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP696\A0092182.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP697\A0092201.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP698\A0092244.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP698\A0092257.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP698\A0092268.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP698\A0092277.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP698\A0092286.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP698\A0093289.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP699\A0093317.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP702\A0093479.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP702\A0093495.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP703\A0093504.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP703\A0094526.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP703\A0094537.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP703\A0094555.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP703\A0094573.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP703\A0094578.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP703\A0094592.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP703\A0094604.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP703\A0094611.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP704\A0094629.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP705\A0094639.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP705\A0094663.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP705\A0094677.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP706\A0095789.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP706\A0095835.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP719\A0098315.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\AE8AB41F91F72503.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\iphttphl2.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\drvloxr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\sysdamp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\dxdss.sys (Backdoor.Rustock) -> Delete on reboot.
hjt log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:38:23 PM, on 2/21/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NewDotNet\nnrun.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\Program Files\NewDotNet\nnrun.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dellnet.comR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://securityresponse.symantec.com/av ... _homepage/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {43FBA454-48D6-4805-AB4B-8ECAE9EBA5C9} - C:\WINDOWS\system32\ddabc.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: {623e9481-90e0-bb2b-5414-6b2fa04bbeaf} - {faebb40a-f2b6-4145-b2bb-0e091849e326} - C:\WINDOWS\system32\vgmbkogf.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [5ce5652f] rundll32.exe "C:\WINDOWS\system32\yaeflttm.dll",b
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [BM5fd656b3] Rundll32.exe "C:\WINDOWS\system32\daaixfbt.dll",s
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &AIM Search -
res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Google Search -
res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links -
res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -
res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages -
res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English -
res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) -
http://zone.msn.com/binFrameWork/v10/St ... b55579.cabO16 - DPF: {11B2C0D3-DFFB-11D3-9253-00500498D7E5} (ShowSetupObj5 Class) -
http://invite.mshow.com/(03scdg45v5evnx55dasmbf2o)/ShowSetup5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} -
http://us.chat1.yimg.com/us.yimg.com/i/ ... acscom.cabO16 - DPF: {2F29658D-FB92-4A4F-8FFF-0D1BC1BA52C5} (GlassRoomVoice Control) -
http://chats.chatessentials.com/hosts/k ... mVoice.cabO16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) -
http://www.symantec.com/techsupp/asa/ctrl/SymAData.cabO16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) -
http://zone.msn.com/BinFrameWork/v10/ZB ... b55579.cabO16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) -
http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cabO16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) -
http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cabO16 - DPF: {544EB377-350A-4295-9BEB-EAB8392E09C6} (MSN Money Charting) -
http://fdl.msn.com/public/investor/v13/invinstl.exeO16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) -
http://zone.msn.com/binframework/v10/ZP ... b55579.cabO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/resourc ... oscan8.cabO16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} -
http://www.sidestep.com/get/k42037/sb02b.cabO16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/Shar ... /cabsa.cabO16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} -
http://chat.yahoo.com/cab/yacsui.cabO16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} -
http://dm.screensavers.com/dm/installer ... taller.cabO16 - DPF: {8C410098-8BA7-4550-A0A4-6959C02FC935} (karCntrlIE Class) -
http://karaoke.oddcast.com//karClientIE.cabO16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) -
http://ftp.us.dell.com/fixes/PROFILER.CABO16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} (MSN Games – Hearts) -
http://zone.msn.com/bingame/zpagames/zp ... b67031.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan ... asinst.cabO16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} -
https://a248.e.akamai.net/f/248/5462/2h ... mDlBrg.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://cdn2.zone.msn.com/binFramework/v ... b56649.cabO16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} -
http://us.dl1.yimg.com/download.yahoo.c ... mplete.cabO16 - DPF: {C2F38867-251C-4216-9B1C-BBE89B8700E2} (iVocalize Internet Conference 3 Setup) -
http://www.talkingcommunities.com/client3/ivsetup3.cabO16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} -
https://www-secure.symantec.com/techsup ... mAData.cabO16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) -
https://spinpalace.microgaming.com/freeplay/FlashAX.cabO16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) -
http://zone.msn.com/binframework/v10/St ... b55579.cabO20 - Winlogon Notify: frszcsno - frszcsno.dll (file missing)
O20 - Winlogon Notify: opnopnk - opnopnk.dll (file missing)
O20 - Winlogon Notify: winopn32 - winopn32.dll (file missing)
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - (no file)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: NNServ - New.net, Inc. - C:\Program Files\NewDotNet\nnrun.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
--
End of file - 12341 bytes