I seem to be having problems with removing programs due to errors with install shield. I have trieds various tips but cant seem to log in under my administrator option. I have run ad-aware - spybot - macafee antispyware - trend micro and hevn't come up with much but when running mwva found 25 virus entries. I have included both HJT and mwv logs.
Thanks for the help!
===============================================
MWVA Log
Object "cws.loadadv.400 Browser Hijacker" found in File System! Action Taken: No Action Taken.
Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "clientman Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "whenu.savenow Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "whenu.savenow Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "whenu.savenow Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "whenu.savenow Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "whenu.savenow Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "whenu.savenow Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "whenu.savenow Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "whenu.savenow Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "whenu.savenow Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "whenu.savenow Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "startsurfing Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "gonnasearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "gonnasearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "clipgenie Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "cws.therealsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "cws.therealsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "zipitpro Spyware/Adware" found in File System! Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\system32\DDMI.VXD". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\system32\DLPT.VXD". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "InstallShield_{47808F78-F178-49DC-B708-15FE538B16FF}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "InstallShield_{765E6D73-8D2A-4EA6-A95E-3000C211BBD4}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB873339". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB887472". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB898461". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "mplibwiz.inf". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "PROSet". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "SlimBrowser". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{48691011-BF12-407D-9A7E-8772485CDAA2}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{4E9C3F2D-C654-453E-B1AD-9F231905A50D}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{73819BA2-2E8B-430B-A6C9-0D89657DC865}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{7BF7B688-4A95-4003-BA98-EA8A79DA0ABA}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{8997F2E8-9CA1-44FF-9DAD-D3E5EB4B41F7}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{9C2EDC9C-EF3B-443A-BB2C-3488DAC7247E}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{A27F2A64-3D23-4449-B395-75335CED458E}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{E8D25E54-D172-4FB0-929B-48D51E2E9C6D}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{FB015BB0-5518-4767-9DE4-F9A5C7C62E46}". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9BE8D7B2-329C-442A-A4AC-ABA9D7572602}" refers to invalid object "c:\program files\mcafee.com\agent\submgr\5,1,0,1\mcsubmgr.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{0A1D1FC1-E7D5-4A00-A3CB-F3E450F7D170}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{155B3F27-CDEE-4FE2-8CC5-8D08882FDE15}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{2293FA8E-8FE7-4147-9706-BC1688C339A2}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{26BF9366-95A2-463B-8237-238114494AF7}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{2DBDEE9B-56B8-4E14-8A48-D20C64AAA673}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{3849C543-5916-42C8-AB90-5545DF70D302}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{51076341-C7DE-4745-9E02-E36E34FCCC56}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{58EBECEB-C6A1-4565-A650-5610F7F0FBCF}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{5C15D2EF-34AB-48FC-876C-3A64961E10C1}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{6F3F3EF2-AA93-487B-A25C-BD67735E53B9}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{7AF322C5-AB43-11D4-A00B-0050DA18DE71}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{7B28B7CA-C9C2-442C-BBED-8A121E75CA1D}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{95117066-315E-4CAE-BE3D-E7897D3F98BC}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{989E6670-3798-4C35-AA11-EB4E18F404C4}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{AB99CA0B-498E-4938-862C-F0CEC262EA69}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{B0528CD1-F67E-11D2-8F8E-00C04F4C3B9F}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{BD601F60-EF53-434B-9B63-E7B706243203}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{CA66D704-5280-4A20-B1A4-698B396FF039}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{D3470F50-AB2B-40B4-B75E-057BB3487550}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{D6D80D13-633A-444C-9829-4A3013D7FFBB}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{DA2FAE70-6518-4700-A264-3500A380F695}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{DD3FCE4D-8442-4EFA-A71E-1C131F502F4A}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{E86F5307-002B-49A2-89C4-0784C44052C4}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{ED725281-1CBF-11D3-B649-00A0CC27659B}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{F0F69A8F-9388-4EEE-9977-BD8AB18C5733}" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\.scd" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\.sch" refers to invalid object "blank". Action Taken: No Action Taken.
Entry "HKCR\CDFeatureRRObject.CDFeatureRR" refers to invalid object "{4B9A5F7D-7908-4E59-B2DA-216D42B692B0}". Action Taken: No Action Taken.
Entry "HKCR\CLImageEnhance.ImageEnhance" refers to invalid object "{8E72B2F3-1F08-4C86-A789-451FEE79715B}". Action Taken: No Action Taken.
Entry "HKCR\ComTruSurroundXT.SRSTruSurroundXT" refers to invalid object "{5E2663C1-51B3-49B7-B081-70181C2AF816}". Action Taken: No Action Taken.
Entry "HKCR\ComTruSurroundXT.SRSTruSurroundXTPropertyPage" refers to invalid object "{AFA95F79-06AC-4B9A-B261-D415063DC2B3}". Action Taken: No Action Taken.
Entry "HKCR\ComTruSurroundXT.SRSTruSurroundXTPropertyPage.1" refers to invalid object "{AFA95F79-06AC-4B9A-B261-D415063DC2B3}". Action Taken: No Action Taken.
Entry "HKCR\ComWOWSurround.SRSTruSurroundXTBlock" refers to invalid object "{88007BE6-7171-46F0-858B-852DAD96016D}". Action Taken: No Action Taken.
Entry "HKCR\ComWOWSurround.TSXTBlockPropertyPage" refers to invalid object "{F69B7E4A-4A83-4485-8860-85DAA196D745}". Action Taken: No Action Taken.
Entry "HKCR\DSP.DSPDMOProp_Chorus" refers to invalid object "{6F63B172-5543-4593-91CE-EDBA65B9FACD}". Action Taken: No Action Taken.
Entry "HKCR\DsRead.MvfDsConfig" refers to invalid object "{CC00DB18-6181-453E-AC73-29556FA75D49}". Action Taken: No Action Taken.
Entry "HKCR\DsRead.MvfDSDVD" refers to invalid object "{4A4628EE-6867-4D3A-A4BB-53AD3D5B6117}". Action Taken: No Action Taken.
Entry "HKCR\DsRead.MvfDsPreview" refers to invalid object "{1E737355-AF3D-4845-97F1-0CDE264DD429}". Action Taken: No Action Taken.
Entry "HKCR\DsRead.MvfDsRead" refers to invalid object "{462D5E80-B0B3-11d4-991B-00D0B75D9023}". Action Taken: No Action Taken.
Entry "HKCR\DsRead.MvfDsWrite" refers to invalid object "{462D5E81-B0B3-11d4-991B-00D0B75D9023}". Action Taken: No Action Taken.
Entry "HKCR\DsRead.MvfImgRead" refers to invalid object "{E78AC518-7DA2-4A3D-A4FC-90A2C383F9DC}". Action Taken: No Action Taken.
Entry "HKCR\Fff.MvfDSFileBurn" refers to invalid object "{5DF04EA8-5B64-491E-9B9A-7253D2C62870}". Action Taken: No Action Taken.
Entry "HKCR\MailFileAtt" refers to invalid object "{00020D05-0000-0000-C000-000000000046}". Action Taken: No Action Taken.
Entry "HKCR\mapifvbx.object" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
Entry "HKCR\mapifvbx.object.1" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
Entry "HKCR\Shell.Autoplay" refers to invalid object "{995C996E-D918-4a8c-A302-45719A6F4EA7}". Action Taken: No Action Taken.
Entry "HKCR\Shell.Autoplay.1" refers to invalid object "{995C996E-D918-4a8c-A302-45719A6F4EA7}". Action Taken: No Action Taken.
Entry "HKCR\Shell.AutoplayForSlideShow" refers to invalid object "{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}". Action Taken: No Action Taken.
Entry "HKCR\Shell.HWEventHandlerShellExecute" refers to invalid object "{FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}". Action Taken: No Action Taken.
Entry "HKCR\SkinMgr.SkinMgrObj" refers to invalid object "{2294C466-0D91-4689-9762-C1E92CF079BB}". Action Taken: No Action Taken.
Entry "HKCR\Windows.BlockedDrivers" refers to invalid object "{783C030F-E948-487D-B35D-94FCF0F0C172}". Action Taken: No Action Taken.
Entry "HKCR\WMSServer.Server" refers to invalid object "{845FB959-4279-11D2-BF23-00805FBE84A6}". Action Taken: No Action Taken.
Entry "HKCR\WMSServer.Server.9" refers to invalid object "{845FB959-4279-11D2-BF23-00805FBE84A6}". Action Taken: No Action Taken.
===============================================
Logfile of HijackThis v1.99.1
Scan saved at 7:04:24 AM, on 10/1/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\system32\gearsec.exe
c:\progra~1\mcafee\MCAFEE~1\MssSrv.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\Program Files\McAfee.com\Personal Firewall\MpfTray.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\PROGRA~1\Dantz\RETROS~1\RetroExpress.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
C:\DOCUME~1\Ric\LOCALS~1\Temp\mwavscan.com
C:\DOCUME~1\Ric\LOCALS~1\Temp\kavss.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pccheckup.dellfix.com/rel/?rands ... 9551101865
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us.mcafee.com/root/regwizard/Reg ... xample.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\McAfee.com\Personal Firewall\MpfTray.exe
O4 - HKLM\..\Run: [_AntiSpyware] C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [RetroExpress] C:\PROGRA~1\Dantz\RETROS~1\RetroExpress.exe /h
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} (AOL Content Update) - http://esupport.aol.com/help/acp2/engin ... core_1.cab
O16 - DPF: {3C200107-2959-4C6E-91B8-F6D911B398A8} (Driver_Detective_v43_Members.DD_v43) - http://www.drivershq.com/cab/prod/Drive ... embers.CAB
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/share ... insctl.cab
O16 - DPF: {54823A9D-6BAE-11D5-B519-0050BA2413EB} (ChkDVDCtl Class) - http://www.gocyberlink.com/english/cybe ... ChkDVD.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 7697851453
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 4648890515
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} (McAfee Virtual Technician Control Class) - http://us-download.mcafee.com/products/ ... vt/mvt.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/viru ... ebscan.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/share ... cgdmgr.cab
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/35/ins ... downde.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15016/CTPID.cab
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee AntiSpyware Real-Time Scanner (McAfeeAntiSpyware) - McAfee, Inc. - c:\progra~1\mcafee\MCAFEE~1\MssSrv.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Retrospect Express HD Restore Helper (RetroExp Helper) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\rthlpsvc.exe
O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
(Message edited by administrator for privacy)