I ran ComboFix. This resulted in a slight increas in the startup speed when windows loads and the odd desktop background mentioned before. The deasktop is still being redirected to the TEMP directory though and no network connectivity. Here is the ComboFix log and a new HJT log:
ComboFix 07-10-09.2 - Ginger 2007-10-08 23:40:36.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.117 [GMT -4:00]
Running from: C:\Documents and Settings\TEMP\Desktop\ComboFix(2).exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data.\salesmonitor
C:\Documents and Settings\All Users\Application Data.\winantispyware 2007
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2007
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2007\Data\Abbr
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2007\Data\ActivationCode
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2007\Data\ProductCode
C:\Documents and Settings\Ginger\Application Data\CURITY~1
C:\Documents and Settings\Ginger\Application Data\install.dat
C:\Documents and Settings\Ginger\Application Data\install.dat
C:\Documents and Settings\Ginger\Application Data\microsoft\internet explorer\Desktop.htt
C:\Documents and Settings\Ginger\Application Data\WinAntiSpyware 2007 Free
C:\Documents and Settings\Ginger\Application Data\WinAntiSpyware 2007 Free\description.txt
C:\Documents and Settings\Ginger\Application Data\WinAntiSpyware 2007 Free\description.txt
C:\Documents and Settings\Ginger\Application Data\WinAntiSpyware 2007 Free\DownloadUWAS7.url
C:\Documents and Settings\Ginger\Application Data\WinAntiSpyware 2007 Free\DownloadUWAS7.url
C:\Documents and Settings\Ginger\Application Data\WinAntiSpyware 2007
C:\Documents and Settings\Ginger\Application Data\WinAntiVirus Pro 2007
C:\Documents and Settings\Ginger\Application Data\WinAntiVirus Pro 2007\avtasks.dat
C:\Documents and Settings\Ginger\Application Data\WinAntiVirus Pro 2007\CookieList.dat
C:\Documents and Settings\Ginger\Application Data\WinAntiVirus Pro 2007\history.db
C:\Documents and Settings\Ginger\Application Data\WinAntiVirus Pro 2007\Logs\wa7Support.log
C:\Documents and Settings\Ginger\Application Data\WinAntiVirus Pro 2007\Logs\winav.log
C:\Documents and Settings\Ginger\Application Data\WinAntiVirus Pro 2007\PGE.dat
C:\Documents and Settings\Ginger\Desktop\bravesentry.lnk
C:\Documents and Settings\Ginger\err.log
C:\Documents and Settings\Ginger\Start Menu\Programs\Brave-Sentry
C:\Documents and Settings\Ginger\Start Menu\Programs\Brave-Sentry\BraveSentry.lnk
C:\Documents and Settings\Ginger\Start Menu\Programs\Brave-Sentry\Uninstall.lnk
C:\Program Files\3721
C:\Program Files\3721\assist\asbar.dll
C:\Program Files\3721\helper.dll
C:\Program Files\Accoona
C:\Program Files\Accoona\ASearchAssist.dll
C:\Program Files\akl
C:\Program Files\akl\akl.dll
C:\Program Files\akl\akl.exe
C:\Program Files\akl\curlog.htm
C:\Program Files\akl\keylog.txt
C:\Program Files\akl\readme.txt
C:\Program Files\akl\uninstall.exe
C:\Program Files\akl\unsetup.dat
C:\Program Files\akl\unsetup.exe
C:\Program Files\amsys
C:\Program Files\amsys\awmsg.dat
C:\Program Files\amsys\guid.dat
C:\Program Files\amsys\ijl15.dll
C:\Program Files\amsys\mfc42.dll
C:\Program Files\amsys\msvcrt.dll
C:\Program Files\amsys\unins000.dat
C:\Program Files\amsys\unis000.exe
C:\Program Files\amsys\winam.dat
C:\Program Files\appatc~1
C:\Program Files\Common Files\winantispyware 2007
C:\Program Files\Common Files\winantispyware 2007\err.log
C:\Program Files\Common Files\WinAntiSpyware 2007\err.log
C:\Program Files\Common Files\winantivirus pro 2007
C:\Program Files\e-zshopper
C:\Program Files\e-zshopper\BarLcher.dll
C:\temp\0c2
C:\temp\0c2\tmpFF.log
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\UWA7P
C:\WINDOWS\764.exe
C:\WINDOWS\7search.dll
C:\WINDOWS\aconti.exe
C:\WINDOWS\adbar.dll
C:\WINDOWS\cbinst$.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\daxtime.dll
C:\WINDOWS\dp0.dll
C:\WINDOWS\eventlowg.dll
C:\WINDOWS\fhfmm-Uninstaller.exe
C:\WINDOWS\fhfmm.exe
C:\WINDOWS\flt.dll
C:\WINDOWS\hcwprn.exe
C:\WINDOWS\hotporn.exe
C:\WINDOWS\ie_32.exe
C:\WINDOWS\iexplorr23.dll
C:\WINDOWS\jd2002.dll
C:\WINDOWS\kkcomp$.exe
C:\WINDOWS\kkcomp.dll
C:\WINDOWS\kkcomp.exe
C:\WINDOWS\kvnab$.exe
C:\WINDOWS\kvnab.dll
C:\WINDOWS\kvnab.exe
C:\WINDOWS\liqad$.exe
C:\WINDOWS\liqad.dll
C:\WINDOWS\liqad.exe
C:\WINDOWS\liqui-Uninstaller.exe
C:\WINDOWS\liqui.dll
C:\WINDOWS\liqui.exe
C:\WINDOWS\ngd.dll
C:\WINDOWS\pbar.dll
C:\WINDOWS\pbsysie.dll
C:\WINDOWS\settn.dll
C:\WINDOWS\spredirect.dll
C:\WINDOWS\system32\bndownyv.dll
C:\WINDOWS\system32\cqjbddij.dll
C:\WINDOWS\system32\D2
C:\WINDOWS\system32\drivers\bg_bg.gif
C:\WINDOWS\system32\drivers\blank.gif
C:\WINDOWS\system32\drivers\box_1.gif
C:\WINDOWS\system32\drivers\box_2.gif
C:\WINDOWS\system32\drivers\box_3.gif
C:\WINDOWS\system32\drivers\button_buynow.gif
C:\WINDOWS\system32\drivers\button_freescan.gif
C:\WINDOWS\system32\drivers\cell_bg.gif
C:\WINDOWS\system32\drivers\cell_footer.gif
C:\WINDOWS\system32\drivers\cell_header_block.gif
C:\WINDOWS\system32\drivers\cell_header_remove.gif
C:\WINDOWS\system32\drivers\cell_header_scan.gif
C:\WINDOWS\system32\drivers\close_ico.gif
C:\WINDOWS\system32\drivers\detect.htm
C:\WINDOWS\system32\drivers\download_box.gif
C:\WINDOWS\system32\drivers\download_btn.jpg
C:\WINDOWS\system32\drivers\download_now_btn.gif
C:\WINDOWS\system32\drivers\footer_back.jpg
C:\WINDOWS\system32\drivers\header_1.gif
C:\WINDOWS\system32\drivers\header_2.gif
C:\WINDOWS\system32\drivers\header_3.gif
C:\WINDOWS\system32\drivers\header_4.gif
C:\WINDOWS\system32\drivers\header_red_bg.gif
C:\WINDOWS\system32\drivers\header_red_free_scan.gif
C:\WINDOWS\system32\drivers\header_red_free_scan_bg.gif
C:\WINDOWS\system32\drivers\header_red_protect_your_pc.gif
C:\WINDOWS\system32\drivers\icon_warning_big.gif
C:\WINDOWS\system32\drivers\infected.gif
C:\WINDOWS\system32\drivers\main_back.gif
C:\WINDOWS\system32\drivers\perfect_cleaner_box.jpg
C:\WINDOWS\system32\drivers\product_1_header.gif
C:\WINDOWS\system32\drivers\product_1_name_small.gif
C:\WINDOWS\system32\drivers\product_2_header.gif
C:\WINDOWS\system32\drivers\product_2_name_small.gif
C:\WINDOWS\system32\drivers\product_3_header.gif
C:\WINDOWS\system32\drivers\product_3_name_small.gif
C:\WINDOWS\system32\drivers\product_features.gif
C:\WINDOWS\system32\drivers\pt.htm
C:\WINDOWS\system32\drivers\rating.gif
C:\WINDOWS\system32\drivers\remove_spyware_header.gif
C:\WINDOWS\system32\drivers\s_detect.htm
C:\WINDOWS\system32\drivers\screenshot.jpg
C:\WINDOWS\system32\drivers\sep_hor.gif
C:\WINDOWS\system32\drivers\sep_vert.gif
C:\WINDOWS\system32\drivers\shadow.jpg
C:\WINDOWS\system32\drivers\shadow_bg.gif
C:\WINDOWS\system32\drivers\spacer.gif
C:\WINDOWS\system32\drivers\spy_away_box.jpg
C:\WINDOWS\system32\drivers\spyware_detected.gif
C:\WINDOWS\system32\drivers\star.gif
C:\WINDOWS\system32\drivers\star_gray.gif
C:\WINDOWS\system32\drivers\star_gray_small.gif
C:\WINDOWS\system32\drivers\star_small.gif
C:\WINDOWS\system32\drivers\style.css
C:\WINDOWS\system32\drivers\v.gif
C:\WINDOWS\system32\drivers\warning_ico.gif
C:\WINDOWS\system32\drivers\warning_icon.gif
C:\WINDOWS\system32\drivers\win_logo.gif
C:\WINDOWS\system32\drivers\x.gif
C:\WINDOWS\system32\drivers\yellow_warning_ico.gif
C:\WINDOWS\system32\dxdbvdud.dll
C:\WINDOWS\system32\ESHOPEE.exe
C:\WINDOWS\system32\f02WtR
C:\WINDOWS\system32\gtv_sd.bin
C:\WINDOWS\system32\msole32.exe
C:\WINDOWS\system32\stera.log
C:\WINDOWS\system32\vxddsk.exe
C:\WINDOWS\system32\win
C:\WINDOWS\system32\wml.exe
C:\WINDOWS\system32\X1
C:\WINDOWS\system32\X11
C:\WINDOWS\system32\X3
C:\WINDOWS\system32\X7
C:\WINDOWS\vxddsk.exe
C:\WINDOWS\wbeCheck.exe
C:\WINDOWS\wbeInst$.exe
C:\WINDOWS\wbun.exe
C:\WINDOWS\wml.exe
C:\WINDOWS\xadbrk.dll
C:\WINDOWS\xadbrk.exe
C:\WINDOWS\xadbrk_.exe
C:\WINDOWS\xxxvideo.exe
C:\WINDOWS\ystem~1
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_FOPN
((((((((((((((((((((((((( Files Created from 2007-09-09 to 2007-10-09 )))))))))))))))))))))))))))))))
.
2007-10-08 23:38 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-08 19:57 <DIR> d-------- C:\update
2007-10-08 19:28 82,258 --a------ C:\WINDOWS\system32\drivers\klin.dat
2007-10-08 19:28 82,258 --a------ C:\WINDOWS\system32\drivers\klick.dat
2007-10-08 19:26 <DIR> d-------- C:\Program Files\Kaspersky Lab
2007-10-08 19:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-10-08 19:26 921,120 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-10-08 19:26 10,528 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-10-08 19:25 <DIR> d-------- C:\KAV
2007-09-15 23:18 <DIR> d-------- C:\WINDOWS\ERUNT
2007-09-14 22:05 <DIR> d-------- C:\Program Files\Trend Micro
2007-09-13 21:54 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\U3
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-09 03:52 2,036 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2007-10-09 03:52 13,388 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2007-10-09 03:34 --------- d-----w C:\Documents and Settings\TEMP\Application Data\U3
2007-10-09 03:34 --------- d-----w C:\Documents and Settings\TEMP\Application Data\U3
2007-10-09 03:34 --------- d-----w C:\Documents and Settings\TEMP\Application Data\U3
2007-10-09 02:48 --------- d-----w C:\Program Files\Rabio
2007-09-13 01:42 --------- d-----w C:\Program Files\Yahoo!
2007-09-08 01:50 17,408 ----a-w C:\psapi.dll
2007-09-08 01:04 --------- d-----w C:\Program Files\Azureus
2007-09-07 23:39 --------- d-----w C:\Program Files\a-squared Free
2007-09-07 22:50 --------- d-----w C:\Documents and Settings\LocalService\Application Data\NetMon
2007-09-07 08:34 --------- d-----w C:\Documents and Settings\NetworkService\Application Data\NetMon
2007-09-06 18:53 --------- d-----w C:\Program Files\LimeWire
2007-09-06 18:53 --------- d-----w C:\Program Files\Incomplete
2007-08-31 21:27 21,419 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys
2007-08-31 21:26 --------- d-----w C:\Program Files\TRENDnet
2007-08-30 01:09 --------- d-----w C:\Documents and Settings\Ginger\Application Data\Tenebril
2007-08-30 01:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Tenebril
2007-08-27 03:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-08-27 00:14 --------- d-----w C:\Documents and Settings\Ginger\Application Data\Lycos
2007-08-26 23:12 --------- d-----w C:\Program Files\Enigma Software Group
2007-08-25 19:20 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-08-25 19:20 --------- d-----w C:\Program Files\ATI Technologies
2007-08-25 19:16 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-08-25 17:20 --------- d-----w C:\Documents and Settings\Ginger\Application Data\U3
2007-08-17 07:01 --------- d-----w C:\Program Files\MSXML 4.0
2007-08-13 17:12 --------- d-----w C:\Program Files\CCleaner
2007-08-13 16:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google
2007-08-13 16:00 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-08-13 16:00 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-08-13 15:57 --------- d-----w C:\Program Files\Lavasoft
2007-08-13 15:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-08-13 15:56 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-08-10 06:54 --------- d-----w C:\Documents and Settings\Ginger\Application Data\acccore
2007-08-10 06:53 --------- d-----w C:\Program Files\AIM6
2007-08-10 06:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL OCP
2007-08-10 06:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2007-08-10 06:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL Downloads
2007-08-10 06:51 --------- d-----w C:\Program Files\Viewpoint
2007-08-10 06:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2007-08-10 06:50 --------- d-----w C:\Program Files\Common Files\AOL
2007-08-10 06:36 --------- d-----w C:\Documents and Settings\Ginger\Application Data\Lavasoft
2004-07-19 19:11 67 -c--a-w C:\Documents and Settings\Ginger\x.bat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AB5FE6E5-7C72-4B89-85D0-D57E7AEAC236}]
C:\WINDOWS\system32\oembios32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-12-28 14:10]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-03 21:10]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" []
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-06-28 12:51]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Wireless Configuration Utility HW.15.lnk - C:\Program Files\TRENDnet\TRENDnet TEW-421PC_TEW-423PI\WlanCU.exe [2007-01-30 14:57:42]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
AutoRun\command - D:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
AutoRun\command - E:\LaunchU3.exe -a
.
**************************************************************************
catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-10-08 23:54:18
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
Completion time: 2007-10-08 23:57:09 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-10-08 23:56
.
--- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:14:38 PM, on 10/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TRENDnet\TRENDnet TEW-421PC_TEW-423PI\WlanCU.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\taskmgr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: oembios32.msdn_hlp - {AB5FE6E5-7C72-4B89-85D0-D57E7AEAC236} - C:\WINDOWS\system32\oembios32.dll (file missing)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Wireless Configuration Utility HW.15.lnk = C:\Program Files\TRENDnet\TRENDnet TEW-421PC_TEW-423PI\WlanCU.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-us\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: AOL Instant Messenger (SM) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
--
End of file - 5031 bytes