Dan, I couldn't wait...ComboFix and HJT logs to follow uploaded with the laptop. Both log files are in this post.
ComboFix 09-02-12.03 - John 2009-02-13 14:56:30.1 -
FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1024.649 [GMT -5:00]
Running from: c:\documents and settings\John\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated)
AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated)
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\winxp\system32\agipemek.ini
c:\winxp\system32\fidetiga.dll
c:\winxp\system32\gazvrf.dll
c:\winxp\system32\izafizar.ini
c:\winxp\system32\kofelifu.dll
c:\winxp\system32\nogayeda.dll
c:\winxp\system32\ntnet.drv
c:\winxp\system32\piizgp.dll
c:\winxp\system32\vopeside.dll
.
((((((((((((((((((((((((( Files Created from 2009-01-13 to 2009-02-13 )))))))))))))))))))))))))))))))
.
2009-02-13 10:46 . 2009-02-13 10:46 <DIR> d-------- c:\documents and settings\John\Application Data\Malwarebytes
2009-02-13 10:46 . 2009-02-13 10:46 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-02-13 10:46 . 2009-02-11 10:19 38,496 --a------ c:\winxp\system32\drivers\mbamswissarmy.sys
2009-02-13 10:46 . 2009-02-11 10:19 15,504 --a------ c:\winxp\system32\drivers\mbam.sys
2009-02-13 10:45 . 2009-02-13 10:46 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-12 23:44 . 2009-02-12 23:44 <DIR> d-------- c:\program files\Spyware Doctor
2009-02-12 23:44 . 2009-02-12 23:44 <DIR> d-------- c:\program files\Common Files\PC Tools
2009-02-12 23:44 . 2009-02-12 23:44 <DIR> d-------- c:\documents and settings\John\Application Data\PC Tools
2009-02-12 23:44 . 2009-02-12 23:44 <DIR> d-------- c:\documents and settings\All Users\Application Data\PC Tools
2009-02-12 23:44 . 2008-07-28 12:29 160,792 --a------ c:\winxp\system32\drivers\pctfw2.sys
2009-02-12 23:44 . 2008-08-25 12:36 81,288 --a------ c:\winxp\system32\drivers\iksyssec.sys
2009-02-12 23:44 . 2008-08-25 12:36 66,952 --a------ c:\winxp\system32\drivers\iksysflt.sys
2009-02-12 23:44 . 2008-08-25 12:36 40,840 --a------ c:\winxp\system32\drivers\ikfilesec.sys
2009-02-12 23:44 . 2008-06-02 16:19 29,576 --a------ c:\winxp\system32\drivers\kcom.sys
2009-02-12 10:48 . 2009-02-13 15:00 6,456 --ah----- c:\winxp\system32\gafopaji
2009-02-03 14:17 . 2009-02-03 14:17 <DIR> d-------- c:\program files\Common Files\Macrovision Shared
2009-02-03 14:17 . 2009-02-03 14:17 <DIR> d-------- c:\documents and settings\All Users\Application Data\Rosetta Stone
2009-02-03 14:14 . 2009-02-03 14:14 <DIR> d-------- c:\program files\MagicDisc
2009-02-03 14:14 . 2008-07-28 17:19 116,736 --a------ c:\winxp\system32\drivers\mcdbus.sys
2009-01-26 13:32 . 2009-01-26 13:32 54,156 --ah----- c:\winxp\QTFont.qfn
2009-01-26 13:32 . 2009-01-26 13:32 1,409 --a------ c:\winxp\QTFont.for
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-12 17:01 3,067,904 ------w c:\winxp\system32\dllcache\mshtml.dll
2008-12-11 10:57 333,952 ------w c:\winxp\system32\dllcache\srv.sys
2006-11-04 05:31 32 ----a-w c:\documents and settings\John\o9u.dat
2006-10-24 22:15 266 --sh--w c:\program files\desktop.ini
2006-10-24 22:15 11,079 ---h--w c:\program files\folder.htt
2004-02-01 00:54 331,776 ----a-w c:\winxp\inf\pdfinst2.exe
2002-08-02 13:00 12,348 ----a-w c:\program files\viewsonicinstruct_xp.pdf
2006-02-28 17:00 73,728 --sha-w c:\winxp\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Norton Ghost 9.0"="c:\program files\Symantec\Norton Ghost\Agent\GhostTray.exe" [2004-07-29 1122304]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Seagate\Schedule2\schedhlp.exe" [2007-08-08 148760]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-02-28 282624]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-03-02 185896]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 227328]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-03-13 1443072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 c:\winxp\KHALMNPR.Exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-01-01 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-08-25 805392]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 02:42 72208 c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"aux"= wdmaud.sys
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^John^Start Menu^Programs^Startup^MagicDisc.lnk]
path=c:\documents and settings\John\Start Menu\Programs\Startup\MagicDisc.lnk
backup=c:\winxp\pss\MagicDisc.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\2Wire Wireless Manager]
--a------ 2007-10-01 16:56 61440 c:\program files\2Wire Wireless Manager\2Wire.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
--a------ 2007-08-08 18:00 1945424 c:\program files\Seagate\DiscWizard\TimounterMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiscWizardMonitor.exe]
--a------ 2007-08-08 17:47 1169456 c:\program files\Seagate\DiscWizard\DiscWizardMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
--a------ 2006-05-30 15:22 542208 c:\program files\Nero\Nero 7\InCD\InCD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 16:40 155648 c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
--a------ 2007-03-23 13:20 227328 c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-02-28 09:16 282624 c:\program files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-03-02 09:01 185896 c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2008-01-15 17:54 37376 c:\program files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
-ra------ 2001-10-22 13:24 1216512 c:\winxp\mixer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINXP\\System32\\mmc.exe"=
"c:\\WINXP\\System32\\FXSCLNT.exe"=
"c:\\Program Files\\K-Lite\\kazaa.core"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\RealPlay.exe"=
R0 PQV2i;PQV2i;c:\winxp\system32\drivers\PQV2i.sys [2004-07-29 138780]
R1 epfwtdir;epfwtdir;c:\winxp\system32\drivers\epfwtdir.sys [2008-03-13 33800]
R1 pctfw2;pctfw2;c:\winxp\system32\drivers\pctfw2.sys [2009-02-12 160792]
R1 PQIMount;PQIMount;c:\winxp\system32\drivers\PQIMount.sys [2004-07-29 46779]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-03-13 472320]
S3 OlCamudp;OLYMPUS Digital Camera;c:\winxp\system32\drivers\olcamudp.sys [2006-11-13 10379]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-02-12 356920]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{66f2e300-66b1-11db-b68d-0040f4416052}]
\Shell\AutoRun\command - E:\StartPortableApps.exe
.
- - - - ORPHANS REMOVED - - - -
BHO-{150e6345-2ab6-4e9d-bb07-e4e72704d401} - c:\winxp\system32\pijelodo.dll
HKLM-Run-rureyagofo - c:\winxp\system32\rotawugo.dll
MSConfigStartUp-24711747 - c:\winxp\system32\razifazi.dll
MSConfigStartUp-BitTorrent DNA - c:\program files\DNA\btdna.exe
MSConfigStartUp-CPM274224db - c:\winxp\system32\vopeside.dll
MSConfigStartUp-pccguide - c:\program files\Trend Micro\Internet Security 2006\pccguide.exe
MSConfigStartUp-rureyagofo - c:\winxp\system32\rotawugo.dll
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.google.com/IE: Download all by YouTube Robot - c:\program files\YouTubeRobot\RobotExt.ocx/ALL.HTM
IE: Download by YouTube Robot - c:\program files\YouTubeRobot\RobotExt.ocx/LINK.HTM
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files\Common Files\PC Tools\LSP\PCTLsp.dll
DPF: {03A89EFD-E023-8000-A22D-45F77558EB4C} -
hxxps://lm-learnlinc-6.ilinc.com/download/ilinci80.dllDPF: {413D6754-BFD4-47FE-9346-319559290BFA} -
hxxp://www.webpcfos.com/webpcfos/websabre/HTEweb.cabDPF: {C7C7152F-6E85-44F3-A14B-A7F85FDDEA3B} -
hxxp://www.tellmemore-online.com/bin/tol7inst.cabFF - ProfilePath - c:\documents and settings\John\Application Data\Mozilla\Firefox\Profiles\dgchrfgn.default\
FF - plugin: c:\program files\Google\Google Updater\2.4.1439.6872\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np32asw.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-02-13 15:03:59
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(784)
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
c:\program files\common files\logitech\bluetooth\LBTServ.dll
- - - - - - - > 'lsass.exe'(844)
c:\winxp\system32\relog_ap.dll
c:\program files\Common Files\PC Tools\LSP\PCTLsp.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\COMMON FILES\SEAGATE\SCHEDULE2\SCHEDUL2.EXE
c:\program files\SYMANTEC\LIVEUPDATE\ALUSCHEDULERSVC.EXE
c:\winxp\SYSTEM32\GEARSEC.EXE
c:\program files\GOOGLE\COMMON\GOOGLE UPDATER\GOOGLEUPDATERSERVICE.EXE
c:\program files\NERO\NERO 7\INCD\INCDSRV.EXE
c:\program files\JAVA\JRE6\BIN\JQS.EXE
c:\program files\COMMON FILES\LIGHTSCRIBE\LSSRVC.EXE
c:\program files\SYMANTEC\NORTON GHOST\AGENT\PQV2ISVC.EXE
c:\program files\PC CONNECTIVITY SOLUTION\SERVICELAYER.EXE
c:\program files\COMMON FILES\LOGISHRD\KHAL2\KHALMNPR.EXE
c:\winxp\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-02-13 15:06:44 - machine was rebooted
ComboFix-quarantined-files.txt 2009-02-13 20:06:42
Pre-Run: 15,042,150,400 bytes free
Post-Run: 20,310,228,992 bytes free
194 --- E O F --- 2009-02-11 08:02:49
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:10:46 PM, on 2/13/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINXP\System32\smss.exe
C:\WINXP\system32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\system32\spoolsv.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINXP\System32\GEARSec.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\WINXP\system32\svchost.exe
C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINXP\system32\wscntfy.exe
C:\WINXP\explorer.exe
C:\Documents and Settings\John\Desktop\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Download all by YouTube Robot -
res://C:\Program Files\YouTubeRobot\RobotExt.ocx/ALL.HTM
O8 - Extra context menu item: Download by YouTube Robot -
res://C:\Program Files\YouTubeRobot\RobotExt.ocx/LINK.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {03A89EFD-E023-8000-A22D-45F77558EB4C} (ILINCInstall80 Class) -
https://lm-learnlinc-6.ilinc.com/download/ilinci80.dllO16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) -
https://training.aapilots.com/authorwar ... wswaxd.cabO16 - DPF: {413D6754-BFD4-47FE-9346-319559290BFA} (HTECtrl Class) -
http://www.webpcfos.com/webpcfos/websabre/HTEweb.cabO16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://64.29.78.157/activex/AxisCamControl.ocxO16 - DPF: {C7C7152F-6E85-44F3-A14B-A7F85FDDEA3B} (InstallerCtrl Class) -
http://www.tellmemore-online.com/bin/tol7inst.cabO23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINXP\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8104 bytes