1) We removed the Party Poker manually, but couldn't remove toolbar. However, it was removed when we checked off two 09 files that he suggested.
2) We decided to keep the control panel restrictions, because we assumed Spybot S&D put them there.
3) Norton's last virus definitions update was 8/15/07.
4) Since this program picks up everything Norton's antivirus misses, is it worth keeping Norton's antivirus, or should we just use Kaspersky's scan for our antivirus software?
Updates.txt file:
Volume in drive C is HP_PAVILION
Volume Serial Number is 7427-1CD8
Directory of c:\Windows
04/25/2006 09:33 PM 11,118 KB900485.log
10/25/2005 06:50 PM 14,360 KB900725.log
10/25/2005 06:52 PM 23,579 KB901017.log
07/12/2005 05:07 PM 11,031 KB901214.log
10/25/2005 06:52 PM 25,973 KB902400.log
07/12/2005 05:07 PM 3,793 KB903235.log
10/25/2005 06:50 PM 11,933 KB904706.log
11/21/2006 07:48 AM 10,660 KB904942.log
10/25/2005 06:50 PM 14,511 KB905414.log
10/25/2005 06:49 PM 11,784 KB905749.log
12/14/2005 08:08 AM 16,169 KB905915.log
01/10/2006 09:10 PM 10,096 KB908519.log
04/15/2006 06:49 AM 15,583 KB908531.log
12/14/2005 08:09 AM 9,863 KB910437.log
06/27/2006 09:12 PM 11,067 KB911280.log
04/15/2006 06:49 AM 14,646 KB911562.log
02/16/2006 08:16 AM 7,157 KB911564.log
04/15/2006 06:48 AM 14,906 KB911565.log
04/15/2006 06:46 AM 10,581 KB911567.log
02/16/2006 08:16 AM 10,620 KB911927.log
04/15/2006 06:48 AM 16,970 KB912812.log
01/06/2006 06:34 PM 11,060 KB912919.log
02/16/2006 08:14 AM 6,606 KB913446.log
05/09/2006 09:34 PM 11,658 KB913580.log
07/13/2006 08:12 PM 12,306 KB914388.log
06/18/2006 07:02 PM 11,335 KB914389.log
11/21/2006 07:49 AM 5,611 KB914440.log
11/21/2006 07:50 AM 7,995 KB915865.log
06/18/2006 07:03 PM 17,719 KB916281.log
07/13/2006 08:12 PM 10,255 KB916595.log
07/13/2006 08:13 PM 11,853 KB917159.log
06/18/2006 07:03 PM 14,387 KB917344.log
08/12/2006 12:10 PM 11,923 KB917422.log
06/18/2006 07:06 PM 11,537 KB917734.log
06/18/2006 07:03 PM 14,153 KB917953.log
02/15/2007 08:47 PM 11,682 KB918118.log
06/18/2006 07:03 PM 14,010 KB918439.log
08/12/2006 12:11 PM 21,101 KB918899.log
09/14/2006 08:26 AM 11,446 KB919007.log
11/21/2006 07:49 AM 21,278 KB920213.log
08/12/2006 12:13 PM 18,032 KB920214.log
08/12/2006 12:10 PM 11,794 KB920670.log
08/12/2006 12:10 PM 12,199 KB920683.log
09/14/2006 08:27 AM 11,246 KB920685.log
09/14/2006 08:26 AM 12,935 KB920872.log
08/12/2006 12:12 PM 18,451 KB921398.log
08/15/2007 07:05 AM 17,245 KB921503.log
08/08/2006 06:19 PM 11,082 KB921883.log
09/14/2006 08:26 AM 7,604 KB922582.log
08/12/2006 12:13 PM 18,051 KB922616.log
11/19/2006 09:57 PM 17,044 KB922760.log
10/13/2006 08:09 AM 12,166 KB922819.log
10/13/2006 08:09 AM 8,709 KB923191.log
10/13/2006 08:09 AM 11,359 KB923414.log
12/16/2006 06:12 PM 10,345 KB923689.log
12/16/2006 06:11 PM 10,875 KB923694.log
02/15/2007 08:49 PM 8,733 KB923723.log
11/19/2006 09:58 PM 15,036 KB923980.log
10/13/2006 08:10 AM 12,331 KB924191.log
11/19/2006 09:58 PM 14,976 KB924270.log
10/13/2006 08:09 AM 11,347 KB924496.log
02/15/2007 08:49 PM 13,008 KB924667.log
12/16/2006 06:13 PM 9,101 KB925398.log
09/26/2006 09:59 PM 10,562 KB925486.log
04/04/2007 07:11 AM 12,293 KB925902.log
03/24/2007 02:01 PM 5,371 KB926239.log
12/16/2006 06:11 PM 11,037 KB926255.log
02/15/2007 08:48 PM 14,965 KB926436.log
02/15/2007 08:50 PM 19,803 KB927779.log
02/15/2007 08:49 PM 16,827 KB927802.log
05/23/2007 04:13 PM 7,620 KB927891.log
02/15/2007 08:48 PM 10,810 KB928090-IE7.log
02/15/2007 08:49 PM 16,550 KB928255.log
02/15/2007 08:47 PM 10,483 KB928843.log
06/13/2007 07:31 AM 17,567 KB929123.log
03/13/2007 07:24 PM 11,932 KB929338.log
03/24/2007 07:31 PM 7,979 KB929399.log
01/11/2007 09:36 AM 3,611 KB929969.log
04/11/2007 08:58 AM 12,547 KB930178.log
05/08/2007 07:47 PM 10,586 KB930916.log
04/11/2007 08:58 AM 12,245 KB931261.log
05/08/2007 07:48 PM 17,201 KB931768-IE7.log
04/11/2007 08:58 AM
Kasperskyscan.txt
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Monday, August 20, 2007 9:16:15 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 20/08/2007
Kaspersky Anti-Virus database records: 385377
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
Scan Statistics:
Total number of scanned objects: 77670
Number of viruses found: 9
Number of infected objects: 23
Number of suspicious objects: 2
Duration of the scan process: 01:57:39
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolWWWSearchAffWinshow.zip/uninstall.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolWWWSearchAffWinshow.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-08-20_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Application Data\iemv\msiesh.dll Infected: not-a-virus:AdWare.Win32.WinShow.b skipped
C:\Documents and Settings\Owner\Application Data\ienq\ienq32.dll Infected: not-a-virus:AdWare.Win32.WinShow.b skipped
C:\Documents and Settings\Owner\Application Data\ienq\msiesh.dll Infected: Trojan-Downloader.Win32.WinShow.q skipped
C:\Documents and Settings\Owner\Application Data\ienq\msiesh.dll.new Infected: not-a-virus:AdWare.Win32.WinShow.b skipped
C:\Documents and Settings\Owner\Application Data\msgd\msiesh.dll Infected: not-a-virus:AdWare.Win32.WinShow.a skipped
C:\Documents and Settings\Owner\Application Data\mskd\msiesh.dll Infected: Trojan-Downloader.Win32.WinShow.q skipped
C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SUPERANTISPYWARE.LOG Object is locked skipped
C:\Documents and Settings\Owner\Application Data\sysmq\msiesh.dll Infected: not-a-virus:AdWare.Win32.WinShow.b skipped
C:\Documents and Settings\Owner\Application Data\sysmq\sysmq.dll Infected: not-a-virus:AdWare.Win32.WinShow.b skipped
C:\Documents and Settings\Owner\Application Data\sysmv\msiesh.dll Infected: not-a-virus:AdWare.Win32.WinShow.a skipped
C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped
C:\hp\bin\KillWind.exe Infected: not-a-virus:RiskTool.Win32.PsKill.p skipped
C:\Program Files\Common Files\submit2.exe/submithook.dll Infected: Trojan-Downloader.Win32.Agent.az skipped
C:\Program Files\Common Files\submit2.exe Gentee: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\RECYCLER\NPROTECT\NPROTECT.LOG Object is locked skipped
C:\sti.log Object is locked skipped
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP750\A0039551.DLL Infected: not-a-virus:AdWare.Win32.WinShow.e skipped
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP750\A0039552.DLL Infected: not-a-virus:AdWare.Win32.WinShow.e skipped
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP750\A0039553.DLL Infected: not-a-virus:AdWare.Win32.WinShow.e skipped
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP751\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\mshp.dll.bad/data0001.html Infected: Trojan-Downloader.Win32.WinShow.u skipped
C:\WINDOWS\mshp.dll.bad/data0002.html Infected: Trojan-Downloader.Win32.WinShow.u skipped
C:\WINDOWS\mshp.dll.bad/data0003.html Infected: Trojan-Downloader.Win32.WinShow.u skipped
C:\WINDOWS\mshp.dll.bad/data0004.html Infected: Trojan-Downloader.Win32.WinShow.u skipped
C:\WINDOWS\mshp.dll.bad/data0005.html Infected: Trojan-Downloader.Win32.WinShow.u skipped
C:\WINDOWS\mshp.dll.bad/data0006.html Infected: Trojan-Downloader.Win32.WinShow.u skipped
C:\WINDOWS\mshp.dll.bad Embedded HTML: infected - 6 skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\default Object is locked skipped
C:\WINDOWS\SYSTEM32\config\default.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\Internet.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\software Object is locked skipped
C:\WINDOWS\SYSTEM32\config\software.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\system Object is locked skipped
C:\WINDOWS\SYSTEM32\config\system.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\h323log.txt Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\winshow.new Infected: Trojan-Downloader.Win32.WinShow.m skipped
Scan process completed.
Hijackthis.txt
Logfile of HijackThis v1.99.1
Scan saved at 9:16:56 AM, on 8/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Symantec
Shared\ccApp.exe
C:\WINDOWS\LTMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\Shared
Files\CAMTRAY.EXE
C:\Program Files\Common
Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbar
Notifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program
Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Sony Corporation\Image
Transfer\SonyTray.exe
C:\Program Files\Greetings Workshop\GWREMIND.EXE
C:\Program
Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec
Shared\ccEvtMgr.exe
C:\Program Files\Norton SystemWorks\Norton
AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton
Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec
Shared\Security Center\SymWSC.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft
Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Messenger\msmsgs.exe
C:\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = www.comcast.net
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Window Title = Microsoft Internet
Explorer provided by Comcast High-Speed Internet
R1 -
HKCU\Software\Microsoft\Windows\CurrentVersion\I
nternet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) -
{53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} -
C:\Program Files\Common Files\Microsoft
Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -
C:\Program
Files\Google\GoogleToolbarNotifier\2.0.301.7164\
swg.dll
O2 - BHO: NAV Helper -
{BDF3E430-B101-42AD-A544-FADC6B084872} -
C:\Program Files\Norton SystemWorks\Norton
AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus -
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
C:\Program Files\Norton SystemWorks\Norton
AntiVirus\NavShExt.dll
O3 - Toolbar: &Google -
{2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [hpsysdrv]
c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IgfxTray]
C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds]
C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2]
C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program
Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program
Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Creative WebCam Tray]
C:\Program Files\Creative\Shared
Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "C:\Program
Files\Common Files\Real\Update_OB\realsched.exe"
-osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader
8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program
Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbar
Notifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program
Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program
Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Greetings Workshop Reminders.lnk =
C:\Program Files\Greetings Workshop\GWREMIND.EXE
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: Microsoft Office.lnk =
C:\Program Files\Microsoft
Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet
Explorer\Control Panel present
O9 - Extra button: AIM -
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -
C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com -
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) -
{e2e2dd38-d088-4134-82b7-f2ba38496583} -
%windir%\Network Diagnostic\xpnetdiag.exe (file
missing)
O9 - Extra 'Tools' menuitem:
@xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} -
%windir%\Network Diagnostic\xpnetdiag.exe (file
missing)
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL]
International*
O14 - IERESET.INF:
START_PAGE_URL=http://www.comcast.net
O16 - DPF:
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75}
(CKAVWebScan Object) -
http://www.kaspersky...partner/default
/kavwebscan_unicode.cab
O16 - DPF:
{5685BC20-FBE6-11D2-885F-00A0243C2C64} (iVantage
Remote Data Control) -
https://ivantage.the...agetec/Common/S
pectrumRDC.cab
O16 - DPF:
{7823A620-9DD9-11CF-A662-00AA00C066D2}
(PopupMenu Object) -
https://ivantage.the...agetec/Common/i
emenu.cab
O16 - DPF:
{A7A61128-0EAA-11D1-B22F-0000C08C00C4}
(SSDBCombo Control 3.1 - A) -
https://ivantage.the...agetec/Common/S
sdw3b32.cab
O16 - DPF:
{C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal
Report Viewer Control) -
https://ivantage.the...agetec/Reports/
ActiveXViewer80.cab
O18 - Protocol: livecall -
{828030A1-22C1-4009-854F-8E305202313F} -
C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim -
{828030A1-22C1-4009-854F-8E305202313F} -
C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program
Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon -
C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj -
{AAA288BA-9A4C-45B0-95D7-94D524869DB5} -
C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler -
Symantec Corporation - C:\Program
Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr)
- Symantec Corporation - C:\Program Files\Common
Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation
Service (ccPwdSvc) - Symantec Corporation -
C:\Program Files\Common Files\Symantec
Shared\ccPwdSvc.exe
O23 - Service: Google Updater Service (gusvc) -
Google - C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager
(IDriverT) - Macrovision Corporation -
C:\Program Files\Common
Files\InstallShield\Driver\1050\Intel
32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation
- C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect
Service (navapsvc) - Symantec Corporation -
C:\Program Files\Norton SystemWorks\Norton
AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection
(NProtectService) - Symantec Corporation -
C:\Program Files\Norton SystemWorks\Norton
Utilities\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service
(NVSvc) - NVIDIA Corporation -
C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service
(SBService) - Symantec Corporation -
C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.ex
e
O23 - Service: Symantec Network Drivers Service
(SNDSrvc) - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec
Corporation -
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) -
Symantec Corporation - C:\Program Files\Common
Files\Symantec Shared\Security Center\SymWSC.exe