Hi Ken,
I admire your perseverance and patience, which surpasses mine. I deactivated McAfee and AdAware according to the instructions at bleepingcomuter.com/forums/topic114351.html (although i see that ComboFix still shows AV active; how I do not know).
I ran ComboFix and the log is as follows:
ComboFix 08-04-04.1 - hcv 2008-04-06 17:05:59.7 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.104 [GMT 2:00]
Running from: C:\Documents and Settings\hcv\Desktop\ComboFix.exe
* Created a new restore point
* Resident AV is active
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Autorun.inf
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\WINDOWS\system32\kavo.exe
C:\WINDOWS\system32\kavo0.dll
C:\WINDOWS\system32\kavo1.dll
C:\WINDOWS\system32\tavo.exe
----- BITS: Possible infected sites -----
hxxp://wsus.sun.ac.za
.
((((((((((((((((((((((((( Files Created from 2008-03-06 to 2008-04-06 )))))))))))))))))))))))))))))))
.
2008-04-05 15:28 . 2008-04-05 15:28 115,976 -r-hs---- C:\pnc.exe
2008-04-05 15:26 . 2008-04-06 17:06 81,408 -r-hs---- C:\WINDOWS\system32\tavo0.dll
2008-04-05 15:25 . 2008-04-05 15:28 115,976 -r-hs---- C:\1i.com
2008-04-05 14:51 . 2008-04-05 14:51 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-05 14:51 . 2008-04-05 14:51 <DIR> d-------- C:\Documents and Settings\hcv\Application Data\Malwarebytes
2008-04-05 14:51 . 2008-04-05 14:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-05 14:47 . 2008-04-05 14:47 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2008-04-04 15:50 . 2008-04-04 15:50 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-03 10:03 . 2008-04-03 10:03 <DIR> d-------- C:\kav
2008-04-02 16:09 . 2008-04-02 16:57 <DIR> d-------- C:\Program Files\Quick StartUp
2008-03-29 10:41 . 2007-12-07 04:21 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-03-29 10:41 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-03-29 10:41 . 2007-03-08 07:10 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-03-29 10:41 . 2007-12-07 04:21 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-03-29 10:41 . 2007-12-07 04:21 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-03-29 10:41 . 2007-12-07 04:21 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-03-29 10:41 . 2007-12-07 04:21 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-03-29 10:41 . 2007-12-07 04:21 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-03-29 10:41 . 2007-12-06 13:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-03-28 19:59 . 2008-03-28 19:59 <DIR> d-------- C:\Documents and Settings\hcv\Application Data\Uniblue
2008-03-28 11:02 . 2008-03-28 11:02 1,600,994 --a------ C:\ComboFix.exe
2008-03-17 10:22 . 2008-04-01 09:57 <DIR> d-------- C:\Documents and Settings\hcv\DoctorWeb
2008-03-17 09:40 . 2008-03-17 09:50 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-03-17 09:40 . 2008-04-06 17:00 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-17 09:40 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-03-15 13:05 . 2008-03-15 13:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-03-14 22:39 . 2008-04-01 08:43 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-14 22:39 . 2008-03-14 22:39 1,409 --a------ C:\WINDOWS\QTFont.for
2008-03-13 09:15 . 2008-04-06 17:01 <DIR> d-------- C:\QUARANTINE
2008-03-13 07:43 . 2008-03-13 07:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2008-03-13 07:42 . 2007-02-22 20:50 170,408 --a------ C:\WINDOWS\system32\drivers\mfehidk.sys
2008-03-13 07:42 . 2006-11-30 08:50 72,264 --a------ C:\WINDOWS\system32\drivers\mfeavfk.sys
2008-03-13 07:42 . 2006-11-30 08:50 64,360 --a------ C:\WINDOWS\system32\drivers\mfeapfk.sys
2008-03-13 07:42 . 2006-11-30 08:50 52,136 --a------ C:\WINDOWS\system32\drivers\mfetdik.sys
2008-03-13 07:28 . 2008-03-13 07:28 <DIR> d-------- C:\Program Files\McAfee
2008-03-13 07:28 . 2008-03-13 07:28 <DIR> d-------- C:\Program Files\Common Files\McAfee
2008-03-12 20:10 . 2008-03-12 20:10 2,762 --a------ C:\WINDOWS\system32\tmp.reg
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-03 12:21 --------- d-----w C:\Program Files\Afrikaanse Speltoetser
2008-07-13 14:12 --------- d-----w C:\Program Files\iolo
2008-04-06 15:09 --------- d-----w C:\Documents and Settings\hcv\Application Data\Skype
2008-04-06 15:06 --------- d-----w C:\Program Files\Plaxo
2008-04-06 14:06 --------- d-----w C:\Documents and Settings\hcv\Application Data\skypePM
2008-04-01 12:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-28 18:08 --------- d-----w C:\Program Files\RealVNC
2008-03-13 05:44 --------- d-----w C:\Program Files\Network Associates
2008-03-13 05:41 --------- d-----w C:\Program Files\Common Files\Network Associates
2008-01-23 16:35 95,064 ----a-w C:\WINDOWS\system32\cdm.dll
2008-01-23 16:35 556,376 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-01-23 16:35 325,464 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-01-23 16:35 204,120 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-01-23 16:35 1,743,704 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-01-23 16:34 53,592 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-01-23 16:34 44,888 ----a-w C:\WINDOWS\system32\wups2.dll
2008-01-23 16:34 36,184 ----a-w C:\WINDOWS\system32\wups.dll
2008-01-09 17:49 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-12-07 15:08 21686568]
"PlaxoUpdate"="C:\Program Files\Plaxo\2.13.1.3\PlaxoHelper.exe" [2007-12-11 17:21 227914]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-12-04 19:27 171448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UdaterUI.exe" [2007-03-27 15:06 136768]
"FinePrint Dispatcher v5"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" [2006-09-26 22:23 503808]
"ShStatEXE"="C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.exe" [2007-02-22 20:50 112216]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-05-15 01:19:50 217193]
CAPI Tray.lnk - C:\Program Files\Microcom ISDN Utilities\ccmon.exe [2006-04-02 15:37:56 155648]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2006-11-18 09:16:45 122880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications]
"AllowUserPrefMerge"= 1 (0x1)
"Enabled"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\Program Files\Network Associates\Common Framework\FrameworkService.exe"= C:\Program Files\Network Associates\Common Framework\FrameworkService.exe:146.232.128.87,146.232.128.91:enabled:McAfee ePO Agent Installer
"c:\inetkey\inetkey.exe"= c:\inetkey\inetkey.exe:146.232.128.170,146.232.128.180:enabled:Inetkey
"%WINDIR%\\System32\\dpmw32.exe"=
"C:\\Program Files\\WS_FTP\\WS_FTP95.exe"=
"C:\\Program Files\\Opera\\Opera.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts]
"AllowUserPrefMerge"= 1 (0x1)
"Enabled"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"8081:TCP:146.232.128.87, 146.232.128.91:enabled:McAfee ePO Agent Updater"= 8081:TCP:146.232.128.87, 146.232.128.91:enabled:McAfee ePO Agent Updater
"82:TCP:146.232.128.87, 146.232.128.91:enabled:McAfee ePO Agent Updater"= 82:TCP:146.232.128.87, 146.232.128.91:enabled:McAfee ePO Agent Updater
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowOutboundDestinationUnreachable"= 0 (0x0)
"AllowOutboundSourceQuench"= 0 (0x0)
"AllowRedirect"= 0 (0x0)
"AllowInboundEchoRequest"= 0 (0x0)
"AllowInboundRouterRequest"= 0 (0x0)
"AllowOutboundTimeExceeded"= 0 (0x0)
"AllowOutboundParameterProblem"= 0 (0x0)
"AllowInboundTimestampRequest"= 0 (0x0)
"AllowInboundMaskRequest"= 0 (0x0)
"AllowOutboundPacketTooBig"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Logging]
"LogDroppedPackets"= 0 (0x0)
"LogSuccessfulConnections"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\RemoteAdminSettings]
"Enabled"= 1 (0x1)
"RemoteAddresses"= *
R2 CAPI;CAPI 2.0 Service;C:\WINDOWS\system32\DRIVERS\capi.sys [2003-10-23 17:01]
R2 CarryLaunch;Carry it Easy Launcher;C:\WINDOWS\system32\CarryLaunch.exe [2007-02-26 15:36]
R2 NDISCAPI;NDIS CAPI Service;C:\WINDOWS\system32\DRIVERS\ndiscapi.sys [2003-10-23 17:15]
R3 colmpa;Microcom ISDN Porte Internal - IS 1840 NDIS WAN Driver;C:\WINDOWS\system32\DRIVERS\colmpa.sys [2005-01-13 12:55]
R3 vmdmc;Microcom VComm+ Port Driver;C:\WINDOWS\system32\DRIVERS\vmdmc.sys [2004-01-15 13:11]
S3 MEMSWEEP2;MEMSWEEP2;C:\WINDOWS\system32\87.tmp []
.
Contents of the 'Scheduled Tasks' folder
"2008-04-06 15:00:04 C:\WINDOWS\Tasks\RegCure Program Check.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-04-03 06:07:56 C:\WINDOWS\Tasks\RegCure.job"
- C:\Program Files\RegCure\RegCure.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-04-06 17:11:21
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\C:\WINDOWS\system32\87.tmp"
.
Completion time: 2008-04-06 17:13:36
ComboFix-quarantined-files.txt 2008-04-06 15:13:00
ComboFix2.txt 2008-03-28 09:25:48
ComboFix3.txt 2008-03-15 11:53:46
Pre-Run: 1,908,867,072 bytes free
Post-Run: 1,897,611,264 bytes free
.
2008-03-31 12:12:12 --- E O F ---
The HijackThis log is as follows
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:26, on 2008-04-06
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Invention Pilot\Tray Pilot\TrayPlt.exe
C:\Program Files\Network Associates\Common Framework\UdaterUI.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Plaxo\2.13.1.3\PlaxoHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Network Associates\Common Framework\McTray.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Microcom ISDN Utilities\ccmon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CarryLaunch.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Data\Download\HijackThis\HJTInstall.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.sun.ac.za/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL =
http://www.sun.ac.za/sunproxy.pac
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [FinePrint Dispatcher v5] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" /source=HKLM
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\RunOnce: [Tray Pilot] "C:\Program Files\Invention Pilot\Tray Pilot\Starter.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.13.1.3\PlaxoHelper.exe -a
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: CAPI Tray.lnk = C:\Program Files\Microcom ISDN Utilities\ccmon.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.mi...b?1200463634203
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.syma...n/bin/cabsa.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Carry it Easy Launcher (CarryLaunch) - Unknown owner - C:\WINDOWS\system32\CarryLaunch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
--
End of file - 7073 bytes