Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Clean Bill of Health Requested [RESOLVED]


  • This topic is locked This topic is locked

#1
bigdog1100

bigdog1100

    Member

  • Member
  • PipPipPip
  • 280 posts
Hello. I started topic elsewhere and working on my PC Freezing problem. A person that works with me suggested I do cleanups and post my logs here. For your information this is the topic. http://www.geekstogo...me-t169217.html

I am attaching HijackThis Log, Panda Log, and AVG Log. I can't attach NOD32 Log because it is too large, 700 K. I will also paste uninstall info below. Thank you. :whistling:

"Sid Meier's Pirates!" âåðñèè 1.0.0.0
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player 9 ActiveX
Adobe Photoshop Album 2.0 Starter Edition
Adobe Photoshop Elements 2.0
Adobe Premiere 6 LE
Adobe Reader 7.0.8
Agere Systems AC'97 Modem
AIM 6.0
Any Video Converter 1.0.2
AOL Instant Messenger
Apple Software Update
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Control Panel
ATI Display Driver
Audacity 1.2.3
Avanquest update
AVG Anti-Spyware 7.5
AVI/MPEG/RM/WMV Joiner 4.82
Azureus Vuze
Belkin Bulldog Plus
BestCrypt 7.0
Billy Elliot Screensaver
BitComet 0.62
Brownie
BurnInTest v4.0 Standard
Cakewalk Media Mixer
CardRd81
ccCommon
CCHelp
CCScore
CheckIt Diagnostics
CleanUp!
Click to DVD 1.4.04
Click to DVD Themes
CompuApps SwissKnife V3
Connection Keep Alive
CR2
Creative Audio Console
Creative Media Toolbox
Creative MediaSource
Creative System Information
Creative Vienna SoundFont Studio
Data Lifeguard Tools
Defcon
dirLock
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
Documents To Go
Drag'n Drop CD+DVD
Dreaming of Brazil 3 Beta 6
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVD X Player 4.0 Professional
DVD43 v3.7.0
DVgate Plus
EasyCleaner
eFax Messenger Plus 3.3
eMule
ESSAdpt
ESSANUP
ESSBrwr
ESSCAM
ESSCDBK
ESScore
ESSCT
ESSEMAIL
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSvpaht
ESSvpot
EVEREST Home Edition v2.20
ewido anti-malware
Fast Explorer 2007
File Lock 6.0
FLV Player 1.3.3
Google Earth
GRE POWERPREP
Hardwar
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
Hijackthis 1.99.1
HijackThis 1.99.1
HLPCCTR
HLPIndex
HLPPDOCK
HLPSFO
Homeworld
Homeworld2
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
HP Image Zone 4.0
HP Software Update
ICQ Toolbar
ICQ 5.1
Intel® PRO Network Connections 12.2.41.0
InterVideo DVDCopy 2
InterVideo WinDVD 5 for VAIO
iPIX ActiveX Viewer
iPod for Windows 2005-10-12
iPod for Windows 2005-11-17
iPod for Windows 2006-01-10
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Japanese Language Support
Java™ 6 Update 2
Java™ SE Runtime Environment 6 Update 1
Kaspersky On-line Scanner
Kodak EasyShare software
KSU
LimeWire 4.12.3
LiveUpdate 2.7 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Macromedia Shockwave Player
MasterSplitter Program
Memory Stick Formatter
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft DirectX 9.0 SDK Update (April 2005)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Office Standard Edition 2003
Microsoft Office XP Media Content
Microsoft Plus! Digital Media Edition
mIRC
Morpheus Toolbar
Motorola Phone Tools
Movielink eHome version 1.1
Mozilla Firefox (1.5.0.8)
Mozilla Firefox (2.0.0.6)
MSN Music Assistant
MSRedist
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
Music Visualizer Library 1.4.00
Nero 7
neroxml
Net Transport 1.94.282
Netscape (7.02)
NOD32 Antivirus System
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia PC Suite
Norton Cleanup
Norton Ghost 10.0
Norton Protection Center
Norton SystemWorks
Norton SystemWorks 2006 Premier
Norton SystemWorks 2006 Premier (Symantec Corporation)
Norton Utilities
Notifier
NSW_DRM_COLLECTION
OfotoXMI
OpenMG Metadata Extractor for Windows Media Player
OpenMG Secure Module 3.3.01
Opera
OTtBP
OTtBPSDK
overland
Palm
Panda ActiveScan
Paragon Partition Manager 6.0 Demo
Paragon Partition Manager 8.0 Personal Demo
PC Connectivity Solution
PCDADDIN
PCDHELP
PCDLNCH
PerformanceTest v4.0
PGP 8.0
Photosmart 320,370,7400,8100,8400 Series
PictureGear Studio 2.0
PowerArchiver 2004 v9.25
PowerQuest PartitionMagic 8.0 Demo
PrimaScan 2400U
PrimoPDF
PTDD Super Fdisk 1.0
Quicken 2004
QuickTime
Radio365
RealPlayer
Riva FLV Encoder 2.0
R-Studio 3.0
Screenblast ACID 4.0
Screenblast Sound Forge 1.1
SDP Downloader
Security Task Manager 1.6f
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
SFR
SFR2
Sierra Utilities
SoftV92 Data Fax Modem
SonicStage 1.6.00
SonicStage Mastering Studio 1.1
SonicStage Mastering Studio Plugins 1.0
SonicStage MP3 Add-on program
Sony Certificate PCH
Sony TV Tuner Library 1.0
Sony Video Shared Library
Sound Blaster for Media Center
Sound Blaster X-Fi
SPBBC
Spyware Doctor 3.8
SUPERAntiSpyware Free Edition
Swiff Player 1.1
Symantec KB-DocID:2003093015493306
Trillian
Ulead Burn.Now
Ulead DVD MovieFactory 2 SE
Ulead DVD PictureShow 2 SE
Ulead DVD Player
Ulead VideoStudio 7 SE DVD
Unreal II Special Edition
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
VAIO BrightColor Wallpaper
VAIO Edit Components
VAIO Help and Support
VAIO Media 2.6
VAIO Media Integrated Server 2.6
VAIO Media Redistribution 2.6
VAIO Registration
VAIO Support
VAIO Survey Standalone
VCAMCEN
Video Card Stability Test
VideoLAN VLC media player 0.8.6b
Videora iPod Converter 0.91
Viewpoint Media Player
ViewSonic Monitor Drivers
VPRINTOL
VuePrint
Welcome to VAIO life
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Connect
Windows Media Connect
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB887797
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinPcap 3.1 beta3
WinRAR archiver
WinZip
Write DVD!
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Messenger Explorer Bar
Yahoo! Widget Engine
Yahoo! Widget Engine
You Don't Know Jack The Ride
YOU DON'T KNOW JACK V1.0
YOU DON'T KNOW JACK Volume 2
ZoneAlarm Security Suite
Zoom Player (remove only)

Edited by bigdog1100, 03 September 2007 - 08:50 PM.

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there sorry for the delay could you please provide a new Hijackthis log and summary of your current problems Ta
  • 0

#3
bigdog1100

bigdog1100

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 280 posts
Hello. Here is the summary of my problems, and New HijackThis log. Please note, that I am being helped by someone. But, he told me to check with Malware department before proceeding. Maybe you two can join forces. :whistling: Here's the link to that conversation.

http://www.geekstogo...me-t169217.html

I have already posted this topic before but to no avail. So, I would like to post again. The problem returned. When I load a game, Team Fortress Classic or Counter Strike, my computer freezes. I suspect video problem. But it may be audio or software. I tried reducing video quality, it did not help. My best guess is that it may be X-Fi sound card, since I sent out pc for repair of video card and had the card replaced not so long ago, and this is not a new problem so it used to happen before the new video card was installed.

I recorded a video of what is happening during the "freeze process". SInce the maximum upload is 500 K I have no choice but to upload it to my youtube account. Please forgive me for attaching a link here, but this is the only way I can show you exactly what is happening. Here is the link.



Can someone please help me troubleshoot this issue. Thanks.

FYI: The click you hear on seconds 19-20 is me moving camera around. But the actual click before freeze that always occur is on seconds 21-22, and the hard drive is lit steady.


Logfile of HijackThis v1.99.1
Scan saved at 3:43:17 PM, on 9/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\ehome\ehSched.exe
D:\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\GEARSec.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
D:\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe
C:\WINDOWS\system32\PGPsdkServ.exe
C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
D:\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
D:\Belkin Bulldog Plus\upsd.exe
C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
D:\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\SONY\sHotKey\sHotKey.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\WINDOWS\CTHELPER.EXE
D:\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
D:\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe
D:\Nokia\Nokia PC Suite 6\LaunchApplication.exe
D:\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
D:\BTTray.exe
C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
D:\Palm\Hotsync.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
D:\Belkin Bulldog Plus\MUPS.exe
D:\Jetico\BestCrypt\BCResident.exe
D:\Yahoo!Widgets\WidgetEngine\YahooWidgetEngine.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
D:\Yahoo!Widgets\WidgetEngine\YahooWidgetEngine.exe
D:\Yahoo!Widgets\WidgetEngine\YahooWidgetEngine.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\WINDOWS\system32\wuauclt.exe
D:\eMule\emule.exe
C:\WINDOWS\system32\hpbpro.exe
C:\WINDOWS\system32\hpboid.exe
C:\WINDOWS\System32\svchost.exe
D:\Mozilla Firefox\firefox.exe
D:\Security\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.co...earch_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\ICQToolbar\toolbaru.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - D:\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - D:\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - d:\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: XBTBPos00 - {E552EEFC-DE97-45D4-BA1A-F534A1B4A579} - C:\PROGRA~1\MORPHE~1\tbu70E\MORPHE~1.DLL
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\ICQToolbar\toolbaru.dll
O3 - Toolbar: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\tbu70E\morpheustoolbar.dll
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [VolPanel] "D:\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [sHotKey] "C:\Program Files\SONY\sHotKey\sHotKey.exe"
O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [ZTgServerSwitch] "c:\program files\support.com\client\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Norton Ghost 10.0] "D:\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKCU\..\Run: [Creative Detector] D:\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [updateMgr] "D:\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - Startup: HotSync Manager.LNK = D:\Palm\Hotsync.exe
O4 - Startup: Yahoo! Widget Engine.lnk = D:\Yahoo!Widgets\WidgetEngine\YahooWidgetEngine.exe
O4 - Global Startup: BestCrypt Auto Open.lnk = D:\Jetico\BestCrypt\BestCrypt.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = D:\Palm\Hotsync.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: MUPS.lnk = D:\Belkin Bulldog Plus\MUPS.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Download all by Net Transport - D:\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Download by Net Transport - D:\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - D:\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\tbu70E\morpheustoolbar.dll
O9 - Extra 'Tools' menuitem: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\tbu70E\morpheustoolbar.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - D:\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - D:\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - D:\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - D:\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - D:\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\AIM\aim.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\ICQLite\ICQLite.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....007/CTSUEng.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - https://www-secure.s...rl/LSSupCtl.cab
O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zone...ee/cm/ICSCM.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.co...clean_micro.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1143319472500
O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanma...ab9_1/dmcc2.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalci....1.11_en_dl.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://real.gamehous...outLauncher.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15008/CTPID.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - D:\bin\btwdins.exe
O23 - Service: BW - Unknown owner - C:\DOCUME~1\GM2\LOCALS~1\Temp\BW.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - D:\ewido anti-malware\ewidoctrl.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: NBService - Nero AG - D:\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Norton Ghost - Symantec Corporation - D:\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe
O23 - Service: PGPsdkService (PGPsdkServ) - PGP Corporation - C:\WINDOWS\system32\PGPsdkServ.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - D:\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: UPS - UPSentry Service (UPSentry_Smart) - Delta - D:\Belkin Bulldog Plus\upsd.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Edited by bigdog1100, 12 September 2007 - 01:46 PM.

  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Nothing readilly apparent from that log but you do have a lot of processes running at the same time. What I would like to do first is uninstall Ewido as that is way out of date now and replace it with a free up to date scanner

Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):

Ewido

Please note any other programs that you dont recognize in that list in your next response

THEN

Download and then run SuperAntispyware
  • On the first page select Check for Updates
  • On completion select SCAN YOUR COMPUTER
  • On the next page select COMPLETE SCAN and tick ALL your drives
  • The next stage will take a while as your entire drive(s), memory and registry are scanned
  • When it has completed click NEXT
  • The next screen shows the problems found click OK
  • On the next screen place a tick against all items and select NEXT
  • Now to get the log Go to the PREFERENCES button on the right bottom
  • Select the STATISTICS/LOG tab
  • Highlight the scan just completed and click VIEW LOG
  • This will open a notepad text file copy and paste this to your next reply
I will also need an uninstall list

Open HijackThis, click Config, click Misc Tools
Click "Open Uninstall Manager"
Click "Save List" (generates uninstall_list.txt)
Click Save, copy and paste the results in your next post


Logs required this time are Superantispyware and an uninstall list
  • 0

#5
bigdog1100

bigdog1100

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 280 posts
Here is what you requested.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/13/2007 at 02:27 PM

Application Version : 3.9.1008

Core Rules Database Version : 3305
Trace Rules Database Version: 1311

Scan type : Complete Scan
Total Scan Time : 01:46:03

Memory items scanned : 682
Memory threats detected : 0
Registry items scanned : 9368
Registry threats detected : 1
File items scanned : 78413
File threats detected : 95

Adware.Tracking Cookie
C:\Documents and Settings\GM2\Cookies\[email protected][1].txt
C:\Documents and Settings\GM2\Cookies\gm2@directtrack[1].txt
C:\Documents and Settings\GM2\Cookies\[email protected][1].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\gm2@doubleclick[2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][1].txt
C:\Documents and Settings\GM2\Cookies\gm2@mediafire[1].txt
C:\Documents and Settings\GM2\Cookies\gm2@cpvfeed[2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][3].txt
C:\Documents and Settings\GM2\Cookies\[email protected][1].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\gm2@realmedia[1].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\gm2@atdmt[2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][1].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\gm2@questionmarket[2].txt
C:\Documents and Settings\GM2\Cookies\gm2@overture[2].txt
C:\Documents and Settings\GM2\Cookies\gm2@hitbox[1].txt
C:\Documents and Settings\GM2\Cookies\gm2@trafficmp[2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][1].txt
C:\Documents and Settings\GM2\Cookies\[email protected][1].txt
C:\Documents and Settings\GM2\Cookies\gm2@advertising[2].txt
C:\Documents and Settings\GM2\Cookies\gm2@partner2profit[2].txt
C:\Documents and Settings\GM2\Cookies\gm2@zedo[1].txt
C:\Documents and Settings\GM2\Cookies\gm2@tacoda[1].txt
C:\Documents and Settings\GM2\Cookies\gm2@list[1].txt
C:\Documents and Settings\GM2\Cookies\gm2@mediaplex[2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][1].txt
C:\Documents and Settings\GM2\Cookies\gm2@roiservice[1].txt
C:\Documents and Settings\GM2\Cookies\gm2@adbrite[2].txt
C:\Documents and Settings\GM2\Cookies\gm2@serving-sys[1].txt
C:\Documents and Settings\GM2\Cookies\gm2@burstnet[1].txt
C:\Documents and Settings\GM2\Cookies\[email protected][4].txt
C:\Documents and Settings\GM2\Cookies\[email protected][1].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][1].txt
C:\Documents and Settings\GM2\Cookies\[email protected][1].txt
C:\Documents and Settings\GM2\Cookies\gm2@spylog[2].txt
C:\Documents and Settings\GM2\Cookies\gm2@bluestreak[1].txt
C:\Documents and Settings\GM2\Cookies\gm2@revsci[2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][1].txt
C:\Documents and Settings\GM2\Cookies\gm2@tribalfusion[2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\gm2@rambler[1].txt
C:\Documents and Settings\GM2\Cookies\[email protected][1].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\gm2@casalemedia[1].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\gm2@adrevolver[1].txt
C:\Documents and Settings\GM2\Cookies\[email protected][1].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][1].txt
C:\Documents and Settings\GM2\Cookies\[email protected][1].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\gm2@fastclick[2].txt
C:\Documents and Settings\GM2\Cookies\gm2@crossmediaservices[2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][3].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][1].txt
C:\Documents and Settings\GM2\Cookies\gm2@2o7[2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][2].txt
C:\Documents and Settings\GM2\Cookies\[email protected][1].txt
C:\Documents and Settings\GM2\Cookies\gm2@atwola[1].txt

Adware.MyWay
C:\Program Files\MyWay\myBar\Cache06C229
C:\Program Files\MyWay\myBar\Cache06C4BA
C:\Program Files\MyWay\myBar\Cache06C621.bin
C:\Program Files\MyWay\myBar\Cache06C779.bin
C:\Program Files\MyWay\myBar\Cache06C8C1.bin
C:\Program Files\MyWay\myBar\Cache30D23A
C:\Program Files\MyWay\myBar\Cache165CE25
C:\Program Files\MyWay\myBar\Cache165D25B.bin
C:\Program Files\MyWay\myBar\Cache1695EAE.bin
C:\Program Files\MyWay\myBar\Cache1696083.bin
C:\Program Files\MyWay\myBar\Cache
C:\Program Files\MyWay\myBar\Settings\prevcfg.htm
C:\Program Files\MyWay\myBar\Settings
C:\Program Files\MyWay\myBar
C:\Program Files\MyWay

Unclassified.PC MightyMax
HKU\S-1-5-21-2161250150-1629578968-4161616516-1004\Software\PC MightyMax
C:\Program Files\PC MightyMax\ARTeam.nfo
C:\Program Files\PC MightyMax\ARTeam.sfv
C:\Program Files\PC MightyMax\keygen.nfo
C:\Program Files\PC MightyMax\lic.conf
C:\Program Files\PC MightyMax\lic.dat
C:\Program Files\PC MightyMax\pcdocrx.conf
C:\Program Files\PC MightyMax\pcmightymax.v9.patch.exe
C:\Program Files\PC MightyMax
D:\DOWNLOAD\PCMIGHTYMAXSETUP.EXE

Uninstall list:

Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player 9 ActiveX
Adobe Photoshop Album 2.0 Starter Edition
Adobe Photoshop Elements 2.0
Adobe Premiere 6 LE
Adobe Reader 7.0.8
Agere Systems AC'97 Modem
AIM 6.0
Any Video Converter 1.0.2
AOL Instant Messenger
Apple Software Update
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Control Panel
ATI Display Driver
Avanquest update
AVG Anti-Spyware 7.5
AVI/MPEG/RM/WMV Joiner 4.82
Azureus Vuze
Belkin Bluetooth Software
Belkin Bulldog Plus
BestCrypt 7.0
BitComet 0.62
Brownie
BurnInTest v4.0 Standard
Cakewalk Media Mixer
CardRd81
ccCommon
CCHelp
CCScore
CheckIt Diagnostics
CleanUp!
Click to DVD 1.4.04
Click to DVD Themes
CompuApps SwissKnife V3
Connection Keep Alive
CR2
Creative Audio Console
Creative Media Toolbox
Creative MediaSource
Creative System Information
Creative Vienna SoundFont Studio
Data Lifeguard Tools
Defcon
dirLock
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
Documents To Go
Drag'n Drop CD+DVD
Dreaming of Brazil 3 Beta 6
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVD X Player 4.0 Professional
DVgate Plus
EasyCleaner
eFax Messenger Plus 3.3
eMule
ESSAdpt
ESSANUP
ESSBrwr
ESSCAM
ESSCDBK
ESScore
ESSCT
ESSEMAIL
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSvpaht
ESSvpot
EVEREST Home Edition v2.20
Fast Explorer 2007
File Lock 6.0
FLV Player 1.3.3
Google Earth
GRE POWERPREP
Hardwar
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
Hijackthis 1.99.1
HijackThis 1.99.1
HLPCCTR
HLPIndex
HLPPDOCK
HLPSFO
Homeworld
Homeworld2
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
HP Image Zone 4.0
HP Software Update
ICQ Toolbar
ICQ 5.1
Intel® PRO Network Connections 12.2.41.0
InterVideo DVDCopy 2
InterVideo WinDVD 5 for VAIO
iPIX ActiveX Viewer
iPod for Windows 2005-10-12
iPod for Windows 2005-11-17
iPod for Windows 2006-01-10
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Japanese Language Support
Java™ 6 Update 2
Java™ SE Runtime Environment 6 Update 1
Kodak EasyShare software
KSU
LimeWire 4.12.3
LiveUpdate 2.7 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Macromedia Shockwave Player
MasterSplitter Program
Memory Stick Formatter
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft DirectX 9.0 SDK Update (April 2005)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Office Standard Edition 2003
Microsoft Office XP Media Content
Microsoft Plus! Digital Media Edition
mIRC
Morpheus Toolbar
Motorola Phone Tools
Movielink eHome version 1.1
Mozilla Firefox (1.5.0.8)
Mozilla Firefox (2.0.0.6)
MSN Music Assistant
MSRedist
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
Music Visualizer Library 1.4.00
Nero 7
neroxml
Net Transport 1.94.282
NOD32 Antivirus System
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia PC Suite
Norton Cleanup
Norton Ghost 10.0
Norton Protection Center
Norton SystemWorks
Norton SystemWorks 2006 Premier
Norton SystemWorks 2006 Premier (Symantec Corporation)
Norton Utilities
Notifier
NSW_DRM_COLLECTION
OfotoXMI
OpenMG Metadata Extractor for Windows Media Player
OpenMG Secure Module 3.3.01
OTtBP
OTtBPSDK
overland
Palm
Panda ActiveScan
Paragon Partition Manager 6.0 Demo
Paragon Partition Manager 8.0 Personal Demo
PC Connectivity Solution
PCDADDIN
PCDHELP
PCDLNCH
PerformanceTest v4.0
PGP 8.0
Photosmart 320,370,7400,8100,8400 Series
PictureGear Studio 2.0
PowerArchiver 2004 v9.25
PowerQuest PartitionMagic 8.0 Demo
PrimaScan 2400U
PrimoPDF
PTDD Super Fdisk 1.0
Quicken 2004
QuickTime
Radio365
RealPlayer
Riva FLV Encoder 2.0
R-Studio 3.0
Screenblast ACID 4.0
Screenblast Sound Forge 1.1
SDP Downloader
Security Task Manager 1.6f
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
SFR
SFR2
Sierra Utilities
SoftV92 Data Fax Modem
SonicStage 1.6.00
SonicStage Mastering Studio 1.1
SonicStage Mastering Studio Plugins 1.0
SonicStage MP3 Add-on program
Sony Certificate PCH
Sony TV Tuner Library 1.0
Sony Video Shared Library
Sound Blaster for Media Center
Sound Blaster X-Fi
SPBBC
Spyware Doctor 3.8
SUPERAntiSpyware Free Edition
Swiff Player 1.1
Symantec KB-DocID:2003093015493306
Ulead Burn.Now
Ulead DVD MovieFactory 2 SE
Ulead DVD PictureShow 2 SE
Ulead DVD Player
Ulead VideoStudio 7 SE DVD
Unreal II Special Edition
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
VAIO BrightColor Wallpaper
VAIO Edit Components
VAIO Help and Support
VAIO Media 2.6
VAIO Media Integrated Server 2.6
VAIO Media Redistribution 2.6
VAIO Registration
VAIO Support
VAIO Survey Standalone
VCAMCEN
Video Card Stability Test
VideoLAN VLC media player 0.8.6b
Videora iPod Converter 0.91
Viewpoint Media Player
ViewSonic Monitor Drivers
VPRINTOL
VuePrint
Welcome to VAIO life
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Connect
Windows Media Connect
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB887797
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinPcap 3.1 beta3
WinRAR archiver
WinZip
Write DVD!
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Messenger Explorer Bar
Yahoo! Widget Engine
Yahoo! Widget Engine
ZoneAlarm Security Suite
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Excellent looking a lot better now

Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):

J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java™ SE Runtime Environment 6 Update 1


As you had some grey malware on your system I would like to do a deeper scan

Download WinPFind3u.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind3u on your desktop.
  • Close ALL OTHER PROGRAMS.
  • Open the WinPFind3u folder and double-click on WinPFind3U.exe to start the program.
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in. If, after posting, the last line is not < End of Report > then the log is too big to fit into a single post and you will need to split it into multiple posts.


Also how is your system running now, it might be worth trimming your startups but I will look at that next
  • 0

#7
bigdog1100

bigdog1100

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 280 posts
WinPFind3 logfile created on: 9/13/2007 10:27:38 PM
WinPFind3U by OldTimer - Version 1.0.42 Folder = C:\Documents and Settings\GM2\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)

2.00 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 69.74% Memory free
3.35 Gb Paging File | 2.88 Gb Available in Paging File | 85.87% Paging File free
Paging file location(s): D:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 15.07 Gb Total Space | 0.86 Gb Free Space | 5.70% Space Free
Drive D: | 212.68 Gb Total Space | 45.13 Gb Free Space | 21.22% Space Free
Drive E: | 232.88 Gb Total Space | 38.13 Gb Free Space | 16.37% Space Free
F: Drive not present or media not loaded

Computer Name: SONY
Current User Name: GM2
Logged in as Administrator.
Current Boot Mode: Normal


[Processes - Non-Microsoft Only]
agrsmmsg.exe -> %SystemRoot%\AGRSMMSG.exe -> Agere Systems [Ver = 2.1.46 2.1.46 07/22/2004 13:38:36 | Size = 88361 bytes | Modified Date = 7/22/2004 2:38:38 PM | Attr = ]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4163 | Size = 450560 bytes | Modified Date = 3/14/2007 9:48:40 PM | Attr = ]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4163 | Size = 450560 bytes | Modified Date = 3/14/2007 9:48:40 PM | Attr = ]
bcresident.exe -> D:\Jetico\BestCrypt\BCResident.exe -> Jetico, Inc. [Ver = 2.09.5 | Size = 77824 bytes | Modified Date = 7/15/2004 2:01:10 AM | Attr = ]
bttray.exe -> D:\BTTray.exe -> Broadcom Corporation. [Ver = 5.1.0.1700 | Size = 553021 bytes | Modified Date = 6/7/2006 5:05:38 PM | Attr = ]
btwdins.exe -> D:\bin\btwdins.exe -> Broadcom Corporation. [Ver = 5.1.0.1700 | Size = 266295 bytes | Modified Date = 6/7/2006 4:57:46 PM | Attr = ]
ccapp.exe -> %CommonProgramFiles%\Symantec Shared\ccApp.exe -> Symantec Corporation [Ver = 104.0.1.17 | Size = 52848 bytes | Modified Date = 9/17/2005 3:27:02 AM | Attr = ]
ccc.exe -> %ProgramFiles%\ATI Technologies\ATI.ACE\Core-Static\CCC.exe -> ATI Technologies Inc. [Ver = 2.0.0.0 | Size = 49152 bytes | Modified Date = 9/29/2006 9:57:36 AM | Attr = ]
ccevtmgr.exe -> %CommonProgramFiles%\Symantec Shared\ccEvtMgr.exe -> Symantec Corporation [Ver = 104.0.1.17 | Size = 192112 bytes | Modified Date = 9/17/2005 3:27:06 AM | Attr = ]
ccsetmgr.exe -> %CommonProgramFiles%\Symantec Shared\ccSetMgr.exe -> Symantec Corporation [Ver = 104.0.1.17 | Size = 169584 bytes | Modified Date = 9/17/2005 3:27:12 AM | Attr = ]
ctdetect.exe -> D:\Creative\MediaSource\Detector\CTDetect.exe -> Creative Technology Ltd [Ver = 3.0.2.0 | Size = 102400 bytes | Modified Date = 12/2/2004 7:23:34 PM | Attr = ]
cthelper.exe -> %SystemRoot%\CTHELPER.EXE -> Creative Technology Ltd [Ver = 2, 0, 0, 39 | Size = 17920 bytes | Modified Date = 6/1/2006 11:34:56 AM | Attr = ]
ctsvccda.exe -> %System32%\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 12/12/1999 1:01:00 PM | Attr = ]
ctxfihlp.exe -> %System32%\CTXFIHLP.EXE -> Creative Technology Ltd [Ver = 2, 0, 0, 14 | Size = 18944 bytes | Modified Date = 8/7/2005 6:10:22 PM | Attr = ]
ctxfispi.exe -> %System32%\CTXFISPI.EXE -> Creative Technology Ltd [Ver = 1.0.21.1180 (Beta-Release) | Size = 729600 bytes | Modified Date = 6/1/2006 11:29:38 AM | Attr = ]
dllml.exe -> %ProgramFiles%\Creative\Shared Files\Module Loader\DLLML.exe -> Creative Technology Ltd. [Ver = 1.0.21.0 | Size = 49152 bytes | Modified Date = 6/16/2005 7:25:28 PM | Attr = ]
dvzincmsgr.exe -> %CommonProgramFiles%\DataViz\DvzIncMsgr.exe -> DataViz, Inc. [Ver = 7,0,0,728 | Size = 28672 bytes | Modified Date = 6/14/2006 12:24:38 AM | Attr = ]
ezsp_px.exe -> %System32%\ezSP_Px.exe -> Easy Systems Japan Ltd. [Ver = 1, 0, 0, 0 | Size = 40960 bytes | Modified Date = 8/20/2002 2:29:26 PM | Attr = ]
gearsec.exe -> %System32%\gearsec.exe -> GEAR Software [Ver = 1, 0, 0, 6 | Size = 53248 bytes | Modified Date = 9/14/2005 6:42:48 PM | Attr = ]
ghosttray.exe -> D:\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe -> Symantec Corporation [Ver = 10.0.3.20387 | Size = 1537640 bytes | Modified Date = 4/10/2007 12:01:06 PM | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 5/30/2007 8:31:10 AM | Attr = ]
hpztsb11.exe -> %System32%\spool\drivers\w32x86\3\hpztsb11.exe -> HP [Ver = 2.327.1.0 | Size = 172032 bytes | Modified Date = 4/6/2004 6:28:46 AM | Attr = ]
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 6.0.5.20 | Size = 323584 bytes | Modified Date = 6/14/2006 5:23:58 PM | Attr = ]
ituneshelper.exe -> D:\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 6.0.5.20 | Size = 278528 bytes | Modified Date = 6/14/2006 5:24:14 PM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_02\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 7/12/2007 4:00:36 AM | Attr = ]
kodakccs.exe -> %System32%\drivers\KodakCCS.exe -> Eastman Kodak Company [Ver = 1.1.5100.4 | Size = 322104 bytes | Modified Date = 5/24/2004 12:35:52 PM | Attr = ]
mom.exe -> %ProgramFiles%\ATI Technologies\ATI.ACE\Core-Static\MOM.exe -> ATI Technologies Inc. [Ver = 2.0.0.0 | Size = 49152 bytes | Modified Date = 9/29/2006 9:57:30 AM | Attr = ]
mups.exe -> D:\Belkin Bulldog Plus\MUPS.exe -> [Ver = | Size = 49152 bytes | Modified Date = 7/25/2002 2:41:38 PM | Attr = ]
nclbthandler.exe -> %ProgramFiles%\PC Connectivity Solution\NclBTHandler.exe -> Nokia [Ver = 6, 84, 7, 0 | Size = 86016 bytes | Modified Date = 5/29/2007 12:19:08 PM | Attr = ]
nod32krn.exe -> %ProgramFiles%\ESET\nod32krn.exe -> Eset [Ver = 2, 70, 32 | Size = 552064 bytes | Modified Date = 3/7/2007 2:02:04 AM | Attr = ]
nod32kui.exe -> %ProgramFiles%\ESET\nod32kui.exe -> Eset [Ver = 2, 70, 32 | Size = 949376 bytes | Modified Date = 3/7/2007 2:02:04 AM | Attr = ]
nopdb.exe -> D:\Norton SystemWorks\Norton Utilities\Speed Disk\NOPDB.exe -> Symantec Corporation [Ver = 7.00.0.24 | Size = 176193 bytes | Modified Date = 10/3/2005 5:20:14 PM | Attr = ]
notiman.exe -> %ProgramFiles%\Creative\ShareDLL\CADI\NotiMan.exe -> Creative Technology Ltd. [Ver = 1.0.0.1 | Size = 73728 bytes | Modified Date = 1/14/2005 7:32:44 PM | Attr = ]
pgpsdkserv.exe -> %System32%\PGPsdkServ.exe -> PGP Corporation [Ver = 3.0 | Size = 77824 bytes | Modified Date = 11/26/2002 5:05:04 PM | Attr = ]
pifsvc.exe -> %CommonProgramFiles%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -> Symantec Corporation [Ver = 1.2.0.18 | Size = 517768 bytes | Modified Date = 3/12/2007 6:30:16 PM | Attr = ]
rm_sv.exe -> %ProgramFiles%\Sony\Sony TV Tuner Library\RM_SV.exe -> Sony Corporation [Ver = 5, 5, 0,08131 | Size = 94208 bytes | Modified Date = 8/13/2003 4:07:22 PM | Attr = ]
servicelayer.exe -> %ProgramFiles%\PC Connectivity Solution\ServiceLayer.exe -> Nokia. [Ver = 6, 84, 83, 3 | Size = 300544 bytes | Modified Date = 6/15/2007 4:55:00 PM | Attr = ]
shotkey.exe -> %ProgramFiles%\Sony\sHotKey\SHOTKEY.exe -> Chicony [Ver = 1. 0. 0. 08220 | Size = 45056 bytes | Modified Date = 8/22/2003 1:22:28 PM | Attr = ]
smceman.exe -> %ProgramFiles%\Sony\Sony TV Tuner Library\SMceMan.exe -> Sony Corporation [Ver = 1, 0, 0,08131 | Size = 106496 bytes | Modified Date = 8/13/2003 4:23:00 PM | Attr = ]
spbbcsvc.exe -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> Symantec Corporation [Ver = 2.1.0.4 | Size = 1160848 bytes | Modified Date = 5/11/2006 4:50:20 PM | Attr = ]
symlcsvc.exe -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1.9.1.1080 | Size = 1174152 bytes | Modified Date = 7/22/2007 12:52:22 PM | Attr = ]
tgcmd.exe -> %ProgramFiles%\support.com\client\bin\tgcmd.exe -> Support.com, Inc. [Ver = 5,0,433,0 | Size = 1409024 bytes | Modified Date = 6/23/2003 8:32:54 PM | Attr = ]
upsd.exe -> D:\Belkin Bulldog Plus\upsd.exe -> Delta [Ver = 1.1 | Size = 237568 bytes | Modified Date = 4/6/2004 4:52:08 PM | Attr = ]
vprosvc.exe -> D:\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe -> Symantec Corporation [Ver = 10.0.3.20387 | Size = 2066024 bytes | Modified Date = 4/10/2007 12:01:16 PM | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.42.0 | Size = 322560 bytes | Modified Date = 9/4/2007 10:47:26 AM | Attr = ]

[Win32 Services - Non-Microsoft Only]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4163 | Size = 450560 bytes | Modified Date = 3/14/2007 9:48:40 PM | Attr = ]
(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %System32%\ati2sgag.exe -> [Ver = 5.13.0025 | Size = 520192 bytes | Modified Date = 3/22/2007 9:05:00 PM | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 5/30/2007 8:31:10 AM | Attr = ]
(Brother XP spl Service) BrSplService [Win32_Own | Auto | Stopped] -> %System32%\BRSVC01A.EXE -> brother Industries Ltd [Ver = 1, 0, 0, 2 | Size = 57344 bytes | Modified Date = 11/23/2001 | Attr = ]
(btwdins) Bluetooth Service [Win32_Own | Auto | Running] -> D:\bin\btwdins.exe -> Broadcom Corporation. [Ver = 5.1.0.1700 | Size = 266295 bytes | Modified Date = 6/7/2006 4:57:46 PM | Attr = ]
(BW) BW [Win32_Own | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\GM2\LOCALS~1\Temp\BW.exe -> File not found
(ccEvtMgr) Symantec Event Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccEvtMgr.exe -> Symantec Corporation [Ver = 104.0.1.17 | Size = 192112 bytes | Modified Date = 9/17/2005 3:27:06 AM | Attr = ]
(ccSetMgr) Symantec Settings Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSetMgr.exe -> Symantec Corporation [Ver = 104.0.1.17 | Size = 169584 bytes | Modified Date = 9/17/2005 3:27:12 AM | Attr = ]
(Creative Service for CDROM Access) Creative Service for CDROM Access [Win32_Own | Auto | Running] -> %System32%\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 12/12/1999 1:01:00 PM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 3:56:48 AM | Attr = ]
(GEARSecurity) GEARSecurity [Win32_Own | Auto | Running] -> %System32%\gearsec.exe -> GEAR Software [Ver = 1, 0, 0, 6 | Size = 53248 bytes | Modified Date = 9/14/2005 6:42:48 PM | Attr = ]
(HP Port Resolver) HP Port Resolver [Win32_Own | On_Demand | Stopped] -> %System32%\hpbpro.exe -> Hewlett-Packard Company [Ver = 1, 0, 45, 0 | Size = 77824 bytes | Modified Date = 3/1/2004 3:40:52 AM | Attr = R ]
(HP Status Server) HP Status Server [Win32_Own | On_Demand | Stopped] -> %System32%\hpboid.exe -> Hewlett-Packard Company [Ver = 1, 0, 45, 0 | Size = 73728 bytes | Modified Date = 3/1/2004 3:40:52 AM | Attr = R ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/4/2005 12:41:10 AM | Attr = ]
(iPodService) iPodService [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 6.0.5.20 | Size = 323584 bytes | Modified Date = 6/14/2006 5:23:58 PM | Attr = ]
(KodakCCS) Kodak Camera Connection Software [Win32_Own | Auto | Running] -> %System32%\drivers\KodakCCS.exe -> Eastman Kodak Company [Ver = 1.1.5100.4 | Size = 322104 bytes | Modified Date = 5/24/2004 12:35:52 PM | Attr = ]
(LiveUpdate Notice Service) LiveUpdate Notice Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -> Symantec Corporation [Ver = 1.2.0.18 | Size = 517768 bytes | Modified Date = 3/12/2007 6:30:16 PM | Attr = ]
(NBService) NBService [Win32_Own | On_Demand | Stopped] -> D:\Nero 7\Nero BackItUp\NBService.exe -> Nero AG [Ver = 2, 10, 3, 2 | Size = 800040 bytes | Modified Date = 6/29/2007 7:16:56 PM | Attr = ]
(NMIndexingService) NMIndexingService [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Ahead\Lib\NMIndexingService.exe -> Nero AG [Ver = 2,0,16,0 | Size = 279848 bytes | Modified Date = 6/27/2007 7:04:00 PM | Attr = ]
(NOD32krn) NOD32 Kernel Service [Win32_Own | Auto | Running] -> %ProgramFiles%\ESET\nod32krn.exe -> Eset [Ver = 2, 70, 32 | Size = 552064 bytes | Modified Date = 3/7/2007 2:02:04 AM | Attr = ]
(Norton Ghost) Norton Ghost [Win32_Own | Auto | Running] -> D:\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe -> Symantec Corporation [Ver = 10.0.3.20387 | Size = 2066024 bytes | Modified Date = 4/10/2007 12:01:16 PM | Attr = ]
(NProtectService) Norton UnErase Protection [Win32_Own | Disabled | Stopped] -> D:\Norton SystemWorks\Norton Utilities\NPROTECT.EXE -> Symantec Corporation [Ver = 19.0.0.48 | Size = 95832 bytes | Modified Date = 10/3/2005 5:50:20 PM | Attr = ]
(NSCService) Norton Protection Center Service [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Symantec Shared\Security Console\NSCSRVCE.EXE -> Symantec Corporation [Ver = 2006.1.8.2 | Size = 750720 bytes | Modified Date = 12/15/2006 1:36:28 PM | Attr = ]
(PGPsdkServ) PGPsdkService [Win32_Own | Auto | Running] -> %System32%\PGPsdkServ.exe -> PGP Corporation [Ver = 3.0 | Size = 77824 bytes | Modified Date = 11/26/2002 5:05:04 PM | Attr = ]
(Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | On_Demand | Stopped] -> %System32%\HPZipm12.exe -> HP [Ver = 8, 0, 0, 0 | Size = 65536 bytes | Modified Date = 3/18/2004 5:55:48 PM | Attr = ]
(rpcapd) Remote Packet Capture Protocol v.0 (experimental) [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\WinPcap\rpcapd.exe -> NetGroup - Politecnico di Torino [Ver = 3, 1, 0, 23 | Size = 86016 bytes | Modified Date = 5/14/2004 1:02:46 PM | Attr = ]
(SDhelper) PC Tools Spyware Doctor [Win32_Own | Disabled | Stopped] -> D:\Spyware Doctor\sdhelp.exe -> PC Tools Research Pty Ltd [Ver = 3.6.0.2026 | Size = 895088 bytes | Modified Date = 11/6/2006 11:17:58 PM | Attr = ]
(ServiceLayer) ServiceLayer [Win32_Own | On_Demand | Running] -> %ProgramFiles%\PC Connectivity Solution\ServiceLayer.exe -> Nokia. [Ver = 6, 84, 83, 3 | Size = 300544 bytes | Modified Date = 6/15/2007 4:55:00 PM | Attr = ]
(SonicStageMonitoring) SonicStageMonitoring [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Sony Shared\WMPlugIn\SonicStageMonitoring.exe -> Sony Corporation [Ver = 1, 0, 0, 09121 | Size = 135168 bytes | Modified Date = 9/12/2003 10:27:46 PM | Attr = ]
(Sony TV Tuner Controller) Sony TV Tuner Controller [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Sony\Sony TV Tuner Library\halsv.exe -> Sony Corporation [Ver = 5.5.03.08131 | Size = 118784 bytes | Modified Date = 8/13/2003 4:10:04 PM | Attr = ]
(Sony TV Tuner Manager) Sony TV Tuner Manager [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Sony\Sony TV Tuner Library\RM_SV.exe -> Sony Corporation [Ver = 5, 5, 0,08131 | Size = 94208 bytes | Modified Date = 8/13/2003 4:07:22 PM | Attr = ]
(Sony TVTA Manager) Sony TVTA Manager [Win32_Own | Auto | Running] -> %ProgramFiles%\Sony\Sony TV Tuner Library\SMceMan.exe -> Sony Corporation [Ver = 1, 0, 0,08131 | Size = 106496 bytes | Modified Date = 8/13/2003 4:23:00 PM | Attr = ]
(SPBBCSvc) SPBBCSvc [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> Symantec Corporation [Ver = 2.1.0.4 | Size = 1160848 bytes | Modified Date = 5/11/2006 4:50:20 PM | Attr = ]
(Speed Disk service) Speed Disk service [Win32_Own | Auto | Running] -> D:\Norton SystemWorks\Norton Utilities\Speed Disk\NOPDB.exe -> Symantec Corporation [Ver = 7.00.0.24 | Size = 176193 bytes | Modified Date = 10/3/2005 5:20:14 PM | Attr = ]
(Symantec Core LC) Symantec Core LC [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1.9.1.1080 | Size = 1174152 bytes | Modified Date = 7/22/2007 12:52:22 PM | Attr = ]
(UPSentry_Smart) UPS - UPSentry Service [Win32_Own | Auto | Running] -> D:\Belkin Bulldog Plus\upsd.exe -> Delta [Ver = 1.1 | Size = 237568 bytes | Modified Date = 4/6/2004 4:52:08 PM | Attr = ]
(VAIOMediaPlatform-MusicServer-AppServer) VAIO Media Music Server [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Music\SSSvr.exe -> Sony Corporation [Ver = 2.6.00.10031 | Size = 503897 bytes | Modified Date = 10/20/2003 9:00:08 PM | Attr = ]
(VAIOMediaPlatform-MusicServer-HTTP) VAIO Media Music Server (HTTP) [Win32_Shared | Disabled | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -> Sony Corporation [Ver = 2.6.00.06090 | Size = 57344 bytes | Modified Date = 10/20/2003 9:00:38 PM | Attr = ]
(VAIOMediaPlatform-MusicServer-UPnP) VAIO Media Music Server (UPnP) [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -> Sony Corporation [Ver = 4.0.00.10030 | Size = 712704 bytes | Modified Date = 10/20/2003 9:00:40 PM | Attr = ]
(VAIOMediaPlatform-PhotoServer-AppServer) VAIO Media Photo Server [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Photo\appsrv\PhotoAppSrv.exe -> Sony Corporation [Ver = 2, 6, 0,08280 | Size = 925696 bytes | Modified Date = 10/20/2003 9:00:14 PM | Attr = ]
(VAIOMediaPlatform-PhotoServer-HTTP) VAIO Media Photo Server (HTTP) [Win32_Shared | Disabled | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -> Sony Corporation [Ver = 2.6.00.06090 | Size = 57344 bytes | Modified Date = 10/20/2003 9:00:38 PM | Attr = ]
(VAIOMediaPlatform-PhotoServer-UPnP) VAIO Media Photo Server (UPnP) [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -> Sony Corporation [Ver = 4.0.00.10030 | Size = 712704 bytes | Modified Date = 10/20/2003 9:00:40 PM | Attr = ]
(VAIOMediaPlatform-VideoServer-AppServer) VAIO Media Video Server [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe -> Sony Corporation [Ver = 2, 6, 00, 06050 | Size = 1286144 bytes | Modified Date = 10/20/2003 9:00:56 PM | Attr = ]
(VAIOMediaPlatform-VideoServer-HTTP) VAIO Media Video Server (HTTP) [Win32_Shared | Disabled | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -> Sony Corporation [Ver = 2.6.00.06090 | Size = 57344 bytes | Modified Date = 10/20/2003 9:00:38 PM | Attr = ]
(VAIOMediaPlatform-VideoServer-UPnP) VAIO Media Video Server (UPnP) [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -> Sony Corporation [Ver = 4.0.00.10030 | Size = 712704 bytes | Modified Date = 10/20/2003 9:00:40 PM | Attr = ]
(vsmon) TrueVector Internet Monitor [Win32_Own | Auto | Stopped] -> %System32%\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 75568 bytes | Modified Date = 3/9/2007 1:01:58 AM | Attr = ]
(WmcCds) Windows Media Connect (WMC) [Win32_Own | Unknown | Stopped] -> -> File not found

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
AGRSMMSG -> %SystemRoot%\AGRSMMSG.exe -> Agere Systems [Ver = 2.1.46 2.1.46 07/22/2004 13:38:36 | Size = 88361 bytes | Modified Date = 7/22/2004 2:38:38 PM | Attr = ]
AudioDrvEmulator -> %ProgramFiles%\Creative\Shared Files\Module Loader\DLLML.exe -> Creative Technology Ltd. [Ver = 1.0.21.0 | Size = 49152 bytes | Modified Date = 6/16/2005 7:25:28 PM | Attr = ]
ccApp -> %CommonProgramFiles%\Symantec Shared\ccApp.exe -> Symantec Corporation [Ver = 104.0.1.17 | Size = 52848 bytes | Modified Date = 9/17/2005 3:27:02 AM | Attr = ]
CTHelper -> %SystemRoot%\CTHELPER.EXE -> Creative Technology Ltd [Ver = 2, 0, 0, 39 | Size = 17920 bytes | Modified Date = 6/1/2006 11:34:56 AM | Attr = ]
CTxfiHlp -> %System32%\CTXFIHLP.EXE -> Creative Technology Ltd [Ver = 2, 0, 0, 14 | Size = 18944 bytes | Modified Date = 8/7/2005 6:10:22 PM | Attr = ]
ezShieldProtector for Px -> %System32%\ezSP_Px.exe -> Easy Systems Japan Ltd. [Ver = 1, 0, 0, 0 | Size = 40960 bytes | Modified Date = 8/20/2002 2:29:26 PM | Attr = ]
HPDJ Taskbar Utility -> %System32%\spool\drivers\w32x86\3\hpztsb11.exe -> HP [Ver = 2.327.1.0 | Size = 172032 bytes | Modified Date = 4/6/2004 6:28:46 AM | Attr = ]
iTunesHelper -> D:\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 6.0.5.20 | Size = 278528 bytes | Modified Date = 6/14/2006 5:24:14 PM | Attr = ]
NeroFilterCheck -> %CommonProgramFiles%\Ahead\Lib\NeroCheck.exe -> Nero AG [Ver = 1, 0, 0, 6 | Size = 153136 bytes | Modified Date = 3/1/2007 3:57:24 PM | Attr = ]
nod32kui -> %ProgramFiles%\ESET\nod32kui.exe -> Eset [Ver = 2, 70, 32 | Size = 949376 bytes | Modified Date = 3/7/2007 2:02:04 AM | Attr = ]
Norton Ghost 10.0 -> D:\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe -> Symantec Corporation [Ver = 10.0.3.20387 | Size = 1537640 bytes | Modified Date = 4/10/2007 12:01:06 PM | Attr = ]
PCSuiteTrayApplication -> D:\Nokia\Nokia PC Suite 6\LaunchApplication.exe -> Nokia [Ver = 6, 84, 78, 3 | Size = 271360 bytes | Modified Date = 6/18/2007 3:10:32 PM | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 10/25/2006 7:58:18 PM | Attr = ]
RCSystem -> %ProgramFiles%\Creative\Shared Files\Module Loader\DLLML.exe -> Creative Technology Ltd. [Ver = 1.0.21.0 | Size = 49152 bytes | Modified Date = 6/16/2005 7:25:28 PM | Attr = ]
sHotKey -> %ProgramFiles%\Sony\sHotKey\SHOTKEY.exe -> Chicony [Ver = 1. 0. 0. 08220 | Size = 45056 bytes | Modified Date = 8/22/2003 1:22:28 PM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_02\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 7/12/2007 4:00:36 AM | Attr = ]
Symantec PIF AlertEng -> %CommonProgramFiles%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -> Symantec Corporation [Ver = 1.2.0.18 | Size = 517768 bytes | Modified Date = 3/12/2007 6:30:16 PM | Attr = ]
VAIO Recovery -> %SystemRoot%\SONYSYS\VAIO Recovery\PartSeal.exe -> Sony Electronics Inc [Ver = 1.0.2 | Size = 28672 bytes | Modified Date = 4/20/2003 1:08:44 AM | Attr = ]
VolPanel -> D:\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe -> Creative Technology Ltd [Ver = 1.0.21.0 | Size = 122880 bytes | Modified Date = 7/11/2005 12:34:06 PM | Attr = ]
ZoneAlarm Client -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 7.0.337.000 | Size = 919280 bytes | Modified Date = 3/9/2007 1:02:00 AM | Attr = ]
ZTgServerSwitch -> %ProgramFiles%\support.com\client\bin\tgcmd.exe -> Support.com, Inc. [Ver = 5,0,433,0 | Size = 1409024 bytes | Modified Date = 6/23/2003 8:32:54 PM | Attr = ]
< RunOnceEx [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx ->
-> -> File not found
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
Creative Detector -> D:\Creative\MediaSource\Detector\CTDetect.exe -> Creative Technology Ltd [Ver = 3.0.2.0 | Size = 102400 bytes | Modified Date = 12/2/2004 7:23:34 PM | Attr = ]
SetDefaultMIDI -> %SystemRoot%\MIDIDEF.EXE -> Creative Technology Ltd [Ver = 2, 9, 0, 6 | Size = 25600 bytes | Modified Date = 8/7/2005 5:51:58 PM | Attr = ]
StartCCC -> %ProgramFiles%\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe -> [Ver = | Size = 90112 bytes | Modified Date = 11/10/2006 12:35:24 PM | Attr = ]
Steam -> -> File not found
updateMgr -> D:\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe -> Adobe Systems Incorporated [Ver = 3.1.0.10 | Size = 313472 bytes | Modified Date = 3/30/2006 4:45:08 PM | Attr = ]
< Common Startup > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersStartup%\BestCrypt Auto Open.lnk -> D:\Jetico\BestCrypt\BestCrypt.exe -> Jetico, Inc. [Ver = 7.11.03 | Size = 704512 bytes | Modified Date = 1/26/2005 2:28:30 AM | Attr = ]
%AllUsersStartup%\Bluetooth.lnk -> D:\BTTray.exe -> Broadcom Corporation. [Ver = 5.1.0.1700 | Size = 553021 bytes | Modified Date = 6/7/2006 5:05:38 PM | Attr = ]
%AllUsersStartup%\DataViz Inc Messenger.lnk -> %CommonProgramFiles%\DataViz\DvzIncMsgr.exe -> DataViz, Inc. [Ver = 7,0,0,728 | Size = 28672 bytes | Modified Date = 6/14/2006 12:24:38 AM | Attr = ]
%AllUsersStartup%\HOTSYNCSHORTCUTNAME.lnk -> D:\Palm\Hotsync.exe -> PalmSource, Inc [Ver = 6.0.1 | Size = 471040 bytes | Modified Date = 6/9/2004 2:27:34 PM | Attr = ]
%AllUsersStartup%\Kodak software updater.lnk -> %ProgramFiles%\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe -> [Ver = | Size = 16423 bytes | Modified Date = 2/13/2004 2:12:08 PM | Attr = ]
%AllUsersStartup%\MUPS.lnk -> D:\Belkin Bulldog Plus\MUPS.exe -> [Ver = | Size = 49152 bytes | Modified Date = 7/25/2002 2:41:38 PM | Attr = ]
< User Startup > -> C:\Documents and Settings\GM2\Start Menu\Programs\Startup ->
%UserStartup%\HotSync Manager.LNK -> D:\Palm\Hotsync.exe -> PalmSource, Inc [Ver = 6.0.1 | Size = 471040 bytes | Modified Date = 6/9/2004 2:27:34 PM | Attr = ]
%UserStartup%\Yahoo! Widget Engine.lnk -> D:\Yahoo!Widgets\WidgetEngine\YahooWidgetEngine.exe -> Yahoo! Inc. [Ver = 3.1.4 | Size = 1806336 bytes | Modified Date = 5/23/2006 5:17:00 PM | Attr = ]
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 5/30/2007 8:29:58 AM | Attr = ]
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKLM] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 12/20/2006 12:55:48 PM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
!SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.DLL -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1046 | Size = 294912 bytes | Modified Date = 9/3/2007 1:40:30 PM | Attr = ]
AtiExtEvent -> %System32%\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4162 | Size = 114688 bytes | Modified Date = 3/14/2007 9:50:00 PM | Attr = ]
WRNotifier -> WRLogonNTF.dll -> File not found
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 153 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\comdlg32\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoViewOnDrive -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSecurityTab -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> ->
< HOSTS File > (771 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1 localhost -> ->
-> ->
192.168.1.3 HP000F20D30E17 -> ->
< Internet Explorer Settings > -> ->
HKLM: Default_Page_URL -> http://go.microsoft....k/?LinkId=69157 ->
HKLM: Main\\Default_Search_URL -> http://go.microsoft....k/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Bar -> http://ie.search.msn...st/srchasst.htm ->
HKLM: Search Page -> http://go.microsoft....k/?LinkId=54896 ->
HKLM: Start Page -> http://www.microsoft...p...ER}&ar=home ->
HKLM: CustomizeSearch -> http://ie.search.msn...st/srchcust.htm ->
HKLM: SearchAssistant -> http://ie.search.msn...st/srchasst.htm ->
HKCU: Search Bar -> http://google.icq.co...earch_frame.php ->
HKCU: Search Page -> http://google.icq.com ->
HKCU: Start Page -> http://www.google.com/ ->
HKCU: CustomizeSearch -> http://ie.search.msn...st/srchcust.htm ->
HKCU: SearchAssistant -> http://ie.search.msn...st/srchasst.htm ->
HKCU: URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} [HKLM] -> D:\ICQToolbar\toolbaru.dll [ICQ Toolbar] -> ICQ Inc. [Ver = 1, 0, 10, 17 | Size = 446464 bytes | Modified Date = 1/19/2005 8:16:34 AM | Attr = ]
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> D:\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.7.2006011200 | Size = 63128 bytes | Modified Date = 1/12/2006 8:38:22 PM | Attr = ]
{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} [HKLM] -> D:\Spyware Doctor\tools\iesdsg.dll [PCTools Site Guard] -> PC Tools [Ver = 3.6.0.2071 | Size = 825528 bytes | Modified Date = 8/6/2006 8:54:26 PM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 7/12/2007 4:00:36 AM | Attr = ]
{B56A7D7D-6927-48C8-A975-17DF180C71AC} [HKLM] -> D:\Spyware Doctor\tools\iesdpb.dll [PCTools Browser Monitor] -> PC Tools [Ver = 3.6.0.2283 | Size = 850104 bytes | Modified Date = 9/26/2006 7:25:10 AM | Attr = ]
{C56CB6B0-0D96-11D6-8C65-B2868B609932} [HKLM] -> d:\Xi\NetTransport 2\NTIEHelper.dll [NTIECatcher Class] -> Xi [Ver = 1.94.12 | Size = 49152 bytes | Modified Date = 9/8/2005 8:48:58 PM | Attr = ]
{E552EEFC-DE97-45D4-BA1A-F534A1B4A579} [HKLM] -> %ProgramFiles%\Morpheus Toolbar\tbu70E\morpheustoolbar.dll [XBTBPos00 Class] -> Streamcast Networks, Inc [Ver = 1, 0, 0, 4 | Size = 509552 bytes | Modified Date = 11/15/2006 1:34:18 PM | Attr = ]
< Internet Explorer Bars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> D:\Yahoo!\Messenger\yhexbmes0521.dll [&Yahoo! Messenger] -> Yahoo! Inc. [Ver = 2004, 5, 21, 2 | Size = 320656 bytes | Modified Date = 1/21/2005 11:45:42 PM | Attr = ]
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> D:\Yahoo!\Messenger\yhexbmes0521.dll [&Yahoo! Messenger] -> Yahoo! Inc. [Ver = 2004, 5, 21, 2 | Size = 320656 bytes | Modified Date = 1/21/2005 11:45:42 PM | Attr = ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{119DBEDA-9c41-4F97-94B4-B6BCD01133CF} [HKLM] -> %ProgramFiles%\Morpheus Toolbar\tbu70E\morpheustoolbar.dll [Morpheus Toolbar] -> Streamcast Networks, Inc [Ver = 1, 0, 0, 4 | Size = 509552 bytes | Modified Date = 11/15/2006 1:34:18 PM | Attr = ]
{855F3B16-6D32-4fe6-8A56-BBB695989046} [HKLM] -> D:\ICQToolbar\toolbaru.dll [ICQ Toolbar] -> ICQ Inc. [Ver = 1, 0, 10, 17 | Size = 446464 bytes | Modified Date = 1/19/2005 8:16:34 AM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{119DBEDA-9C41-4F97-94B4-B6BCD01133CF} [HKLM] -> %ProgramFiles%\Morpheus Toolbar\tbu70E\morpheustoolbar.dll [Morpheus Toolbar] -> Streamcast Networks, Inc [Ver = 1, 0, 0, 4 | Size = 509552 bytes | Modified Date = 11/15/2006 1:34:18 PM | Attr = ]
WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_02\bin\npjpi160_02.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 7/12/2007 4:00:36 AM | Attr = ]
{119DBEDA-9c41-4F97-94B4-B6BCD01133CF} -> Reg Data - Value does not exist [ButtonText: Morpheus Toolbar] -> File not found
{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -> Reg Data - Value does not exist [ButtonText: Spyware Doctor] -> File not found
{4528BBE0-4E08-11D5-AD55-00010333D0AD} -> Reg Data - Value does not exist [ButtonText: Messenger] -> File not found
{5E638779-1818-4754-A595-EF1C63B87A56} -> D:\Norton SystemWorks\Norton Cleanup\WCQuick.lnk [ButtonText: Express Cleanup] -> [Ver = | Size = 650 bytes | Modified Date = 12/28/2006 1:08:06 AM | Attr = ]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -> D:\AIM\aim.exe [ButtonText: AIM] -> America Online, Inc. [Ver = 5.9.6089 | Size = 67112 bytes | Modified Date = 8/1/2006 3:35:36 PM | Attr = ]
{B863453A-26C3-4e1f-A54D-A2CD196348E9} -> D:\ICQLite\ICQLite.exe [ButtonText: ICQ Lite] -> ICQ Ltd. [Ver = 20, 52, 2573, 0 | Size = 3144800 bytes | Modified Date = 7/11/2006 6:06:40 AM | Attr = ]
{CCA281CA-C863-46ef-9331-5C8D4460577F} -> D:\btsendto_ie.htm [ButtonText: @btrez.dll,-4015] -> [Ver = | Size = 2681 bytes | Modified Date = 5/29/2003 1:53:08 PM | Attr = ]
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&ICQ Toolbar Search -> D:\ICQToolbar\toolbaru.dll\SEARCH.HTM -> File not found
Download all by Net Transport -> D:\Xi\NetTransport 2\NTAddList.htm -> File not found
Download by Net Transport -> D:\Xi\NetTransport 2\NTAddLink.htm -> File not found
E&xport to Microsoft Excel -> -> File not found
Send to &Bluetooth Device... -> D:\btsendto_ie_ctx.htm -> [Ver = | Size = 1320 bytes | Modified Date = 5/29/2003 1:53:12 PM | Attr = ]
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform ->
MRA 4.6 (build 01425) -> ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{749095BC-B307-4B21-9616-19A2BAE02D48} -> (1394 Net Adapter) ->
{DF87B2C8-200D-4C61-8398-1737D6B0853F} -> (D-Link DFE-538TX 10/100 Adapter) ->
{EAD8FFCC-D71F-4C0B-8F4A-194B479C151B} -> () ->
{ECD03945-8039-42F5-8FCC-01110A82CB20} -> (Intel® PRO/1000 CT Network Connection) ->
< Winsock2 Catalogs [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
Protocol_Catalog9\Catalog_Entries0000000001 -> %System32%\imon.dll -> Eset [Ver = 2, 70, 32 | Size = 298104 bytes | Modified Date = 3/7/2007 2:02:04 AM | Attr = ]
Protocol_Catalog9\Catalog_Entries0000000002 -> %System32%\imon.dll -> Eset [Ver = 2, 70, 32 | Size = 298104 bytes | Modified Date = 3/7/2007 2:02:04 AM | Attr = ]
Protocol_Catalog9\Catalog_Entries0000000003 -> %System32%\imon.dll -> Eset [Ver = 2, 70, 32 | Size = 298104 bytes | Modified Date = 3/7/2007 2:02:04 AM | Attr = ]
Protocol_Catalog9\Catalog_Entries0000000004 -> %System32%\imon.dll -> Eset [Ver = 2, 70, 32 | Size = 298104 bytes | Modified Date = 3/7/2007 2:02:04 AM | Attr = ]
Protocol_Catalog9\Catalog_Entries0000000005 -> %System32%\imon.dll -> Eset [Ver = 2, 70, 32 | Size = 298104 bytes | Modified Date = 3/7/2007 2:02:04 AM | Attr = ]
Protocol_Catalog9\Catalog_Entries0000000023 -> %System32%\imon.dll -> Eset [Ver = 2, 70, 32 | Size = 298104 bytes | Modified Date = 3/7/2007 2:02:04 AM | Attr = ]
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
cetihpz -> %ProgramFiles%\HP\hpcoretech\comp\hpuiprot.dll -> Hewlett-Packard Company [Ver = 2.1.6.2 | Size = 81920 bytes | Modified Date = 1/12/2005 3:54:56 PM | Attr = ]
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{04E214E5-63AF-4236-83C6-A7ADCBF9BD02} -> HouseCall Control - CodeBase = http://housecall60.t...all/xscan60.cab ->
{0A5FD7C5-A45C-49FC-ADB5-9952547D5715} -> Creative Software AutoUpdate - CodeBase = http://www.creative....007/CTSUEng.cab ->
{11260943-421B-11D0-8EAC-0000C07D88CF} -> iPIX ActiveX Control - CodeBase = http://www.ipix.com/viewers/ipixx.cab ->
{166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://fpdownload.ma...director/sw.cab ->
{17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://go.microsoft....467&clcid=0x409 ->
{1F2F4C9E-6F09-47BC-970D-3C54734667FE} -> - CodeBase = https://www-secure.s...rl/LSSupCtl.cab ->
{2359626E-7524-4F87-B04E-22CD38A0C88C} -> ICSScannerLight Class - CodeBase = http://download.zone...ee/cm/ICSCM.cab ->
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -> Symantec AntiVirus scanner - CodeBase = http://security.syma...bin/AvSniff.cab ->
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -> Office Update Installation Engine - CodeBase = http://office.micros...ntent/opuc3.cab ->
{556DDE35-E955-11D0-A707-000000521957} -> - CodeBase = http://www.xblock.co...clean_micro.exe ->
{644E432F-49D3-41A1-8DD5-E099162EEEC5} -> Symantec RuFSI Utility Class - CodeBase = http://security.syma...n/bin/cabsa.cab ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://update.micros...b?1143319472500 ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.6.0_02 - CodeBase = http://java.sun.com/...indows-i586.cab ->
{938527D1-CDB7-4147-998A-B20FCA5CC976} -> Cdmcco Class - CodeBase = http://cafeimg.hanma...ab9_1/dmcc2.cab ->
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> ActiveScan Installer Class - CodeBase = http://acs.pandasoft...free/asinst.cab ->
{B49C4597-8721-4789-9250-315DFBD9F525} -> IWinAmpActiveX Class - CodeBase = http://cdn.digitalci....1.11_en_dl.cab ->
{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} -> Java Plug-in 1.4.0 - CodeBase = http://java.sun.com/...indows-i586.cab ->
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_02 - CodeBase = http://java.sun.com/...indows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_02 - CodeBase = http://java.sun.com/...indows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://fpdownload.ma...ent/swflash.cab ->
{D54160C3-DB7B-4534-9B65-190EE4A9C7F7} -> SproutLauncherCtrl Class - CodeBase = http://real.gamehous...outLauncher.cab ->
{F6ACF75C-C32C-447B-9BEF-46B766368D29} -> Creative Software AutoUpdate Support Package - CodeBase = http://www.creative....15008/CTPID.cab ->


[Files/Folders - Created Within 30 days]
DVR107D -> %SystemDrive%\DVR107D -> [Folder | Created Date = 8/18/2007 2:32:17 PM | Attr = ]
$NtUninstallKB921503$ -> %SystemRoot%\$NtUninstallKB921503$ -> [Folder | Created Date = 8/17/2007 3:43:29 PM | Attr = H ]
$NtUninstallKB933360$ -> %SystemRoot%\$NtUninstallKB933360$ -> [Folder | Created Date = 9/3/2007 8:49:16 PM | Attr = H ]
$NtUninstallKB936021$ -> %SystemRoot%\$NtUninstallKB936021$ -> [Folder | Created Date = 8/17/2007 3:45:10 PM | Attr = H ]
$NtUninstallKB936782_WMP10$ -> %SystemRoot%\$NtUninstallKB936782_WMP10$ -> [Folder | Created Date = 8/17/2007 3:40:49 PM | Attr = H ]
$NtUninstallKB938828$ -> %SystemRoot%\$NtUninstallKB938828$ -> [Folder | Created Date = 8/17/2007 3:44:58 PM | Attr = H ]
$NtUninstallKB938829$ -> %SystemRoot%\$NtUninstallKB938829$ -> [Folder | Created Date = 8/17/2007 3:43:19 PM | Attr = H ]
HPHins03.dat.temp -> %SystemRoot%\HPHins03.dat.temp -> [Ver = | Size = 93870 bytes | Created Date = 9/6/2007 3:32:20 PM | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 69 bytes | Created Date = 8/17/2007 10:21:14 PM | Attr = ]
ActiveScan -> %System32%\ActiveScan -> [Folder | Created Date = 9/3/2007 4:05:00 PM | Attr = ]
AdvrCntr2D6E0B790.dll -> %System32%\AdvrCntr2D6E0B790.dll -> Nero AG [Ver = 10,1,1, 10900 | Size = 3073320 bytes | Created Date = 8/19/2007 6:39:32 PM | Attr = ]
asuninst.exe -> %System32%\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 | Size = 73728 bytes | Created Date = 9/3/2007 4:06:01 PM | Attr = ]
DRVSTORE -> %System32%\DRVSTORE -> [Folder | Created Date = 8/29/2007 10:40:05 PM | Attr = ]
Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Created Date = 9/3/2007 4:05:05 PM | Attr = ]
NEROINSTAEC43759.DB -> %System32%\NEROINSTAEC43759.DB -> [Ver = | Size = 638976 bytes | Created Date = 8/19/2007 6:35:12 PM | Attr = ]
nmwcdcls.dll -> %System32%\nmwcdcls.dll -> Nokia [Ver = 6.83.6.0 | Size = 90624 bytes | Created Date = 8/29/2007 10:39:56 PM | Attr = ]
pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Created Date = 9/3/2007 4:05:04 PM | Attr = ]
SetupBD.din -> %System32%\SetupBD.din -> [Ver = | Size = 1904 bytes | Created Date = 8/15/2007 10:29:59 PM | Attr = ]
ShellManager10E2D762.dll -> %System32%\ShellManager10E2D762.dll -> Nero AG [Ver = 7.10.1.1 | Size = 996648 bytes | Created Date = 8/19/2007 6:35:11 PM | Attr = ]
Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Created Date = 9/3/2007 4:05:06 PM | Attr = ]
ZPORT4AS.dll -> %System32%\ZPORT4AS.dll -> [Ver = | Size = 11776 bytes | Created Date = 9/3/2007 4:06:00 PM | Attr = ]
AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 9/3/2007 10:50:50 AM | Attr = ]

[Files/Folders - Modified Within 30 days]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 213 bytes | Modified Date = 8/26/2007 9:35:16 PM | Attr = HS]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 9/13/2007 10:13:06 PM | Attr = H ]
DVR107D -> %SystemDrive%\DVR107D -> [Folder | Modified Date = 8/18/2007 3:32:18 PM | Attr = ]
EasyShare.dmp -> %SystemDrive%\EasyShare.dmp -> [Ver = | Size = 65454 bytes | Modified Date = 9/6/2007 5:31:06 PM | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 9/13/2007 2:54:28 PM | Attr = ]
temp -> %SystemDrive%\temp -> [Folder | Modified Date = 9/12/2007 1:43:24 PM | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 9/13/2007 12:32:34 PM | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 9/3/2007 9:45:42 PM | Attr = H ]
$NtUninstallKB824141$ -> %SystemRoot%\$NtUninstallKB824141$ -> [Folder | Modified Date = 9/3/2007 6:46:10 PM | Attr = H ]
$NtUninstallKB826939$ -> %SystemRoot%\$NtUninstallKB826939$ -> [Folder | Modified Date = 9/3/2007 6:46:36 PM | Attr = H ]
$NtUninstallKB828035$ -> %SystemRoot%\$NtUninstallKB828035$ -> [Folder | Modified Date = 9/3/2007 6:46:38 PM | Attr = H ]
$NtUninstallKB921503$ -> %SystemRoot%\$NtUninstallKB921503$ -> [Folder | Modified Date = 8/17/2007 4:43:32 PM | Attr = H ]
$NtUninstallKB933360$ -> %SystemRoot%\$NtUninstallKB933360$ -> [Folder | Modified Date = 9/3/2007 9:49:18 PM | Attr = H ]
$NtUninstallKB936021$ -> %SystemRoot%\$NtUninstallKB936021$ -> [Folder | Modified Date = 8/17/2007 4:45:12 PM | Attr = H ]
$NtUninstallKB936782_WMP10$ -> %SystemRoot%\$NtUninstallKB936782_WMP10$ -> [Folder | Modified Date = 8/17/2007 4:40:52 PM | Attr = H ]
$NtUninstallKB938828$ -> %SystemRoot%\$NtUninstallKB938828$ -> [Folder | Modified Date = 8/17/2007 4:45:00 PM | Attr = H ]
$NtUninstallKB938829$ -> %SystemRoot%\$NtUninstallKB938829$ -> [Folder | Modified Date = 8/17/2007 4:43:22 PM | Attr = H ]
$NtUninstallQ828026$ -> %SystemRoot%\$NtUninstallQ828026$ -> [Folder | Modified Date = 9/3/2007 6:47:50 PM | Attr = H ]
AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 9/3/2007 6:47:50 PM | Attr = ]
assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 9/3/2007 6:48:34 PM | Attr = R S]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 9/13/2007 12:32:02 PM | Attr = S]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 9/3/2007 6:52:18 PM | Attr = S]
eHome -> %SystemRoot%\eHome -> [Folder | Modified Date = 9/3/2007 6:53:44 PM | Attr = ]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 8/25/2007 10:38:14 PM | Attr = ]
ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 8/17/2007 4:41:34 PM | Attr = ]
ime -> %SystemRoot%\ime -> [Folder | Modified Date = 9/3/2007 6:59:56 PM | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 8/17/2007 4:45:16 PM | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 9/8/2007 12:38:18 AM | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 9/13/2007 10:13:06 PM | Attr = HS]
Internet Logs -> %SystemRoot%\Internet Logs -> [Folder | Modified Date = 9/13/2007 7:48:10 AM | Attr = ]
LastGood -> %SystemRoot%\LastGood -> [Folder | Modified Date = 9/8/2007 12:38:18 AM | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 69 bytes | Modified Date = 9/13/2007 12:32:40 PM | Attr = ]
ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 376 bytes | Modified Date = 9/4/2007 9:03:40 PM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 9/13/2007 10:27:00 PM | Attr = ]
pss -> %SystemRoot%\pss -> [Folder | Modified Date = 8/22/2007 7:07:48 AM | Attr = ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 8/23/2007 8:09:58 AM | Attr = ]
SBWIN.INI -> %SystemRoot%\SBWIN.INI -> [Ver = | Size = 63 bytes | Modified Date = 9/3/2007 9:52:48 PM | Attr = ]
setupapi.log.0.old -> %SystemRoot%\setupapi.log.0.old -> [Ver = | Size = 1030108 bytes | Modified Date = 8/15/2007 11:30:40 PM | Attr = ]
SIERRA.INI -> %SystemRoot%\SIERRA.INI -> [Ver = | Size = 620 bytes | Modified Date = 9/9/2007 2:48:00 PM | Attr = ]
SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 9/3/2007 7:27:46 PM | Attr = ]
system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 8/26/2007 9:35:16 PM | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 9/13/2007 10:12:26 PM | Attr = ]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 9/13/2007 10:26:04 PM | Attr = ]
vuepro32.GID -> %SystemRoot%\vuepro32.GID -> [Ver = | Size = 16826 bytes | Modified Date = 8/31/2007 4:37:04 PM | Attr = H ]
vuepro32.ini -> %SystemRoot%\vuepro32.ini -> [Ver = | Size = 524 bytes | Modified Date = 9/13/2007 6:22:04 PM | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 1147 bytes | Modified Date = 9/4/2007 9:02:46 PM | Attr = ]
WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 8/17/2007 10:26:44 PM | Attr = ]
Norton SystemWorks One Button Checkup.job -> %SystemRoot%\tasks\Norton SystemWorks One Button Checkup.job -> [Ver = | Size = 260 bytes | Modified Date = 9/10/2007 12:00:02 PM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 9/13/2007 12:32:18 PM | Attr = H ]
Symantec Drmc.job -> %SystemRoot%\tasks\Symantec Drmc.job -> [Ver = | Size = 304 bytes | Modified Date = 9/13/2007 12:00:02 AM | Attr = ]
Symantec NetDetect.job -> %SystemRoot%\tasks\Symantec NetDetect.job -> [Ver = | Size = 366 bytes | Modified Date = 9/13/2007 8:14:14 PM | Attr = ]
User_Feed_Synchronization-{B151E8E9-EE5D-445C-A8F7-4223DFAA10AD}.job -> %SystemRoot%\tasks\User_Feed_Synchronization-{B151E8E9-EE5D-445C-A8F7-4223DFAA10AD}.job -> [Ver = | Size = 418 bytes | Modified Date = 9/13/2007 10:25:02 PM | Attr = H ]
ActiveScan -> %System32%\ActiveScan -> [Folder | Modified Date = 9/3/2007 7:28:26 PM | Attr = ]
BMXState-{00000003-00000000-0000000B-00001102-00000005-00211102}.rfx -> %System32%\BMXState-{00000003-00000000-0000000B-00001102-00000005-00211102}.rfx -> [Ver = | Size = 55700 bytes | Modified Date = 9/13/2007 12:31:10 PM | Attr = ]
BMXStateBkp-{00000003-00000000-0000000B-00001102-00000005-00211102}.rfx -> %System32%\BMXStateBkp-{00000003-00000000-0000000B-00001102-00000005-00211102}.rfx -> [Ver = | Size = 55700 bytes | Modified Date = 9/13/2007 12:31:10 PM | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 8/15/2007 11:30:28 PM | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 9/13/2007 12:49:16 PM | Attr = ]
config -> %System32%\config -> [Folder | Modified Date = 9/5/2007 2:27:48 PM
  • 0

#8
bigdog1100

bigdog1100

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 280 posts
config -> %System32%\config -> [Folder | Modified Date = 9/5/2007 2:27:48 PM | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 8/24/2007 11:01:38 PM | Attr = ]
drivers -> %System32%\drivers -> [Folder | Modified Date = 9/9/2007 2:41:54 PM | Attr = ]
DRVSTORE -> %System32%\DRVSTORE -> [Folder | Modified Date = 8/29/2007 11:40:22 PM | Attr = ]
DVCState-{00000003-00000000-0000000B-00001102-00000005-00211102}.rfx -> %System32%\DVCState-{00000003-00000000-0000000B-00001102-00000005-00211102}.rfx -> [Ver = | Size = 64980 bytes | Modified Date = 9/13/2007 12:31:10 PM | Attr = ]
FileLock.TLU -> %System32%\FileLock.TLU -> [Ver = | Size = 92 bytes | Modified Date = 9/13/2007 12:31:10 PM | Attr = ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 291680 bytes | Modified Date = 9/5/2007 7:45:10 AM | Attr = ]
Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 9/3/2007 5:17:46 PM | Attr = ]
imon1.dat -> %System32%\imon1.dat -> [Ver = | Size = 105 bytes | Modified Date = 8/19/2007 8:31:02 PM | Attr = ]
Microsoft -> %System32%\Microsoft -> [Folder | Modified Date = 9/7/2007 3:03:00 PM | Attr = S]
pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 9/3/2007 5:17:46 PM | Attr = ]
perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 63188 bytes | Modified Date = 9/4/2007 10:40:18 PM | Attr = ]
perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 403968 bytes | Modified Date = 9/4/2007 10:40:18 PM | Attr = ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 471768 bytes | Modified Date = 9/4/2007 10:40:18 PM | Attr = ]
ReinstallBackups -> %System32%\ReinstallBackups -> [Folder | Modified Date = 9/7/2007 3:57:52 PM | Attr = ]
settings.sfm -> %System32%\settings.sfm -> [Ver = | Size = 1080 bytes | Modified Date = 9/13/2007 12:31:10 PM | Attr = ]
settingsbkup.sfm -> %System32%\settingsbkup.sfm -> [Ver = | Size = 1080 bytes | Modified Date = 9/13/2007 12:31:10 PM | Attr = ]
TLFL6.DAT -> %System32%\TLFL6.DAT -> [Ver = | Size = 744 bytes | Modified Date = 9/13/2007 12:31:10 PM | Attr = ]
Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 9/3/2007 5:17:46 PM | Attr = ]
vsconfig.xml -> %System32%\vsconfig.xml -> [Ver = | Size = 49617 bytes | Modified Date = 9/13/2007 12:33:12 PM | Attr = ]
wbem -> %System32%\wbem -> [Folder | Modified Date = 9/4/2007 10:40:18 PM | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 9/13/2007 12:33:34 PM | Attr = ]
zllictbl.dat -> %System32%\zllictbl.dat -> [Ver = | Size = 4212 bytes | Modified Date = 9/13/2007 12:39:02 PM | Attr = H ]
ZoneLabs -> %System32%\ZoneLabs -> [Folder | Modified Date = 9/3/2007 7:36:08 PM | Attr = ]

[File String Scan - Non-Microsoft Only]
UPX! , FSG! , WSUD , UPX0 , Thawte Consulting , -> %SystemDrive%\VIRTPART.DAT -> [Ver = | Size = 27262976 bytes | Modified Date = 7/1/2005 9:04:24 AM | Attr = ]
PECompact2 , qoologic , SAHAgent , -> %SystemRoot%\lpt$vpn.701 -> [Ver = | Size = 15233877 bytes | Modified Date = 6/23/2005 2:02:24 PM | Attr = ]
UPX! , UPX0 , -> %SystemRoot%\RMAgentOutput.dll -> [Ver = | Size = 25157 bytes | Modified Date = 5/3/2005 11:44:44 AM | Attr = ]
UPX! , UPX0 , -> %SystemRoot%\tsc.exe -> Trend Micro Inc. [Ver = 3.9.0.1020 | Size = 170053 bytes | Modified Date = 1/10/2005 4:17:24 PM | Attr = ]
PECompact2 , qoologic , SAHAgent , -> %SystemRoot%\VPTNFILE.701 -> [Ver = | Size = 15233877 bytes | Modified Date = 6/23/2005 2:02:24 PM | Attr = ]
UPX! , aspack , -> %SystemRoot%\vsapi32.dll -> Trend Micro Inc. [Ver = 7.510-1002 | Size = 1044560 bytes | Modified Date = 2/18/2005 6:40:14 PM | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 7/30/2003 8:00:00 AM | Attr = ]
PEC2 , PECompact2 , -> %System32%\DivX.dll -> DivX, Inc. [Ver = 6.6.1.4 | Size = 740442 bytes | Modified Date = 5/31/2007 2:44:56 AM | Attr = ]
aspack , -> %System32%\jesterss.dll -> [Ver = | Size = 23552 bytes | Modified Date = 7/3/2003 3:48:02 PM | Attr = ]
File scan skipped for file %System32%\JNIQFZGF -> File size too big (933042096 bytes) ->
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 7/30/2003 8:00:00 AM | Attr = ]
WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 8/18/2001 8:00:00 AM | Attr = ]
PTech , -> %System32%\dllcache\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/4/2004 1:41:38 AM | Attr = ]
PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/4/2004 1:41:38 AM | Attr = ]

< End of report >
  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Again looks fairly clean a few dormant entries to kill

Start WinPFind3U. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Win32 Services - Non-Microsoft Only]
YY -> (BW) BW [Win32_Own | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\GM2\LOCALS~1\Temp\BW.exe
[Registry - Non-Microsoft Only]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found]
[File String Scan - Non-Microsoft Only]
NY -> aspack , -> %System32%\jesterss.dll


The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. CLick the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here along with a new Hijackthis log.

I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.
  • 0

#10
bigdog1100

bigdog1100

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 280 posts
Here they are.

[Win32 Services - Non-Microsoft Only]
Service BW stopped successfully.
Service BW deleted successfully.
File C:\DOCUME~1\GM2\LOCALS~1\Temp\BW.exe not found.
[Registry - Non-Microsoft Only]
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC} deleted successfully.
[File String Scan - Non-Microsoft Only]
C:\WINDOWS\SYSTEM32\jesterss.dll moved successfully.
< End of log >
Created on 09/14/2007 11:28:28


Logfile of HijackThis v1.99.1
Scan saved at 11:32:31 AM, on 9/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\ehome\ehSched.exe
C:\WINDOWS\System32\GEARSec.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
D:\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe
C:\WINDOWS\system32\PGPsdkServ.exe
C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
D:\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
D:\Belkin Bulldog Plus\upsd.exe
C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
D:\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\SONY\sHotKey\sHotKey.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\ehome\ehmsas.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\WINDOWS\CTHELPER.EXE
D:\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
D:\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe
C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
D:\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
D:\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
D:\BTTray.exe
C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
D:\Palm\Hotsync.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
D:\Jetico\BestCrypt\BCResident.exe
D:\Belkin Bulldog Plus\MUPS.exe
D:\Yahoo!Widgets\WidgetEngine\YahooWidgetEngine.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
D:\Yahoo!Widgets\WidgetEngine\YahooWidgetEngine.exe
D:\Yahoo!Widgets\WidgetEngine\YahooWidgetEngine.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\GM2\Desktop\WinPFind3u\WinPFind3U.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
D:\Security\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.co...earch_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\ICQToolbar\toolbaru.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - D:\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - D:\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - d:\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: XBTBPos00 - {E552EEFC-DE97-45D4-BA1A-F534A1B4A579} - C:\PROGRA~1\MORPHE~1\tbu70E\MORPHE~1.DLL
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\ICQToolbar\toolbaru.dll
O3 - Toolbar: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\tbu70E\morpheustoolbar.dll
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [VolPanel] "D:\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [sHotKey] "C:\Program Files\SONY\sHotKey\sHotKey.exe"
O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [ZTgServerSwitch] "c:\program files\support.com\client\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Norton Ghost 10.0] "D:\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [Creative Detector] D:\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [updateMgr] "D:\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - Startup: HotSync Manager.LNK = D:\Palm\Hotsync.exe
O4 - Startup: Yahoo! Widget Engine.lnk = D:\Yahoo!Widgets\WidgetEngine\YahooWidgetEngine.exe
O4 - Global Startup: BestCrypt Auto Open.lnk = D:\Jetico\BestCrypt\BestCrypt.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = D:\Palm\Hotsync.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: MUPS.lnk = D:\Belkin Bulldog Plus\MUPS.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Download all by Net Transport - D:\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Download by Net Transport - D:\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - D:\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\tbu70E\morpheustoolbar.dll
O9 - Extra 'Tools' menuitem: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\tbu70E\morpheustoolbar.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - D:\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - D:\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - D:\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - D:\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - D:\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\AIM\aim.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\ICQLite\ICQLite.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....007/CTSUEng.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - https://www-secure.s...rl/LSSupCtl.cab
O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zone...ee/cm/ICSCM.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.co...clean_micro.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1143319472500
O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanma...ab9_1/dmcc2.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalci....1.11_en_dl.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://real.gamehous...outLauncher.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15008/CTPID.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - D:\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: NBService - Nero AG - D:\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Norton Ghost - Symantec Corporation - D:\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe
O23 - Service: PGPsdkService (PGPsdkServ) - PGP Corporation - C:\WINDOWS\system32\PGPsdkServ.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - D:\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: UPS - UPSentry Service (UPSentry_Smart) - Delta - D:\Belkin Bulldog Plus\upsd.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Edit: In addition, I will come home tonight and see if I can do things I couldn't do on the computer, like burn DVDs and play Steam games.

Edited by bigdog1100, 14 September 2007 - 10:10 AM.

  • 0

Advertisements


#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I have just noticed that you appear to be running TWO antivirus programmes :
C:\Program Files\Common Files\Symantec Shared (Norton Protection Center)
C:\Program Files\Eset\nod32kui.exe (NOD32 Antivirus System)


Anti-Virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash.

If you choose to install more than one Anti-Virus program on your computer, then only one of them should be active in memory at a time.

There are basically two types of these programs:
On-Access and On-Demand

On-Access Scanners
As the name implies, are scanners that run in the background all the time the PC is turned on and running. The main function of an On-Access scanner is to monitor activity on your machine.

On-Demand Scanners
As the name implies, are scanners that only run when you ask them to.
Such as:
Online Scans and scanners that run on your machine but are not actively scanning your machine


This may be the cause of the freezes and slowdowns.
If you decide to uninstall one of them the removal tool for Norton is here http://service1.syma...005033108162039
NOD32 does not require a specialist removal tool
  • 0

#12
bigdog1100

bigdog1100

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 280 posts
Hi. No I don't have Norton Antivirus. I used to have it, but uninstall it. What I have is Norton System works that I use to check and tune up my computer and Norton Ghost, which is a part of Norton System Works for backup. I use Nod32 as Antivirus and possibly Semi-Firewall. I use Zone Alarm as a Firewall. Zone alarm always using 20% of my 3.2 Gig Pentium 4 Processor. So this is a Hog. I am planning on using Nod's complete protection starting next year. Again, I am not using two Antivirus. On occasion I turn on Zone Alarm Real time Spyware protection, but not always. Zone Alarm's antivirus is in off position. So this is not it.

As of now do I have a clean bill of health as far as Malware, Etc. is concerned.
Also, you were saying something about trimming up my startup. What did you mean by that?

What else I can do?

Thank you very much for all your help. :whistling:
  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Also, you were saying something about trimming up my startup. What did you mean by that?

You currently have 35 programmes running at start if you wish I can go through them and highlight the ones that are not essential for start up
  • 0

#14
bigdog1100

bigdog1100

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 280 posts
Ok thank you. Belkin Bulldog I need. :whistling:
  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK then below are the programmes that are not essential for the system to run and will start up when required. If a later stage you find that you need them at startup you can restore them from Hijackthis backups

Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below.

O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [VolPanel] "D:\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [ZTgServerSwitch] "c:\program files\support.com\client\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [Creative Detector] D:\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [updateMgr] "D:\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - Startup: HotSync Manager.LNK = D:\Palm\Hotsync.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = D:\Palm\Hotsync.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe

Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis.

You could then follow this up with a quick wash and brush up

Prefetch is clickable for more information

Click start then run, type prefetch then press enter, click edit then select all, (all files will highlight), right click any file, click delete, confirm

Click start then all programmes, accessories, system tools to run disc clean up

Reboot

Click start then all programmes, accessories, system tools to run defragmenter

Download, install and run
Tune Up 2007 Trial

Run Tune Up disc clean up

Run Tune Up registry clean up

Disable the anti virus programme then click Optimize and Improve to run Reg Defrag, the screen will lose colour during the process which can take a few minutes and then needs a reboot

Check the anti virus programme is running

Those will have cleared the drive of obsolete software errors

These are suggestions for making the most of the free trial

Click optimize and improve then system optimizer to optimize the computer, select computer with an internet connection from the drop down menu, this also requires a reboot

After the reboot, click optimize then system optimizer to accelerate downloads, select the speed just above your actual connection speed, this requires a reboot.

After the reboot, click optimize then system optimizer to run system advisor


Now the best part of the day ----- Your log now appears clean :whistling:

You may delete winpfind


Now to get you off to a good start we will re-set your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your your restore point but this is my method:

1. Select Start > All Programs > Accessories > System tools > System Restore.
2. On the dialogue box that appears select Create a Restore Point
3. Click NEXT
4. Enter a name e.g. Clean
5. Click CREATE

You now have a clean restore point, to get rid of the bad ones:

1. Select Start > All Programs > Accessories > System tools > Disk Cleanup.
2. In the Drop down box that appears select your main drive e.g. C
3. Click OK
4. The System will do some calculation and the display a dialogue box with TABS
5. Select the More Options Tab.
6. At the bottom will be a system restore box with a CLEANUP button click this
7. Accept the Warning and select OK again, the program will close and you are done



Now that you are clean, to help protect your computer in the future I recommend that you get the following free program:
  • SpywareBlaster to help prevent spyware from installing in the first place.
It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read this article by Tony Klien: So how did I get infected in the first place?


Keep safe :blink:
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP