The SREngLOG didn't take long at all. But here it is...
SREngLOG2006-11-02,13:20:08
System Repair Engineer 2.2.6.605
Smallfrogs (
http://www.KZTechs.com)
Windows XP Home Edition Service Pack 1 (Build 2600)
- Administrative User - Completed Functions Allowed
Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<SFP><C:\Program Files\Common Files\Verizon Online\SFP\vzSFPWin.EXE /s> [Verizon Internet Solutions]
<msnmsgr><"C:\Program Files\MSN Messenger\msnmsgr.exe" /background> [(Verified)Microsoft Corporation]
<AIM><C:\Program Files\AIM\aim.exe -cnetwait.odl> [(Verified)America Online, Inc.]
<Weather><C:\Program Files\AWS\WeatherBug\Weather.exe 1> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<PROMon.exe><PROMon.exe> [N/A]
<IgfxTray><C:\WINDOWS\System32\igfxtray.exe> [(Verified)Intel Corporation]
<HotKeysCmds><C:\WINDOWS\System32\hkcmd.exe> [(Verified)Intel Corporation]
<GWMDMMSG><GWMDMMSG.exe> [(Verified)GTW]
<GWMDMpi><C:\WINDOWS\GWMDMpi.exe> [N/A]
<ccApp><C:\Program Files\Common Files\Symantec Shared\ccApp.exe> [(Verified)Symantec Corporation]
<ccRegVfy><C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe> [(Verified)Symantec Corporation]
<AdaptecDirectCD><"C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"> [Roxio]
<Lexmark X74-X75><"C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"> [Lexmark International, Inc.]
<Motive SmartBridge><C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe> [Motive Communications, Inc.]
<SunJavaUpdateSched><C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe> [Sun Microsystems, Inc.]
<Symantec NetDriver Monitor><C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer> [(Verified)Symantec Corporation]
<SSC_UserPrompt><C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe> [(Verified)Symantec Corporation]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<QuickTime Task><"C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Computer, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll> [Anti-Malware Development a.s.]
==================================
Startup Folders
[Verizon Online Support Center]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Verizon Online Support Center.lnk --> C:\PROGRA~1\VERIZO~1\SUPPOR~1\bin\matcli.exe [Motive Communications, Inc.]><N>
==================================
Services
[Application Management / AppMgmt]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[Symantec Event Manager / ccEvtMgr]
<C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe><Symantec Corporation>
[Symantec Password Validation Service / ccPwdSvc]
<C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe><Symantec Corporation>
[ewido anti-spyware 4.0 guard / ewido anti-spyware 4.0 guard]
<C:\Program Files\ewido anti-spyware 4.0\guard.exe><Anti-Malware Development a.s.>
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[ipv7 / ipv7]
<"C:\WINDOWS\ipv7.exe"><N/A>
[LexBce Server / LexBceS]
<C:\WINDOWS\system32\LEXBCES.EXE><Lexmark International, Inc.>
[Norton AntiVirus Auto Protect Service / navapsvc]
<"C:\Program Files\Norton AntiVirus\navapsvc.exe"><Symantec Corporation>
[Intel® NMS / NMSSvc]
<C:\WINDOWS\System32\NMSSvc.exe><Intel Corporation>
[PictureTaker / PictureTaker]
<C:\WINDOWS\System32\PCTKRNT.SYS><LANovation>
[PrismXL / PrismXL]
<C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS><Lanovation>
[ScriptBlocking Service / SBService]
<C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe><Symantec Corporation>
[Symantec Network Drivers Service / SNDSrvc]
<C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe><Symantec Corporation>
[SymWMI Service / SymWSC]
<C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe><Symantec Corporation>
==================================
Drivers
[BCM V.90 56K Modem / BCMModem]
<System32\DRIVERS\BCMDM.sys><BCM>
[Cdr4_xp / Cdr4_xp]
<C:\WINDOWS\SYSTEM32\DRIVERS\Cdr4_xp.SYS><Roxio>
[Cdralw2k / Cdralw2k]
<C:\WINDOWS\SYSTEM32\DRIVERS\Cdralw2k.SYS><Roxio>
[cdudf_xp / cdudf_xp]
<C:\WINDOWS\SYSTEM32\DRIVERS\cdudf_xp.SYS><Roxio>
[dvd_2K / dvd_2K]
<C:\WINDOWS\SYSTEM32\DRIVERS\dvd_2K.SYS><Roxio>
[Intel® PRO Adapter Driver / E100B]
<System32\DRIVERS\e100b325.sys><Intel Corporation>
[ewido anti-spyware 4.0 driver / ewido anti-spyware 4.0 driver]
<\??\C:\Program Files\ewido anti-spyware 4.0\guard.sys><N/A>
[GTW V.92 Voicemodem / GTWModem]
<System32\DRIVERS\GWMDM.sys><GTW>
[ialm / ialm]
<System32\DRIVERS\ialmnt5.sys><Intel Corporation>
[iscFlash / iscFlash]
<\??\C:\WINDOWS\SYSTEM32\DRIVERS\iscflash.sys><N/A>
[mmc_2K / mmc_2K]
<C:\WINDOWS\SYSTEM32\DRIVERS\mmc_2K.SYS><Roxio>
[msdirectxclick / msdirectxclick]
<\??\C:\Documents and Settings\Owner\msdirectxclk.sys><N/A>
[NAVENG / NAVENG]
<\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061101.019\NAVENG.Sys><Symantec Corporation>
[NAVEX15 / NAVEX15]
<\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061101.019\NavEx15.Sys><Symantec Corporation>
[Pcdr Helper Driver / PCDRDRV]
<\??\C:\PROGRA~1\PC-DOC~1\DIAGNO~1\PCDRDRV.sys><N/A>
[PcdrNt / PcdrNt]
<\SystemRoot\System32\drivers\PcdrNt.sys><PC-Doctor Inc.>
[Direct Parallel Link Driver / Ptilink]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[pwd_2k / pwd_2k]
<C:\WINDOWS\SYSTEM32\DRIVERS\pwd_2k.SYS><Roxio>
[PxHelp20 / PxHelp20]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[SAVRT / SAVRT]
<\??\C:\WINDOWS\System32\Drivers\SAVRT.SYS><Symantec Corporation>
[SAVRTPEL / SAVRTPEL]
<\??\C:\WINDOWS\System32\Drivers\SAVRTPEL.SYS><Symantec Corporation>
[Secdrv / Secdrv]
<System32\DRIVERS\secdrv.sys><N/A>
[smwdm / smwdm]
<system32\drivers\smwdm.sys><Analog Devices, Inc.>
[SymEvent / SymEvent]
<\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV]
<\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI]
<\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[tmcomm / tmcomm]
<\??\C:\WINDOWS\System32\drivers\tmcomm.sys><Trend Micro Inc.>
[UdfReadr_xp / UdfReadr_xp]
<C:\WINDOWS\SYSTEM32\DRIVERS\UdfReadr_xp.SYS><Roxio>
==================================
Browser Add-ons
[]
{53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[AIM]
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} <C:\Program Files\AIM\aim.exe, America Online, Inc.>
[Real.com]
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} <C:\WINDOWS\System32\Shdocvw.dll, Microsoft Corporation>
[Norton AntiVirus]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[&Radio]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, N/A>
[CKAVWebScan Object]
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} <C:\WINDOWS\System32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll, Kaspersky Lab>
[DoMoreRunExe.DoMoreRun]
{0F04992B-E661-4DB9-B223-903AB628225D} <C:\WINDOWS\Downloaded Program Files\DoMoreRunExe.ocx, N/A>
[RunExeActiveX.RunExe]
{739E8D90-2F4C-43AD-A1B8-66C356FCEA35} <C:\WINDOWS\Downloaded Program Files\RunExeActiveX.ocx, Gateway Inc.>
[Java Plug-in]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[StartFirstControl.CheckFirst]
{99CDFD87-F97A-42E1-9C13-D18220D90AD1} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\StartFirstControl.ocx, gateway>
[Java Plug-in]
{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in]
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_06]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
==================================
Running Processes
[PID: 464][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll] [Anti-Malware Development a.s., 4, 0, 0, 172]
[PID: 536][C:\WINDOWS\System32\igfxtray.exe] [Intel Corporation, 3,0,0,1607]
[C:\WINDOWS\System32\hccutils.DLL] [Intel Corporation, 3,0,0,1607]
[C:\WINDOWS\System32\igfxdev.dll] [Intel Corporation, 3,0,0,1607]
[C:\WINDOWS\System32\igfxsrvc.dll] [Intel Corporation, 3,0,0,1607]
[C:\WINDOWS\System32\igfxres.dll] [Intel Corporation, 3,0,0,1607]
[C:\WINDOWS\System32\igfxress.dll] [Intel Corporation, 3,0,0,1607]
[PID: 544][C:\WINDOWS\System32\hkcmd.exe] [Intel Corporation, 3,0,0,1607]
[C:\WINDOWS\System32\hccutils.DLL] [Intel Corporation, 3,0,0,1607]
[C:\WINDOWS\System32\igfxdev.dll] [Intel Corporation, 3,0,0,1607]
[C:\WINDOWS\System32\igfxsrvc.dll] [Intel Corporation, 3,0,0,1607]
[C:\WINDOWS\System32\igfxhk.dll] [Intel Corporation, 3,0,0,1607]
[C:\WINDOWS\System32\igfxres.dll] [Intel Corporation, 3,0,0,1607]
[PID: 552][C:\WINDOWS\GWMDMMSG.exe] [GTW, 3.4.22 08/06/2002 14:26:16]
[PID: 584][C:\Program Files\Common Files\Symantec Shared\ccApp.exe] [Symantec Corporation, 1.00.104]
[C:\WINDOWS\System32\SYMSTORE.dll] [Symantec Corporation, 4.7.2.15]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL] [Symantec Corporation, 1.00.104]
[C:\WINDOWS\System32\SYMREDIR.dll] [Symantec Corporation, 5.5.1.6]
[C:\PROGRA~1\COMMON~1\SYMANT~1\ccErrDsp.DLL] [Symantec Corporation, 1.00.104]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCREGMON.DLL] [Symantec Corporation, 1.00.104]
[C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvt.DLL] [Symantec Corporation, 1.00.104]
[C:\WINDOWS\System32\ccTrust.dll] [Symantec Corporation, 1.00.22]
[C:\PROGRA~1\NORTON~1\CCIMSCAN.DLL] [Symantec Corporation, 9.20.1006]
[C:\PROGRA~1\NORTON~1\DEFALERT.DLL] [Symantec Corporation, 9.20.3]
[C:\PROGRA~1\NORTON~1\NAVAPW32.DLL] [Symantec Corporation, 9.05.1015]
[C:\WINDOWS\System32\ccPasswd.DLL] [Symantec Corporation, 1.00.104]
[C:\PROGRA~1\NORTON~1\apwutil.dll] [Symantec Corporation, 9.05.1015]
[C:\PROGRA~1\NORTON~1\SavRT32.dll] [Symantec Corporation, 9.0.1.36]
[C:\Program Files\Norton AntiVirus\apwcmdnt.dll] [Symantec Corporation, 9.05.1015]
[C:\Program Files\Norton AntiVirus\NavEmail.dll] [Symantec Corporation, 9.05.1015]
[PID: 616][C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe] [Roxio, 5.3.0.105]
[C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\CDUDFLIB.dll] [Roxio, 5.3.0.105]
[C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\UDFRWLIB.dll] [Roxio, 5.3.0.105]
[C:\WINDOWS\System32\CDRTC.DLL] [Roxio, 5.3.0.105]
[C:\WINDOWS\System32\cdral.DLL] [Roxio, 5.3.0.105]
[PID: 720][C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe] [Motive Communications, Inc., 05.00.00.asst_classic.smartbridge.20020518_104000]
[C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\SBHook.dll] [Motive Communications, Inc., 05.00.00.asst_classic.smartbridge.20020518_104000]
[C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\httpclient50.dll] [Motive Communications, Inc., 1.04.00]
[C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\clientutil50.dll] [Motive Communications, Inc., 1.04.00]
[C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\SBRes.dll] [Motive Communications, Inc., 05.00.00.asst_classic.smartbridge.20020518_104000]
[C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\alertfilter.dll] [Motive Communications, Inc., 05.00.00.asst_classic.smartbridge.20020518_104000]
[PID: 892][C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe] [Sun Microsystems, Inc., 5.0.60.5]
[PID: 1100][C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe] [Symantec Corporation, 2005.1.2.20]
[PID: 1164][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3510]
[PID: 3812][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\PROGRA~1\SPYBOT~1\SDHelper.dll] [Safer Networking Limited, 1, 4, 0, 0]
[C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll] [Sun Microsystems, Inc., 5.0.60.5]
[C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll] [Symantec Corporation, 1, 1, 0, 126]
[C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll] [Symantec Corporation, 1, 1, 0, 126]
[C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx] [Adobe Systems, Inc., 9,0,16,0]
[PID: 760][C:\Program Files\Messenger\msmsgs.exe] [Microsoft Corporation, 4.7.0041]
[C:\WINDOWS\System32\quartz.dll] [N/A, N/A]
[C:\WINDOWS\System32\devenum.dll] [N/A, N/A]
[C:\WINDOWS\System32\msdmo.dll] [N/A, N/A]
[PID: 3564][C:\Documents and Settings\Owner\Desktop\sreng2\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock Provider
N/A
==================================
Autorun.Inf
N/A
==================================
HOSTS File
127.0.0.1 localhost
127.0.0.1 localhost
127.0.0.1 localhost
127.0.0.1 localhost
==================================