This is my first post, though i have been browsing for awhile, looking for any ideas i can get for how to speed up my computer and fix my connection and pop-up problems. I have downloaded and tried all the suggested programs and then some. The one program that seemed to really work for me was Xoftspy. It was the first one that i used where i actually noticed a difference in the speed of my computer and it seemed to get rid of the annoying pop-ups that plagued my computer. Then they started again, so i ran xoftspy again, each time it seemed to help less. Now it seems to make no difference at all. So now I'm back to searching for something new that will work. My computer still runs quite slow, and i have alot of connection problems, but it seems they differ daily. I assume that I keep missing something and it keeps regenerating itself. If you could help in any way, it would be deeply appreciated.
Thanks in advance!
Lea
Here is my HiJackThis
Logfile of HijackThis v1.99.1
Scan saved at 11:33:27 PM, on 11/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\gearsec.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\desksite\bin\cma.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\sony\usbsircs\usbsircs.exe
C:\WINDOWS\system32\cidaemon.exe
C:\PROGRA~1\Yahoo!\browser\YBrowser.exe
C:\Documents and Settings\Lea's new account\Desktop\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Band Class - {0007522A-2297-43C1-8EB1-C90B0FF20DA5} - C:\WINDOWS\enhtb.dll (file missing)
O2 - BHO: (no name) - {013A653B-49A6-4f76-8B68-E4875EA6BA54} - C:\WINDOWS\system32\umauvxup.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: - {1795D4E5-4D68-4BC0-80F6-076B2956D3BC} - C:\WINDOWS\lbbho.dll (file missing)
O2 - BHO: - {1D902C0E-B3B4-4E41-AB99-EBB1700DC5A0} - C:\WINDOWS\lbbho.dll (file missing)
O2 - BHO: - {4B8D8EFA-9949-4DB0-A752-D96842DD221B} - C:\WINDOWS\lbbho.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Documents and Settings\Lea's new account\Desktop\Spybot - Search & Destroy\SDHelper.dll (file missing)
O2 - BHO: - {95657980-C957-4E54-8731-B39FD355B473} - C:\WINDOWS\lbbho.dll (file missing)
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {D3B3C51E-8D11-4667-85B9-0930F519BED7} - C:\WINDOWS\system32\jkkllii.dll
O2 - BHO: - {F0F22E08-0066-45F9-A824-E8616A6BB6F4} - C:\WINDOWS\lbbho.dll (file missing)
O2 - BHO: (no name) - {FD2BD6F7-E7CA-41EB-9903-A2EC81F22ECE} - C:\WINDOWS\Drivers\ATI Unified Driver\BIN\lpayilb.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Desksite CMA] C:\Program Files\desksite\bin\cma.exe
O4 - HKLM\..\Run: [IPInSightLAN 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Ad-aware] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe" +c
O4 - HKLM\..\Run: [¢‰¸K0Ô@ÔÁß]§ú"ü‰üžiC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\mxxnmhv.exe
O4 - HKLM\..\Run: [¢‰¸K0¨4W
}ïÁzîžigÝC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\mxxnmhv.exe
O4 - HKLM\..\Run: [Icdymi] C:\Program Files\Xbeyi\Xpoop.exe
O4 - HKLM\..\Run: [Llobcpui] C:\Program Files\Ofnmi\Pookwx.exe
O4 - HKLM\..\Run: [5edqjkwb] C:\Program Files\5edqjkwb\5edqjkwb.exe
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [ydi5c0e9] RUNDLL32.EXE w21e2a7e.dll,n 0035c0e60000000a21e2a7e
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe"
O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
O4 - HKLM\..\RunOnce: [MyWebSearch bar Uninstall] rundll32 C:\PROGRA~1\UNINST~1.DLL,O -3
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: .protected
O4 - Global Startup: .protected
O4 - Global Startup: Remocon Driver.lnk = ?
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfar...tup1.0.0.15.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1154586366405
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.....cab?refid=1123
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} -
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: jkkllii - C:\WINDOWS\SYSTEM32\jkkllii.dll
O20 - Winlogon Notify: lpayilb - C:\WINDOWS\Drivers\ATI Unified Driver\BIN\lpayilb.dll
O20 - Winlogon Notify: MediaContentIndex - C:\WINDOWS\
O20 - Winlogon Notify: ShellScrap - C:\WINDOWS\system32\dbskcopy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winetn32 - winetn32.dll (file missing)
O20 - Winlogon Notify: winuns32 - winuns32.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Gear Security Service (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
And the unistall list
ABBYY FineReader 5.0 Sprint Plus
Ad-aware 6 Personal
Adobe Acrobat 5.0
Adobe Download Manager 1.2 (Remove Only)
Adobe Reader 6.0.1
Agere Systems AC'97 Modem
AOL Connectivity Services
AOL Instant Messenger
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
AVG Anti-Spyware 7.5
Azureus
BroadJump Client Foundation
Capture the Flag
CC_ccProxyMSI
CC_ccStart
ccCommon
CleanUp!
Click to DVD 2.0 Menu Data
Click to DVD 2.0.02
CONNECT
CoreVorbis Audio Decoder (remove only)
Drag'n Drop CD+DVD
DVgate Plus
Google Toolbar for Internet Explorer
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 1.99.1
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Intel® Extreme Graphics Driver
Intel® PRO Network Adapters and Drivers
InterVideo WinDVD 5 for VAIO
iTunes
Java 2 Runtime Environment, SE v1.4.2_01
Learn2 Player (Uninstall Only)
Lemonade Tycoon for Windows
Lexicon
Lexmark 2200 Series
LiveReg (Symantec Corporation)
LiveUpdate 1.90 (Symantec Corporation)
Macromedia Flash Player 8
Macromedia Shockwave Player
Memory Stick Formatter
Microsoft .NET Framework 1.1
Microsoft Age of Empires Gold
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft Works 7.0
MSRedist
MSXML 4.0 SP2 (KB927978)
MSXML4 Parser
Netscape (7.02)
Netscape Internet Service Setup
Norton AntiSpam
Norton AntiSpam
Norton AntiVirus 2004
Norton AntiVirus 2004 (Symantec Corporation)
Norton AntiVirus Parent MSI
Norton AntiVirus SYMLT MSI
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security (Symantec Corporation)
OpenMG Limited Patch 3.4-03-12-16-01
OpenMG Secure Module 3.4.00
Police Call CD-ROM
Quicken 2004
QuickTime
RollerCoaster Tycoon 3
Safety Bar
SBC Self Support Tool
SBC Yahoo! Applications
Search Assistant
Search Basket
Secure Game Player
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
SonicStage 2.0.02
Sony Certificate PCH
Sony Video Shared Library
SpyHunter
Symantec Script Blocking Installer
The Sims 2
The Sims 2 University
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
VAIO Entertainment Platform
VAIO Help and Support
VAIO Media 3.0
VAIO Media Integrated Server 3.0
VAIO Media Redistribution 3.0
VAIO Registration
VAIO Remote Commander Utility 6.2
VAIO SLIT Pattern Wallpaper
VAIO SLIT-C Screen Saver
VAIO Survey Standalone
VAIO System Information
VAIO Update 2
VDMSound 2.0.4
Visual IP InSight(SBC)
VSToolbar for Internet Explorer
WebSearch Tools
Welcome to VAIO life
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format Runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893086
Windows XP Related
Windows XP Service Pack 2
XoftSpy
And I'm not sure if it will help but here is my Spyhunter support log
Log Contents provided by Enigma Software Group, Inc.
###########################Runnning Processes DATA###########################
processName = SMSS.EXE File Size = 50688 File Path = \SystemRoot\System32\smss.exe ModuleMD5 = bd7fb0957c716f1a60333aee04de2178
processName = WINLOGON.EXE File Size = 502272 File Path = \??\C:\WINDOWS\system32\winlogon.exe ModuleMD5 = 01c3346c241652f43aed8e2149881bfe
processName = SERVICES.EXE File Size = 108032 File Path = C:\WINDOWS\system32\services.exe ModuleMD5 = c6ce6eec82f187615d1002bb3bb50ed4
processName = LSASS.EXE File Size = 13312 File Path = C:\WINDOWS\system32\lsass.exe ModuleMD5 = 84885f9b82f4d55c6146ebf6065d75d2
processName = SVCHOST.EXE File Size = 14336 File Path = C:\WINDOWS\system32\svchost.exe ModuleMD5 = 8f078ae4ed187aaabc0a305146de6716
processName = SVCHOST.EXE File Size = 14336 File Path = C:\WINDOWS\System32\svchost.exe ModuleMD5 = 8f078ae4ed187aaabc0a305146de6716
processName = LEXBCES.EXE File Size = 311296 File Path = C:\WINDOWS\system32\LEXBCES.EXE ModuleMD5 = 095aafc4129ed6cc8ea6bb1bc712af72
processName = LEXPPS.EXE File Size = 174592 File Path = C:\WINDOWS\system32\LEXPPS.EXE ModuleMD5 = 917672bcdcde6a80663736d93fa073b2
processName = SPOOLSV.EXE File Size = 57856 File Path = C:\WINDOWS\system32\spoolsv.exe ModuleMD5 = da81ec57acd4cdc3d4c51cf3d409af9f
processName = EXPLORER.EXE File Size = 1032192 File Path = C:\WINDOWS\Explorer.EXE ModuleMD5 = a0732187050030ae399b241436565e64
processName = AOLACSD.EXE File Size = 1135728 File Path = C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe ModuleMD5 = 8fa646f0e639d9a8c8b98e217d471dc0
processName = GUARD.EXE File Size = 204800 File Path = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe ModuleMD5 = e8fbdcc8d618d1bb84b828f247a6244b
processName = CCPROXY.EXE File Size = 218232 File Path = C:\Program Files\Common Files\Symantec Shared\ccProxy.exe ModuleMD5 = 0935f7d04466a3d3c91a531a0d8fb7bc
processName = CCSETMGR.EXE File Size = 234656 File Path = C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe ModuleMD5 = aa9904ce3ab832b160e592bf5588c0ea
processName = CISVC.EXE File Size = 5632 File Path = C:\WINDOWS\system32\cisvc.exe ModuleMD5 = 3192bd04d032a9c4a85a3278c268a13a
processName = GEARSEC.EXE File Size = 53248 File Path = C:\WINDOWS\System32\gearsec.exe ModuleMD5 = b6e01969246fcb67470e87e6957ee147
processName = NAVAPSVC.EXE File Size = 158848 File Path = C:\Program Files\Norton AntiVirus\navapsvc.exe ModuleMD5 = 106188ee7fce8c769defec27c1edb67c
processName = SAVSCAN.EXE File Size = 193816 File Path = C:\Program Files\Norton AntiVirus\SAVScan.exe ModuleMD5 = bfba4ed75bcdf0f5681a6749d8f27fc7
processName = SNDSRVC.EXE File Size = 193760 File Path = C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe ModuleMD5 = fa72b207272d9aea65c8848eb2d75d1b
processName = SVCHOST.EXE File Size = 14336 File Path = C:\WINDOWS\System32\svchost.exe ModuleMD5 = 8f078ae4ed187aaabc0a305146de6716
processName = SYMLCSVC.EXE File Size = 585728 File Path = C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ModuleMD5 = 94d3c8257776019a7a96af69f62ba509
processName = VZFW.EXE File Size = 86098 File Path = C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe ModuleMD5 = cf28864ef4c5a4e48081c1f5dac64771
processName = CCEVTMGR.EXE File Size = 255136 File Path = C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe ModuleMD5 = 2a90a0a9e086d928c9f7ccacca87e6dc
processName = CCAPP.EXE File Size = 70816 File Path = C:\Program Files\Common Files\Symantec Shared\ccApp.exe ModuleMD5 = 631bd98882f6fc3e1191c8c7ef942638
processName = EZSP_PX.EXE File Size = 40960 File Path = C:\WINDOWS\System32\ezSP_Px.exe ModuleMD5 = 2849ed071a0d83406bda342aa767f24e
processName = YBRWICON.EXE File Size = 57344 File Path = C:\Program Files\Yahoo!\browser\ybrwicon.exe ModuleMD5 = da6bc165d222c0bcd9ef9ab33e360c4e
processName = YCOMMON.EXE File Size = 217088 File Path = C:\PROGRA~1\Yahoo!\browser\ycommon.exe ModuleMD5 = 1646f316309b7d559aefc9429e808d35
processName = CFD.EXE File Size = 368706 File Path = C:\Program Files\BroadJump\Client Foundation\CFD.exe ModuleMD5 = ba9af06103549a96f77036861fde357b
processName = CMA.EXE File Size = 188416 File Path = C:\Program Files\desksite\bin\cma.exe ModuleMD5 = c4792dbc06f02875c855a10be6532135
processName = IPCLIENT.EXE File Size = 380928 File Path = C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe ModuleMD5 = b2a84cee46eea964def241ad230ce325
processName = IPMON32.EXE File Size = 122880 File Path = C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe ModuleMD5 = 7187b64d933c478227e6ccc04c0b68f7
processName = ATIPTAXX.EXE File Size = 335872 File Path = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe ModuleMD5 = 2d24f0243bb32ebf3727361004677f6d
processName = AVGAS.EXE File Size = 6266880 File Path = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe ModuleMD5 = 01d90ae5dccbce0c7b52874fec35a608
processName = MSMSGS.EXE File Size = 1694208 File Path = C:\Program Files\Messenger\msmsgs.exe ModuleMD5 = 74e6e96c6f0e2eca4edbb7f7a468f259
processName = GOOGLETOOLBARNOTIFIER.EXE File Size = 163576 File Path = C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe ModuleMD5 = 1c813135848c379412a036841282a985
processName = CTFMON.EXE File Size = 15360 File Path = C:\WINDOWS\system32\ctfmon.exe ModuleMD5 = 24232996a38c0b0cf151c2140ae29fc8
processName = USBSIRCS.EXE File Size = 229376 File Path = C:\Program Files\sony\usbsircs\usbsircs.exe ModuleMD5 = 1c4942ac15fba6eeee45e711ef02b9af
processName = CIDAEMON.EXE File Size = 8192 File Path = C:\WINDOWS\system32\cidaemon.exe ModuleMD5 = 582304f6f1946fa5068cf143d729d7ed
processName = YBROWSER.EXE File Size = 480368 File Path = C:\PROGRA~1\Yahoo!\browser\YBrowser.exe ModuleMD5 = 30d0374552bd2add6bee8a5e94875312
processName = SPYHUNTER.EXE File Size = 2482176 File Path = C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe ModuleMD5 = 586bac9f494de141189c05b79b653f73
processName = NOTEPAD.EXE File Size = 69120 File Path = C:\WINDOWS\system32\NOTEPAD.EXE ModuleMD5 = 388b8fbc36a8558587afc90fb23a3b99
###########################REGISTRY MD5 DATA###########################
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
Name=HotKeysCmds Data=C:\WINDOWS\System32\hkcmd.exe FileSize = 114688 MD5=ee2ac08be7024a781df6f40870ed748d
Name=ccApp Data="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" FileSize = 70816 MD5=631bd98882f6fc3e1191c8c7ef942638
Name=URLLSTCK.exe Data=C:\Program Files\Norton Internet Security\UrlLstCk.exe FileSize = 70800 MD5=82ad82d69906784633f51dd7ca2248d8
Name=VAIO Recovery Data=C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe FileSize = 28672 MD5=3edf6f722c8cc022b6f51cec19ea477b
Name=ezShieldProtector for Px Data=C:\WINDOWS\System32\ezSP_Px.exe FileSize = 40960 MD5=2849ed071a0d83406bda342aa767f24e
Name=YBrowser Data=C:\Program Files\Yahoo!\browser\ybrwicon.exe FileSize = 57344 MD5=da6bc165d222c0bcd9ef9ab33e360c4e
Name=BJCFD Data=C:\Program Files\BroadJump\Client Foundation\CFD.exe FileSize = 368706 MD5=ba9af06103549a96f77036861fde357b
Name=Motive SmartBridge Data=C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe FileSize = 380928 MD5=f055034225687b9f9d176985f0108145
Name=Desksite CMA Data=C:\Program Files\desksite\bin\cma.exe FileSize = 188416 MD5=c4792dbc06f02875c855a10be6532135
Name=IPInSightLAN 02 Data="C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" -l FileSize = 380928 MD5=b2a84cee46eea964def241ad230ce325
Name=IPInSightMonitor 02 Data="C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe" FileSize = 122880 MD5=7187b64d933c478227e6ccc04c0b68f7
Name=QuickTime Task Data="C:\Program Files\QuickTime\qttask.exe" -atboottime FileSize = 98304 MD5=c341ccfbe98bc7df6e0b856bb9fc265a
Name=Ad-aware Data="C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe" +c FileSize = 684544 MD5=93eea3e30e23ec5c3a34e868390fc73b
Name=¢‰¸K0Ô@ÔÁß]§ú"ü‰üžiC:\Program Files\ISTsvc\istsvc.exe Data=C:\WINDOWS\mxxnmhv.exe FileSize = MD5=********************************
Name=¢‰¸K0¨4W
}ïÁzîžigÝC:\Program Files\ISTsvc\istsvc.exe Data=C:\WINDOWS\mxxnmhv.exe FileSize = MD5=********************************
Name=Icdymi Data=C:\Program Files\Xbeyi\Xpoop.exe FileSize = MD5=********************************
Name=Llobcpui Data=C:\Program Files\Ofnmi\Pookwx.exe FileSize = MD5=********************************
Name=5edqjkwb Data=C:\Program Files\5edqjkwb\5edqjkwb.exe FileSize = MD5=********************************
Name=YOP Data=C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart FileSize = 397312 MD5=13ce2ad044884884295b1c2377dd5d25
Name=ydi5c0e9 Data=RUNDLL32.EXE w21e2a7e.dll,n 0035c0e60000000a21e2a7e FileSize = MD5=
Name=ATIPTA Data=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe FileSize = 335872 MD5=2d24f0243bb32ebf3727361004677f6d
Name=Lexmark 2200 Series Data="C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe" FileSize = 57344 MD5=c88e5d319ad2fddb116233a997ec3d9f
Name=SpyHunter Data=C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
FileSize = 2482176 MD5=586bac9f494de141189c05b79b653f73
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCEEX>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
Name=MyWebSearch bar Uninstall Data=rundll32 C:\PROGRA~1\UNINST~1.DLL,O -3
FileSize = 315392 MD5=fdd99fd1d44fa325e844ee6a7742911a
<HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
Name=MSMSGS Data="C:\Program Files\Messenger\msmsgs.exe" /background FileSize = 1694208 MD5=74e6e96c6f0e2eca4edbb7f7a468f259
Name=my web search bar Data= FileSize = MD5=
Name=swg Data=C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe FileSize = 163576 MD5=1c813135848c379412a036841282a985
Name=ctfmon.exe Data=C:\WINDOWS\system32\ctfmon.exe
FileSize = 15360 MD5=24232996a38c0b0cf151c2140ae29fc8
<HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
<HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
Name=MSMSGS Data="C:\Program Files\Messenger\msmsgs.exe" /background
FileSize = 1694208 MD5=74e6e96c6f0e2eca4edbb7f7a468f259
<HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINDOWS\APPINIT_DLLS>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\SHELL>
Explorer.exe FileSize = 1032192 MD5=a0732187050030ae399b241436565e64
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\USERINIT>
C:\WINDOWS\system32\userinit.exe, FileSize = 24576 MD5=39b1ffb03c2296323832acbae50d2aff
#############################FILE MD5 DATA#############################
<C:\Documents and Settings\Lea's new account\Start Menu\Programs\Startup>
File Path = C:\Documents and Settings\Lea's new account\Start Menu\Programs\Startup\.protected File Size = 4096 md5=d41d8cd98f00b204e9800998ecf8427e
File Path = C:\Documents and Settings\Lea's new account\Start Menu\Programs\Startup\desktop.ini File Size = 4096 md5=d6a6856702e3f0953e7246a9b4a9fe35
#############################SERVICES DATA#############################
Service Name = ALG Service Display Name = Application Layer Gateway Service Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\alg.exe Binary Size = 44544 Binary MD5 = f1958fbf86d5c004cf19a5951a9514b7
Service Name = AOL ACS Service Display Name = AOL Connectivity Service Opened = YES Status = Running Query = SUCCESS Service Type = 272 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe Binary Size = 1135728 Binary MD5 = 8fa646f0e639d9a8c8b98e217d471dc0
Service Name = AudioSrv Service Display Name = Windows Audio Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = AVG Anti-Spyware Guard Service Display Name = AVG Anti-Spyware Guard Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe Binary Size = 204800 Binary MD5 = e8fbdcc8d618d1bb84b828f247a6244b
Service Name = BITS Service Display Name = Background Intelligent Transfer Service Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = Browser Service Display Name = Computer Browser Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = ccEvtMgr Service Display Name = Symantec Event Manager Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 0 Service Binary Path = "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" Binary Size = 0 Binary MD5 =
Service Name = ccProxy Service Display Name = Symantec Network Proxy Opened = YES Status = Running Query = SUCCESS Service Type = 272 Service Start Type = 2 Service Error Control = 0 Service Binary Path = "C:\Program Files\Common Files\Symantec Shared\ccProxy.exe" Binary Size = 0 Binary MD5 =
Service Name = ccSetMgr Service Display Name = Symantec Settings Manager Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 0 Service Binary Path = "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" Binary Size = 0 Binary MD5 =
Service Name = CiSvc Service Display Name = Indexing Service Opened = YES Status = Running Query = SUCCESS Service Type = 288 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\cisvc.exe Binary Size = 5632 Binary MD5 = 3192bd04d032a9c4a85a3278c268a13a
Service Name = CryptSvc Service Display Name = Cryptographic Services Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = DcomLaunch Service Display Name = DCOM Server Process Launcher Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost -k DcomLaunch Binary Size = 0 Binary MD5 =
Service Name = Dhcp Service Display Name = DHCP Client Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = Dnscache Service Display Name = DNS Client Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k NetworkService Binary Size = 0 Binary MD5 =
Service Name = ERSvc Service Display Name = Error Reporting Service Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 0 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = Eventlog Service Display Name = Event Log Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\services.exe Binary Size = 108032 Binary MD5 = c6ce6eec82f187615d1002bb3bb50ed4
Service Name = EventSystem Service Display Name = COM+ Event System Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = FastUserSwitchingCompatibility Service Display Name = Fast User Switching Compatibility Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = GEARSecurity Service Display Name = Gear Security Service Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 0 Service Binary Path = C:\WINDOWS\System32\gearsec.exe Binary Size = 53248 Binary MD5 = b6e01969246fcb67470e87e6957ee147
Service Name = helpsvc Service Display Name = Help and Support Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = lanmanserver Service Display Name = Server Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = lanmanworkstation Service Display Name = Workstation Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = LexBceS Service Display Name = LexBce Server Opened = YES Status = Running Query = SUCCESS Service Type = 272 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\LEXBCES.EXE Binary Size = 311296 Binary MD5 = 095aafc4129ed6cc8ea6bb1bc712af72
Service Name = LmHosts Service Display Name = TCP/IP NetBIOS Helper Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k LocalService Binary Size = 0 Binary MD5 =
Service Name = navapsvc Service Display Name = Norton AntiVirus Auto Protect Service Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 1 Service Binary Path = "C:\Program Files\Norton AntiVirus\navapsvc.exe" Binary Size = 0 Binary MD5 =
Service Name = Netman Service Display Name = Network Connections Opened = YES Status = Running Query = SUCCESS Service Type = 288 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = Nla Service Display Name = Network Location Awareness (NLA) Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = PlugPlay Service Display Name = Plug and Play Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\services.exe Binary Size = 108032 Binary MD5 = c6ce6eec82f187615d1002bb3bb50ed4
Service Name = ProtectedStorage Service Display Name = Protected Storage Opened = YES Status = Running Query = SUCCESS Service Type = 288 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\lsass.exe Binary Size = 13312 Binary MD5 = 84885f9b82f4d55c6146ebf6065d75d2
Service Name = RasMan Service Display Name = Remote Access Connection Manager Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = RpcSs Service Display Name = Remote Procedure Call (RPC) Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost -k rpcss Binary Size = 0 Binary MD5 =
Service Name = SamSs Service Display Name = Security Accounts Manager Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\lsass.exe Binary Size = 13312 Binary MD5 = 84885f9b82f4d55c6146ebf6065d75d2
Service Name = SAVScan Service Display Name = SAVScan Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\Program Files\Norton AntiVirus\SAVScan.exe Binary Size = 193816 Binary MD5 = bfba4ed75bcdf0f5681a6749d8f27fc7
Service Name = Schedule Service Display Name = Task Scheduler Opened = YES Status = Running Query = SUCCESS Service Type = 288 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = seclogon Service Display Name = Secondary Logon Opened = YES Status = Running Query = SUCCESS Service Type = 288 Service Start Type = 2 Service Error Control = 0 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = SENS Service Display Name = System Event Notification Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = SharedAccess Service Display Name = Windows Firewall/Internet Connection Sharing (ICS) Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = ShellHWDetection Service Display Name = Shell Hardware Detection Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 0 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = SNDSrvc Service Display Name = Symantec Network Drivers Service Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 0 Service Binary Path = C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe Binary Size = 193760 Binary MD5 = fa72b207272d9aea65c8848eb2d75d1b
Service Name = Spooler Service Display Name = Print Spooler Opened = YES Status = Running Query = SUCCESS Service Type = 272 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\spoolsv.exe Binary Size = 57856 Binary MD5 = da81ec57acd4cdc3d4c51cf3d409af9f
Service Name = srservice Service Display Name = System Restore Service Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = SSDPSRV Service Display Name = SSDP Discovery Service Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k LocalService Binary Size = 0 Binary MD5 =
Service Name = stisvc Service Display Name = Windows Image Acquisition (WIA) Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k imgsvc Binary Size = 0 Binary MD5 =
Service Name = Symantec Core LC Service Display Name = Symantec Core LC Opened = YES Status = Running Query = SUCCESS Service Type = 272 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe Binary Size = 585728 Binary MD5 = 94d3c8257776019a7a96af69f62ba509
Service Name = TapiSrv Service Display Name = Telephony Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = TermService Service Display Name = Terminal Services Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost -k DComLaunch Binary Size = 0 Binary MD5 =
Service Name = Themes Service Display Name = Themes Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = TrkWks Service Display Name = Distributed Link Tracking Client Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = UMWdf Service Display Name = Windows User Mode Driver Framework Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\wdfmgr.exe Binary Size = 38912 Binary MD5 = ab0a7ca90d9e3d6a193905dc1715ded0
Service Name = VAIO Entertainment File Import Service Service Display Name = VAIO Entertainment File Import Service Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe Binary Size = 86098 Binary MD5 = cf28864ef4c5a4e48081c1f5dac64771
Service Name = W32Time Service Display Name = Windows Time Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = WebClient Service Display Name = WebClient Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k LocalService Binary Size = 0 Binary MD5 =
Service Name = winmgmt Service Display Name = Windows Management Instrumentation Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 0 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = wscsvc Service Display Name = Security Center Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = wuauserv Service Display Name = Automatic Updates Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = WZCSVC Service Display Name = Wireless Zero Configuration Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
#############################WINLOGON DATA#############################
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY>
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain Filepath = C:\WINDOWS\system32\crypt32.dll File Size = 597504 File MD5 = efc958396a7a7ef7e6d4a52b97512e18
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet Filepath = C:\WINDOWS\system32\cryptnet.dll File Size = 63488 File MD5 = cad4aa32e7eca00c23cc39c0eb833f9d
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll Filepath = C:\WINDOWS\system32\cscdll.dll File Size = 101888 File MD5 = 587729679b4fe04ce06a5c61d6c56dcd
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui Filepath = C:\WINDOWS\system32\igfxsrvc.dll File Size = 315392 File MD5 = 6474af152cd6025f781d7a5f2b8b6084
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jkkllii Filepath = C:\WINDOWS\system32\jkkllii.dll File Size = 40973 File MD5 = 23594e584c0edb3b3e0decfe6ac4181a
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\lpayilb Filepath = C:\WINDOWS\Drivers\ATI Unified Driver\BIN\lpayilb.dll File Size = 712724 File MD5 = ********************************
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\MediaContentIndex
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp Filepath = C:\WINDOWS\system32\wlnotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule Filepath = C:\WINDOWS\system32\wlnotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy Filepath = C:\WINDOWS\system32\sclgntfy.dll File Size = 20992 File MD5 = d636fa41e50671160d838ea2dace3330
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn Filepath = C:\WINDOWS\system32\WlNotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellScrap Filepath = C:\WINDOWS\system32\dbskcopy.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv Filepath = C:\WINDOWS\system32\wlnotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon Filepath = C:\WINDOWS\system32\WgaLogon.dll File Size = 702768 File MD5 = 147429092c26d18af550790ac102f32a
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winetn32 Filepath = File Size = 702768 File MD5 = 147429092c26d18af550790ac102f32a
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winuns32 Filepath = File Size = 702768 File MD5 = 147429092c26d18af550790ac102f32a
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon Filepath = C:\WINDOWS\system32\wlnotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
##########################BROWSER ADD-ON DATA##########################
<HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar>
CLSID = {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} FilePath = C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll File Size = 126976 File MD5 = 0c3b5c014e2acc49e330661bab16cebb Description = Web assistant
CLSID = {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} FilePath = C:\Program Files\Norton AntiVirus\NavShExt.dll File Size = 103368 File MD5 = 65c8a602dfa9d5860f1e328cb8575317 Description = Norton AntiVirus
CLSID = {EF99BD32-C1FB-11D2-892F-0090271D4F88} FilePath = C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll File Size = 438848 File MD5 = 833b12490d0627d4262edb84d2f45b8b Description = 0
CLSID = {2318C2B1-4965-11d4-9B18-009027A5CD4F} FilePath = c:\program files\google\googletoolbar1.dll File Size = 2120768 File MD5 = b4185508b1c66a1579a76dfa6d160daf Description = 0
<HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Explorer Bars>
CLSID = {4528BBE0-4E08-11D5-AD55-00010333D0AD} FilePath = File Size = 0 File MD5 =
CLSID = {4D5C8C25-D075-11d0-B416-00C04FB90376} FilePath = C:\WINDOWS\System32\shdocvw.dll File Size = 1497088 File MD5 = 559b2d22a1ee947a7eaed530c7ff9320
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars>
CLSID = {21569614-B795-46B1-85F4-E737A8DC09AD} FilePath = C:\WINDOWS\system32\browseui.dll File Size = 1022976 File MD5 = b99ff349bf53bd91fbddcd6b1ede8980
CLSID = {30D02401-6A81-11D0-8274-00C04FD5AE38} FilePath = C:\WINDOWS\system32\ieframe.dll File Size = 6049280 File MD5 = 39b6e852f8e82107e52809a7dd21ffe0
CLSID = {32683183-48a0-441b-a342-7c2a440a9478} FilePath = File Size = 0 File MD5 =
CLSID = {C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} FilePath = C:\WINDOWS\system32\SHELL32.dll File Size = 8453632 File MD5 = f056b4771408966694de5d9bf79b48f8
CLSID = {EFA24E61-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\System32\shdocvw.dll File Size = 1497088 File MD5 = 559b2d22a1ee947a7eaed530c7ff9320
CLSID = {EFA24E62-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\System32\shdocvw.dll File Size = 1497088 File MD5 = 559b2d22a1ee947a7eaed530c7ff9320
CLSID = {EFA24E64-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\System32\shdocvw.dll File Size = 1497088 File MD5 = 559b2d22a1ee947a7eaed530c7ff9320
<HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects>
CLSID = {0007522A-2297-43C1-8EB1-C90B0FF20DA5} FilePath = C:\WINDOWS\enhtb.dll File Size = 0 File MD5 =
CLSID = {013A653B-49A6-4f76-8B68-E4875EA6BA54} FilePath = C:\WINDOWS\system32\umauvxup.dll File Size = 38420 File MD5 = ********************************
CLSID = {02478D38-C3F9-4EFB-9B51-7695ECA05670} FilePath = C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll File Size = 438848 File MD5 = 833b12490d0627d4262edb84d2f45b8b
CLSID = {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} FilePath = C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx File Size = 37808 File MD5 = 8394abfc1be196a62c9f532511936df7
CLSID = {1795D