[Spider-Man]

My internet has been running slow for a couple of weeks, and only found out yesterday that when I attached a document to send to someone, they said hotmail wouldn't allow them to download it because it contained an unknown virus, although AVG doesn't pick it up. The document was written completely by me and was sent pretty much as soon as I had finished typing it and saving it. Now all my outgoing emails contain viruses, no matter what I send(documents, pictures, music etc). This is the completed hijackthis log, which seems to look like it has lots of things I don't need:

Logfile of HijackThis v1.99.1
Scan saved at 11:41:00, on 09/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\Rob\LOCALS~1\Temp\Rar$EX01.047\HijackThis.exe
C:\DOCUME~1\Rob\LOCALS~1\Temp\Rar$EX08.859\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://auto.search.m...T...;prov=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1166913209617
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

[Advertisements]

*** Before we can use Hijack This to fix anything, I need you to download it again. Right now you have it in a temporary folder. It will not function properly that way. Please redownload it like so:

Please do this:

* Click here to download HJTsetup.exe

• Save HJTsetup.exe to your desktop.
• Doubleclick on the HJTsetup.exe icon on your desktop.
• By default it will install to C:\Program Files\Hijack This.
• Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
• Put a check by Create a desktop icon then click Next again.
• Continue to follow the rest of the prompts from there.
• At the final dialogue box click Finish and it will launch Hijack This.
• Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
• Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
• Come back here to this thread and Paste the log in your next reply.
• DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.

* Also please post an uninstall list for me using the HijackThis Uninstall Manager:

• Open HijackThis and click on the Open the Misc Tools section button.
• Click on the Open Uninstall Manager button.
• Click the Save List button.
• After you click the "Save List" button, you will be asked where to save the file.
• Pick a place to save it then the list should open in notepad.
• Copy and paste that list in your next reply to this thread.

*** Before you post those logs, please do the following:



* Copy these instructions to notepad and save them to your desktop. You will need them to refer to.


* Right Click the Desktop and Select New--> Folder--> Name it SysClean

• Download the Sysclean Package to the folder you made.
• Next,download the Virus Pattern Files (Official Pattern Release) to your desktop from Here
• Right Click and Select Extract All to unzip the folder.
• Now,from the unzipped folder,move lpt$vpn.XXX file to the SysClean folder.
• Restart in your computer into safe mode now.
• Click here for info on how to boot to safe mode if you don't already know how.
• When you are in safe mode, open the SysClean Folder and doubleclick sysclean.com
• Be sure Automatically clean or delete detected files is checked.
• Click the Scan button to begin, please be patient,it will take a little bit to finish.
• When the scan is complete, verify the log from the scan (SYSCLEAN.LOG) is in the SysClean folder and restart back to Normal Mode.
• Copy and Paste those results in your next reply to this thread along with a new HijackThis log.

Note: If you need further help running Sysclean, see the tutorial here.

[Flrman1]

*** Before we can use Hijack This to fix anything, I need you to download it again. Right now you have it in a temporary folder. It will not function properly that way. Please redownload it like so:

Please do this:

* Click here to download HJTsetup.exe

• Save HJTsetup.exe to your desktop.
• Doubleclick on the HJTsetup.exe icon on your desktop.
• By default it will install to C:\Program Files\Hijack This.
• Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
• Put a check by Create a desktop icon then click Next again.
• Continue to follow the rest of the prompts from there.
• At the final dialogue box click Finish and it will launch Hijack This.
• Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
• Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
• Come back here to this thread and Paste the log in your next reply.
• DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.

* Also please post an uninstall list for me using the HijackThis Uninstall Manager:

• Open HijackThis and click on the Open the Misc Tools section button.
• Click on the Open Uninstall Manager button.
• Click the Save List button.
• After you click the "Save List" button, you will be asked where to save the file.
• Pick a place to save it then the list should open in notepad.
• Copy and paste that list in your next reply to this thread.

*** Before you post those logs, please do the following:



* Copy these instructions to notepad and save them to your desktop. You will need them to refer to.


* Right Click the Desktop and Select New--> Folder--> Name it SysClean

• Download the Sysclean Package to the folder you made.
• Next,download the Virus Pattern Files (Official Pattern Release) to your desktop from Here
• Right Click and Select Extract All to unzip the folder.
• Now,from the unzipped folder,move lpt$vpn.XXX file to the SysClean folder.
• Restart in your computer into safe mode now.
• Click here for info on how to boot to safe mode if you don't already know how.
• When you are in safe mode, open the SysClean Folder and doubleclick sysclean.com
• Be sure Automatically clean or delete detected files is checked.
• Click the Scan button to begin, please be patient,it will take a little bit to finish.
• When the scan is complete, verify the log from the scan (SYSCLEAN.LOG) is in the SysClean folder and restart back to Normal Mode.
• Copy and Paste those results in your next reply to this thread along with a new HijackThis log.

Note: If you need further help running Sysclean, see the tutorial here.

[Spider-Man]

Hello again, I've done the scans required[it's taken about 3 hours to do the scans]. This may or not be related to the malware, but sound no longer plays on my computer on web pages, but plays fine on WMP, MediaMonkey etc. There are two hard drives on the pc, both have XP installed, although the second, smaller[20gb] hard drive is not the boot disk.

HiJackThis Log:

Logfile of HijackThis v1.99.1
Scan saved at 18:57:52, on 09/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\DOCUME~1\Rob\LOCALS~1\Temp\Rar$EX01.047\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://auto.search.m...T...;prov=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1166913209617
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe




Uninstall Manager List:

Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 9 ActiveX
Adobe Help Center 1.0
Adobe Reader 7.0.8
Adobe Shockwave Player
Adobe Stock Photos 1.0
AVG Free Edition
BitComet 0.79
BitTorrent 4.26.0
CCleaner (remove only)
Clipart.com Sampler 80,000
C-Media WDM Audio Driver
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
DRM plug-in driver 1.1
EVEREST Home Edition v2.20
FreshDiagnose
HashCalc 2.01
Hijackthis 1.99.1
HijackThis 1.99.1
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp psc 1100 series
hp psc 1100 series
J2SE Development Kit 5.0 Update 8
J2SE Runtime Environment 5.0 Update 8
JCreator LE 2.50
Microsoft .NET Framework 1.1
Microsoft ActiveSync
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Monopoly Junior
Mozilla Firefox (2.0.0.1)
MusicForMasses 0.66 alpha
Navman SmartST Desktop 2005 for Pocket PC
Opera 9.10
PC Pitstop Exterminate 1.0
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows XP (KB923789)
Shockwave
SiSoftware Sandra Lite 2007.SP1 (Win64/32/CE)
SpeedFan (remove only)
Turbo Lister 2
VIA Rhine-Family Fast Ethernet Adapter
Video mp3 Extractor
Windows Defender
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
WinRAR archiver
XnView 1.82.4
Yahoo! Toolbar
ZoneAlarm Pro








/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/


2007-02-09, 19:16:07, Auto-clean mode specified.
2007-02-09, 19:16:07, Running scanner "C:\Documents and Settings\Rob\Desktop\SysClean\TSC.BIN"...
2007-02-09, 19:16:12, Scanner "C:\Documents and Settings\Rob\Desktop\SysClean\TSC.BIN" has finished running.
2007-02-09, 19:16:12, TSC Log:

Damage Cleanup Engine (DCE) 5.0(Build 1107)
Windows XP(Build 2600: Service Pack 2)

Start time : Fri Feb 09 2007 19:16:07

Load Damage Cleanup Template (DCT) "C:\Documents and Settings\Rob\Desktop\SysClean\tsc.ptn" (version 836) [success]

Complete time : Fri Feb 09 2007 19:16:12
Execute pattern count(3052), Virus found count(0), Virus clean count(0), Clean failed count(0)

2007-02-09, 19:16:31, An error was detected on "C:\Documents and Settings\Rob\My Documents\BitTorrent Downloads\UFO-10 cd\UFO-Ain't Misbehavin?-1988\*.*": The filename, directory name, or volume label syntax is incorrect.
2007-02-09, 19:16:33, An error was detected on "C:\Documents and Settings\Rob\My Documents\My Music\????·?????·????\*.*": The filename, directory name, or volume label syntax is incorrect.
2007-02-09, 19:17:06, An error was detected on "C:\System Volume Information\*.*": Access is denied.
2007-02-09, 19:18:29, An error was detected on "E:\System Volume Information\*.*": Access is denied.
2007-02-09, 19:18:39, An error was detected on "E:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\*.*": The system cannot find the path specified.
2007-02-09, 20:20:04, Files Detected:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 2/9/2007 19:19:02
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 261 (156988 Patterns) (2007/02/09) (426100)
Command Line: C:\Documents and Settings\Rob\Desktop\SysClean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Rob\Desktop\SysClean

41377 files have been read.
41377 files have been checked.
37814 files have been scanned.
133297 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 2/9/2007 20:20:03
---------*---------*---------*---------*---------*---------*---------*---------*
2007-02-09, 20:20:04, Files Clean:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 2/9/2007 19:19:02
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 261 (156988 Patterns) (2007/02/09) (426100)
Command Line: C:\Documents and Settings\Rob\Desktop\SysClean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Rob\Desktop\SysClean

41377 files have been read.
41377 files have been checked.
37814 files have been scanned.
133297 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 2/9/2007 20:20:03 1 hour 52 seconds (3652.16 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2007-02-09, 20:20:04, Clean Fail:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 2/9/2007 19:19:02
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 261 (156988 Patterns) (2007/02/09) (426100)
Command Line: C:\Documents and Settings\Rob\Desktop\SysClean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Rob\Desktop\SysClean

41377 files have been read.
41377 files have been checked.
37814 files have been scanned.
133297 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 2/9/2007 20:20:03 1 hour 52 seconds (3652.16 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2007-02-09, 20:20:04, Scanner "C:\Documents and Settings\Rob\Desktop\SysClean\VSCANTM.BIN" has finished running.
2007-02-09, 21:14:54, Files Detected:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 2/9/2007 20:20:04
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 261 (156988 Patterns) (2007/02/09) (426100)
Command Line: C:\Documents and Settings\Rob\Desktop\SysClean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 E:\*.* /P=C:\Documents and Settings\Rob\Desktop\SysClean

38669 files have been read.
38669 files have been checked.
35350 files have been scanned.
67810 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 2/9/2007 21:14:53
---------*---------*---------*---------*---------*---------*---------*---------*
2007-02-09, 21:14:54, Files Clean:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 2/9/2007 20:20:04
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 261 (156988 Patterns) (2007/02/09) (426100)
Command Line: C:\Documents and Settings\Rob\Desktop\SysClean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 E:\*.* /P=C:\Documents and Settings\Rob\Desktop\SysClean

38669 files have been read.
38669 files have been checked.
35350 files have been scanned.
67810 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 2/9/2007 21:14:53 54 minutes 40 seconds (3279.88 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2007-02-09, 21:14:54, Clean Fail:
Copyright © 1990 - 2004 Trend Micro Inc.
Report Date : 2/9/2007 20:20:04
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 261 (156988 Patterns) (2007/02/09) (426100)
Command Line: C:\Documents and Settings\Rob\Desktop\SysClean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 E:\*.* /P=C:\Documents and Settings\Rob\Desktop\SysClean

38669 files have been read.
38669 files have been checked.
35350 files have been scanned.
67810 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 2/9/2007 21:14:53 54 minutes 40 seconds (3279.88 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2007-02-09, 21:14:54, Scanner "C:\Documents and Settings\Rob\Desktop\SysClean\VSCANTM.BIN" has finished running.




Thanks for your help:)

[Flrman1]

* Go to Add/Remove programs and uninstall this old version of Java:

J2SE Runtime Environment 5.0 Update 8


* Now go here and install the latest version of Java.


* Go here and do the BitDefender online virus scan.

• Click "I Agree" to agree to the EULA.
• Allow the ActiveX control to install when prompted.
• Click "Click here to scan" to begin the scan.
• Please refrain from using the computer until the scan is finished.
• When the scan is finished, click on "Click here to export the scan results"
• Save the report to your desktop then come back here and attach it to your next reply along with a new Hijack This log..

[Flrman1]

Also please do this:

Download WinPFind2.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind2 on your desktop.

• Open the folder and double-click on winpfind2.exe to start the program.
• Click on the Services tab.
• From the two drop down boxes next to Filter list:, on the left one choose List all type of services and on the right one choose List all services.
• Click on the Configuration tab.
• Keep the standard settings and then in the AddOn-Options box click the checkboxes for
  • HKCU_IEDesktop.def
  • Policies.def
  • SID_Run_Policies.def
  to select them.
• Under File Options click Select All
• Under Other Options put a check to both Show All boxes
• Please maximize the window in order to be able to view the Status Bar where you can see the progress of the scan.
• Now click the Run All Scans button on the toolbar.
• When the scans are complete click the Simple Report button in the lower right-hand corner to create a report file. Notepad will open with the report file loaded in it.
• Click the Format menu and make sure that Wordwrap is not checked. If it is, click on it to uncheck it and then please post that report into this topic. After posting please check if the whole report fit into the post. If it did fit, it should say <End of Report> at the end. If not, please post the section that was cut off in a second post.

[Spider-Man]

Hi there, here are the results from the scan. As you can see Java 1.5 Update 8 is still installed as it is needed for my college course, although I can uninstall it if need be, although I will need to reinstall it again in future.
New HiJackThis log, taken after running the BitDefender Test:

Logfile of HijackThis v1.99.1
Scan saved at 18:26:59, on 10/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Rob\Desktop\WinPFind2\winpfind2.exe
C:\Program Files\Adobe\Adobe Photoshop CS2\ImageReady.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://auto.search.m...T...;prov=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater\AdobeUpdater.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1166913209617
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


WinpFind2 Scan Results:


Logfile created on: 10/02/2007 18:31:03
WinPFind2 by OldTimer - Version 1.0.15 Folder = C:\Documents and Settings\Rob\Desktop\WinPFind2\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)


< All Processes >
\systemroot\system32\smss.exe - (Microsoft Corporation )
\??\c:\windows\system32\csrss.exe - (Microsoft Corporation )
\??\c:\windows\system32\winlogon.exe - (Microsoft Corporation )
c:\windows\system32\services.exe - (Microsoft Corporation )
c:\windows\system32\lsass.exe - (Microsoft Corporation )
c:\windows\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH] - (Microsoft Corporation )
(DcomLaunch) C:\WINDOWS\system32\rpcss.dll - (Microsoft Corporation )
(TermService) C:\WINDOWS\System32\termsrv.dll - (Microsoft Corporation )
(TermService) C:\WINDOWS\System32\termsrv.dll - (Microsoft Corporation )
c:\windows\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST -K RPCSS] - (Microsoft Corporation )
(RpcSs) C:\WINDOWS\system32\rpcss.dll - (Microsoft Corporation )
c:\program files\windows defender\msmpeng.exe - (Microsoft Corporation )
c:\windows\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS] - (Microsoft Corporation )
(AppMgmt) C:\WINDOWS\System32\appmgmts.dll - (File not found))
(AudioSrv) C:\WINDOWS\System32\audiosrv.dll - (Microsoft Corporation )
(BITS) C:\WINDOWS\system32\qmgr.dll - (Microsoft Corporation )
(Browser) C:\WINDOWS\System32\browser.dll - (Microsoft Corporation )
(CryptSvc) C:\WINDOWS\System32\cryptsvc.dll - (Microsoft Corporation )
(Dhcp) C:\WINDOWS\System32\dhcpcsvc.dll - (Microsoft Corporation )
(dmserver) C:\WINDOWS\System32\dmserver.dll - (Microsoft Corp. )
(ERSvc) C:\WINDOWS\System32\ersvc.dll - (Microsoft Corporation )
(EventSystem) C:\WINDOWS\system32\es.dll - (Microsoft Corporation )
(FastUserSwitchingCompatibility) C:\WINDOWS\System32\shsvcs.dll - (Microsoft Corporation )
(helpsvc) %WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll - (File not found))
(HidServ) C:\WINDOWS\System32\hidserv.dll - (File not found))
(lanmanserver) C:\WINDOWS\System32\srvsvc.dll - (Microsoft Corporation )
(lanmanworkstation) C:\WINDOWS\System32\wkssvc.dll - (Microsoft Corporation )
(Messenger) C:\WINDOWS\System32\msgsvc.dll - (Microsoft Corporation )
(Netman) C:\WINDOWS\System32\netman.dll - (Microsoft Corporation )
(Nla) C:\WINDOWS\System32\mswsock.dll - (Microsoft Corporation )
(NtmsSvc) C:\WINDOWS\system32\ntmssvc.dll - (Microsoft Corporation )
(RasAuto) C:\WINDOWS\System32\rasauto.dll - (Microsoft Corporation )
(RasMan) C:\WINDOWS\System32\rasmans.dll - (Microsoft Corporation )
(RemoteAccess) C:\WINDOWS\System32\mprdim.dll - (Microsoft Corporation )
(Schedule) C:\WINDOWS\system32\schedsvc.dll - (Microsoft Corporation )
(seclogon) C:\WINDOWS\System32\seclogon.dll - (Microsoft Corporation )
(SENS) C:\WINDOWS\system32\sens.dll - (Microsoft Corporation )
(SharedAccess) C:\WINDOWS\System32\ipnathlp.dll - (Microsoft Corporation )
(ShellHWDetection) C:\WINDOWS\System32\shsvcs.dll - (Microsoft Corporation )
(srservice) C:\WINDOWS\system32\srsvc.dll - (Microsoft Corporation )
(TapiSrv) C:\WINDOWS\System32\tapisrv.dll - (Microsoft Corporation )
(Themes) C:\WINDOWS\System32\shsvcs.dll - (Microsoft Corporation )
(TrkWks) C:\WINDOWS\system32\trkwks.dll - (Microsoft Corporation )
(W32Time) C:\WINDOWS\system32\w32time.dll - (Microsoft Corporation )
(winmgmt) C:\WINDOWS\system32\wbem\WMIsvc.dll - (Microsoft Corporation )
(WmdmPmSN) C:\WINDOWS\system32\MsPMSNSv.dll - (Microsoft Corporation )
(wscsvc) C:\WINDOWS\system32\wscsvc.dll - (Microsoft Corporation )
(wuauserv) C:\WINDOWS\system32\wuauserv.dll - (Microsoft Corporation )
(WZCSVC) C:\WINDOWS\System32\wzcsvc.dll - (Microsoft Corporation )
(xmlprov) C:\WINDOWS\System32\xmlprov.dll - (Microsoft Corporation )
c:\windows\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE] - (Microsoft Corporation )
(Dnscache) C:\WINDOWS\System32\dnsrslvr.dll - (Microsoft Corporation )
c:\windows\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE] - (Microsoft Corporation )
(Alerter) C:\WINDOWS\system32\alrsvc.dll - (Microsoft Corporation )
(LmHosts) C:\WINDOWS\System32\lmhsvc.dll - (Microsoft Corporation )
(SSDPSRV) C:\WINDOWS\System32\ssdpsrv.dll - (Microsoft Corporation )
(upnphost) C:\WINDOWS\System32\upnphost.dll - (Microsoft Corporation )
(WebClient) C:\WINDOWS\System32\webclnt.dll - (Microsoft Corporation )
c:\windows\system32\zonelabs\vsmon.exe - (Zone Labs, LLC )
c:\windows\system32\spoolsv.exe - (Microsoft Corporation )
c:\progra~1\grisoft\avgfre~1\avgamsvr.exe - (GRISOFT, s.r.o. )
c:\windows\explorer.exe - (Microsoft Corporation )
c:\progra~1\grisoft\avgfre~1\avgupsvc.exe - (GRISOFT, s.r.o. )
c:\progra~1\grisoft\avgfre~1\avgemc.exe - (GRISOFT, s.r.o. )
c:\windows\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K IMGSVC] - (Microsoft Corporation )
(stisvc) C:\WINDOWS\system32\wiaservc.dll - (Microsoft Corporation )
c:\progra~1\grisoft\avgfre~1\avgcc.exe - (GRISOFT, s.r.o. )
c:\windows\system32\alg.exe - (Microsoft Corporation )
c:\windows\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K HTTPFILTER] - (Microsoft Corporation )
(HTTPFilter) C:\WINDOWS\System32\w3ssl.dll - (Microsoft Corporation )
c:\program files\internet explorer\iexplore.exe - (Microsoft Corporation )
c:\windows\system32\wuauclt.exe - (Microsoft Corporation )
c:\windows\system32\ctfmon.exe - (Microsoft Corporation )
c:\program files\messenger\msmsgs.exe - (Microsoft Corporation )
c:\program files\mozilla firefox\firefox.exe - (Mozilla Corporation )
c:\documents and settings\rob\desktop\winpfind2\winpfind2.exe - (OldTimer Tools )

< Registry Entries >

[>> Internet Explorer Settings <<]
HKLM->Main\\Start Page - http://go.microsoft....k/?LinkId=69157
HKLM->Main\\Search Page - http://go.microsoft....k/?LinkId=54896
HKLM->Main\\Default_Page_URL - http://go.microsoft....k/?LinkId=69157
HKLM->Main\\Default_Search_URL - http://go.microsoft....k/?LinkId=54896
HKLM->Main\\Local Page - %SystemRoot%\system32\blank.htm
HKCU->Main\\Start Page - http://auto.search.m...T...;prov=
HKCU->Main\\Search Page - http://www.microsoft...amp;ar=iesearch
HKCU->Main\\Local Page - C:\WINDOWS\system32\blank.htm
HKLM->Search\\CustomizeSearch - http://ie.search.msn...st/srchcust.htm
HKLM->Search\\SearchAssistant - http://ie.search.msn...st/srchasst.htm
HKCU->URLSearchHooks\\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Microsoft Url Search Hook = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation )
HKCU->Internet Settings\\ProxyEnable - 0

[>> BHO's <<]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} - Yahoo! Toolbar Helper = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc. )
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Adobe PDF Reader Link Helper = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated )
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - BitComet Helper = C:\Program Files\BitComet\tools\BitCometBHO.dll (BitComet )
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - SSVHelper Class = C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll (Sun Microsystems, Inc. )

[>> Internet Explorer Bars, Toolbars and Extensions <<]

[HKLM-> Internet Explorer Bars]
{4D5C8C25-D075-11d0-B416-00C04FB90376} - &Tip of the Day = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation )

[HKLM-> Internet Explorer ToolBars]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc. )

[HKCU-> Internet Explorer ToolBars]
WebBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Address = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )
WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} - &Links = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation )
WebBrowser\\{C5F7A735-70F1-477F-8C36-6FF3C736017B} - Reg Data - Key not found = Reg Data - Key not found (File not found)
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc. )

[HKCU-> Internet Explorer CmdMapping]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} - 8193 - Reg Data - Value does not exist
{FB5F1910-F110-11d2-BB9E-00C04F795683} - 8192 - Windows Messenger
NextId - 8194

[HKLM-> Internet Explorer Extensions]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - MenuText: Sun Java Console = C:\Program Files\Java\jre1.5.0_08\bin\npjpi150_08.dll (Sun Microsystems, Inc. )
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} (HKCU CLSID) - MenuText: Sun Java Console = C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll (Sun Microsystems, Inc. )
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - ButtonText: Create Mobile Favorite = Reg Data - Value does not exist (File not found)
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - MenuText: Create Mobile Favorite... = C:\PROGRA~1\MICROS~3\INetRepl.dll (Microsoft Corporation )
{85d1f590-48f4-11d9-9669-0800200c9a66} - MenuText: Uninstall BitDefender Online Scanner v8 = Reg Data - Key not found (File not found)
{92780B25-18CC-41C8-B9BE-3C9C571A8263} - ButtonText: Research = Reg Data - Value does not exist (File not found)
{FB5F1910-F110-11d2-BB9E-00C04F795683} - ButtonText: Messenger = C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation )

[HKCU-> Internet Explorer Menu Extensions]
Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm (File not found)
Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm (File not found)
Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm (File not found)
E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation )

[>> Approved Shell Extensions (Non-Microsoft only) <<]

[HKLM-> Approved Shell Extensions]
{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} - Autoplay for SlideShow = Reg Data - Key not found (File not found)
{0DF44EAA-FF21-4412-828E-260A8728E7F1} - Taskbar and Start Menu = Reg Data - Key not found (File not found)
{42071714-76d4-11d1-8b24-00a0c9068ff3} - Display Panning CPL Extension = deskpan.dll (File not found)
{764BF0E1-F219-11ce-972D-00AA00A14F56} - Shell extensions for file compression = Reg Data - Key not found (File not found)
{7A9D77BD-5403-11d2-8785-2E0420524153} - User Accounts = Reg Data - Key not found (File not found)
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - Encryption Context Menu = Reg Data - Key not found (File not found)
{88895560-9AA2-1069-930E-00AA0030EBC8} - HyperTerminal Icon Ext = C:\WINDOWS\system32\hticons.dll (Hilgraeve, Inc. )
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} - AVG7 Shell Extension = C:\Program Files\Grisoft\AVG Free\avgse.dll (GRISOFT, s.r.o. )
{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} - AVG7 Find Extension = C:\Program Files\Grisoft\AVG Free\avgse.dll (GRISOFT, s.r.o. )
{B41DB860-8EE4-11D2-9906-E49FADC173CA} - WinRAR shell extension = C:\Program Files\WinRAR\rarext.dll ( )

[>> ContextMenuHandlers (Non-Microsoft only) <<]

[HKLM-> ContextMenuHandlers]
* - AVG7 Shell Extension - {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files\Grisoft\AVG Free\avgse.dll (GRISOFT, s.r.o. )
* - WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll ( )
Directory - WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll ( )
Folder - AVG7 Shell Extension - {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files\Grisoft\AVG Free\avgse.dll (GRISOFT, s.r.o. )
Folder - WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll ( )

[>> ColumnHandlers (Non-Microsoft only) <<]

[HKLM-> ColumnHandlers]
Folder - {F9DB5320-233E-11D1-9F84-707F02C10627} - PDF Shell Extension = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (Adobe Systems, Inc. )

[>> File Associations Keys <<]
HKLM->SOFTWARE\Classes\.bat\\'' - batfile
HKLM->SOFTWARE\Classes\batfile\shell\open\command\\'' - "%1" %*
HKLM->SOFTWARE\Classes\.cmd\\'' - cmdfile
HKLM->SOFTWARE\Classes\cmdfile\shell\open\command\\'' - "%1" %*
HKLM->SOFTWARE\Classes\.com\\'' - comfile
HKLM->SOFTWARE\Classes\comfile\shell\open\command\\'' - "%1" %*
HKLM->SOFTWARE\Classes\.exe\\'' - exefile
HKLM->SOFTWARE\Classes\exefile\shell\open\command\\'' - "%1" %*
HKLM->SOFTWARE\Classes\.hta\\'' - htafile
HKLM->SOFTWARE\Classes\htafile\shell\open\command\\'' - C:\WINDOWS\system32\mshta.exe "%1" %*
HKLM->SOFTWARE\Classes\.jse\\'' - JSEFile
HKLM->SOFTWARE\Classes\jsefile\shell\open\command\\'' - %SystemRoot%\System32\WScript.exe "%1" %*
HKLM->SOFTWARE\Classes\.scr\\'' - scrfile
HKLM->SOFTWARE\Classes\scrfile\shell\open\command\\'' - "%1" /S
HKLM->SOFTWARE\Classes\.vbe\\'' - VBEFile
HKLM->SOFTWARE\Classes\vbefile\shell\open\command\\'' - %SystemRoot%\System32\WScript.exe "%1" %*
HKLM->SOFTWARE\Classes\.vbs\\'' - VBSFile
HKLM->SOFTWARE\Classes\vbsfile\shell\open\command\\'' - %SystemRoot%\System32\WScript.exe "%1" %*
HKLM->SOFTWARE\Classes\.wsf\\'' - WSFFile
HKLM->SOFTWARE\Classes\wsffile\shell\open\command\\'' - %SystemRoot%\System32\WScript.exe "%1" %*
HKLM->SOFTWARE\Classes\.wsh\\'' - WSHFile
HKLM->SOFTWARE\Classes\wshfile\shell\open\command\\'' - %SystemRoot%\System32\WScript.exe "%1" %*
HKLM->SOFTWARE\Classes\.txt\\'' - txtfile
HKLM->SOFTWARE\Classes\txtfile\shell\open\command\\'' - %SystemRoot%\system32\NOTEPAD.EXE %1

[>> Registry Run Keys <<]
HKLM->Run\\AVG7_CC - C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP (GRISOFT, s.r.o. )
HKLM->Run\OptionalComponents\IMAIL - Installed = 1
HKLM->Run\OptionalComponents\MAPI - Installed = 1
HKLM->Run\OptionalComponents\MSFS - Installed = 1
HKCU->Run\\AdobeUpdater - C:\Program Files\Common Files\Adobe\Updater\AdobeUpdater.exe (Adobe Systems Incorporated )
HKCU->Run\\BitTorrent - "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized ( )
HKCU->Run\\ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation )
HKCU->Run\\H/PC Connection Agent - "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" (Microsoft Corporation )

[>> Miscellaneous Startup Keys <<]

[AppInit DLLs]
AppInit_DLL - (File not found)

[Image File Execution Options]
Your Image File Name Here without a path - Debugger = ntsd -d

[Shell Service Object Delay Load]
CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation )
PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation )
SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\system32\stobject.dll (Microsoft Corporation )
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} = C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation )
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation )
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} = C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation )

[Shell Execute Hooks]
{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - Microsoft AntiMalware ShellExecuteHook = C:\PROGRA~1\WIFD1F~1\MpShHook.dll (Microsoft Corporation )
{AEB6717E-7E19-11d0-97EE-00C04FD91972} - URL Exec Hook = shell32.dll (Microsoft Corporation )

[Shared Task Scheduler]
{438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )
{8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )

[SafeBoot Option]

[HKLM Command Processor AutoRun]
HKLM->Command Processor\\AutoRun -

[HKCU Command Processor AutoRun]

[Security Providers]
SecurityProviders\\SecurityProviders - msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

[BootExecute]
Session Manager\\BootExecute - autocheck autochk *;

[PendingFileRenameOperations]
Session Manager\\PendingFileRenameOperations - \??\C:\Documents and Settings\Rob\Local Settings\Temp\AdobeUpdater.rbt;

[FileRenameOperations]

[ExcludeFromKnownDlls]
Session Manager\\ExcludeFromKnownDlls -

[>> Disabled MSConfig Items <<]
StartUpFolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk - Adobe Reader Speed Launch = C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE (Adobe Systems Incorporated )
StartUpFolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp psc 1000 series.lnk - hp psc 1000 series = C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpohmr08.exe (Hewlett-Packard Co. )
StartUpFolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hpoddt01.exe.lnk - hpoddt01.exe = C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpotdd01.exe (Hewlett-Packard )
StartUpFolder\C:^Documents and Settings^Rob^Start Menu^Programs^Startup^Adobe Gamma.lnk - Adobe Gamma = C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE (Adobe Systems, Inc. )
StartUpReg\BitTorrent - bittorrent = "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized ( )
StartUpReg\Cmaudio - RunDll32 cmicnfg = RunDll32 cmicnfg.cpl,CMICtrlWnd (File not found)
StartUpReg\Copernic Desktop Search - CopernicDesktopSearch = "C:\Program Files\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray (File not found)
StartUpReg\ctfmon.exe - ctfmon = C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation )
StartUpReg\FmctrlTray - Fmctrl = Fmctrl.EXE (ForteMedia, Inc. )
StartUpReg\MSMSGS - msmsgs = "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation )
StartUpReg\SunJavaUpdateSched - jusched = C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe (Sun Microsystems, Inc. )
StartUpReg\SystemTray - SysTray = SysTray.Exe (Microsoft Corporation )
StartUpReg\updateMgr - AdobeUpdateManager = "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 (Adobe Systems Incorporated )
StartUpReg\WinampAgent - winampa = C:\Program Files\Winamp\winampa.exe (File not found)
StartUpReg\Windows Defender - MSASCui = "C:\Program Files\Windows Defender\MSASCui.exe" -hide (Microsoft Corporation )
StartUpReg\Zone Labs Client - zlclient = "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" (Zone Labs, LLC )

[>> User Agent Post Platform <<]

[>> Winlogon <<]
HMLM->AltDefaultDomainName - GLENDINNING
HMLM->AltDefaultUserName - Rob
HMLM->AutoAdminLogon - Reg Data - Value does not exist
HMLM->DefaultDomainName - GLENDINNING
HMLM->DefaultUserName - Rob
HKLM->Shell - Explorer.exe (Microsoft Corporation )
HKLM->System - (File not found)
HMLM->UserInit - C:\WINDOWS\system32\userinit.exe, (Microsoft Corporation )
HKLM->VMApplet - rundll32 shell32,Control_RunDLL "sysdm.cpl"
Notify\crypt32chain - crypt32.dll (Microsoft Corporation )
Notify\cryptnet - cryptnet.dll (Microsoft Corporation )
Notify\cscdll - cscdll.dll (Microsoft Corporation )
Notify\ScCertProp - wlnotify.dll (Microsoft Corporation )
Notify\Schedule - wlnotify.dll (Microsoft Corporation )
Notify\sclgntfy - sclgntfy.dll (Microsoft Corporation )
Notify\SensLogn - WlNotify.dll (Microsoft Corporation )
Notify\termsrv - wlnotify.dll (Microsoft Corporation )
Notify\wlballoon - wlnotify.dll (Microsoft Corporation )

[>> DNS Name Servers <<]
{C502C0DA-F91F-42B3-85E6-1702966A1675} - (VIA Rhine II Fast Ethernet Adapter)

[>> All Winsock2 Catalogs <<]
NameSpace_Catalog5\Catalog_Entries\000000000001 (Tcpip) - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation )
NameSpace_Catalog5\Catalog_Entries\000000000002 (NTDS) - %SystemRoot%\System32\winrnr.dll (Microsoft Corporation )
NameSpace_Catalog5\Catalog_Entries\000000000003 (Network Location Awareness (NLA) Namespace) - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation )

[>> Protocol Handlers (Non-Microsoft only) <<]
ipp - (File not found)
msdaipp - (File not found)

[>> Protocol Filters (Non-Microsoft only) <<]

< All Services >
Abiosdsk (Abiosdsk) - (File not found)) [Disabled - Stopped - Kernel driver]
abp480n5 (abp480n5) - (File not found)) [Disabled - Stopped - Kernel driver]
Microsoft ACPI Driver (ACPI) - \SystemRoot\system32\DRIVERS\ACPI.sys (Microsoft Corporation ) [ - Running - Kernel driver]
ACPIEC (ACPIEC) - (File not found)) [Disabled - Stopped - Kernel driver]
Adobe LM Service (Adobe LM Service) - "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe" (Adobe Systems ) [On Demand - Stopped - Win32, running in it's own process]
adpu160m (adpu160m) - (File not found)) [Disabled - Stopped - Kernel driver]
Microsoft Kernel Acoustic Echo Canceller (aec) - system32\drivers\aec.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
AFD (AFD) - \SystemRoot\System32\drivers\afd.sys (Microsoft Corporation ) [ - Running - Kernel driver]
Aha154x (Aha154x) - (File not found)) [Disabled - Stopped - Kernel driver]
aic78u2 (aic78u2) - (File not found)) [Disabled - Stopped - Kernel driver]
aic78xx (aic78xx) - (File not found)) [Disabled - Stopped - Kernel driver]
Alerter (Alerter) - C:\WINDOWS\system32\svchost.exe -k LocalService (Microsoft Corporation ) [Disabled - Stopped - Win32, running in a shared process]
Application Layer Gateway Service (ALG) - C:\WINDOWS\System32\alg.exe (Microsoft Corporation ) [On Demand - Running - Win32, running in it's own process]
AliIde (AliIde) - (File not found)) [Disabled - Stopped - Kernel driver]
amsint (amsint) - (File not found)) [Disabled - Stopped - Kernel driver]
Application Management (AppMgmt) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [On Demand - Stopped - Win32, running in a shared process]
asc (asc) - (File not found)) [Disabled - Stopped - Kernel driver]
asc3350p (asc3350p) - (File not found)) [Disabled - Stopped - Kernel driver]
asc3550 (asc3550) - (File not found)) [Disabled - Stopped - Kernel driver]
ASP.NET State Service (aspnet_state) - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (Microsoft Corporation ) [On Demand - Stopped - Win32, running in it's own process]
RAS Asynchronous Media Driver (AsyncMac) - system32\DRIVERS\asyncmac.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
Standard IDE/ESDI Hard Disk Controller (atapi) - \SystemRoot\system32\DRIVERS\atapi.sys (Microsoft Corporation ) [ - Running - Kernel driver]
Atdisk (Atdisk) - (File not found)) [Disabled - Stopped - Kernel driver]
ATM ARP Client Protocol (Atmarpc) - system32\DRIVERS\atmarpc.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
Windows Audio (AudioSrv) - C:\WINDOWS\System32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Audio Stub Driver (audstub) - system32\DRIVERS\audstub.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
AVG7 Alert Manager Server (Avg7Alrt) - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe (GRISOFT, s.r.o. ) [Automatic - Running - Win32, running in it's own process]
AVG7 Kernel (Avg7Core) - \SystemRoot\System32\Drivers\avg7core.sys (GRISOFT, s.r.o. ) [ - Running - Kernel driver]
AVG7 Wrap Driver (Avg7RsW) - \SystemRoot\System32\Drivers\avg7rsw.sys (GRISOFT, s.r.o. ) [ - Running - Kernel driver]
AVG7 Resident Driver XP (Avg7RsXP) - \SystemRoot\System32\Drivers\avg7rsxp.sys (GRISOFT, s.r.o. ) [ - Running - Kernel driver]
AVG7 Update Service (Avg7UpdSvc) - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe (GRISOFT, s.r.o. ) [Automatic - Running - Win32, running in it's own process]
AVG7 Clean Driver (AvgClean) - \SystemRoot\System32\Drivers\avgclean.sys (GRISOFT, s.r.o. ) [ - Running - Kernel driver]
AVG E-mail Scanner (AVGEMS) - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe (GRISOFT, s.r.o. ) [Automatic - Running - Win32, running in it's own process]
AVG Network Redirector (AvgTdi) - \SystemRoot\System32\Drivers\avgtdi.sys (GRISOFT, s.r.o. ) [Automatic - Running - Kernel driver]
Beep (Beep) - (File not found)) [ - Running - Kernel driver]
Background Intelligent Transfer Service (BITS) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Computer Browser (Browser) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
cbidf2k (cbidf2k) - (File not found)) [Disabled - Stopped - Kernel driver]
cd20xrnt (cd20xrnt) - (File not found)) [Disabled - Stopped - Kernel driver]
Cdaudio (Cdaudio) - (File not found)) [ - Stopped - Kernel driver]
Cdfs (Cdfs) - (File not found)) [Disabled - Running - Filesystem driver]
CD-ROM Driver (Cdrom) - system32\DRIVERS\cdrom.sys (Microsoft Corporation ) [ - Running - Kernel driver]
Changer (Changer) - (File not found)) [ - Stopped - Kernel driver]
Indexing Service (CiSvc) - C:\WINDOWS\system32\cisvc.exe (Microsoft Corporation ) [On Demand - Stopped - Win32, running in a shared process]
ClipBook (ClipSrv) - C:\WINDOWS\system32\clipsrv.exe (Microsoft Corporation ) [Disabled - Stopped - Win32, running in it's own process]
CmdIde (CmdIde) - (File not found)) [Disabled - Stopped - Kernel driver]
C-Media WDM Audio Interface (cmuda) - system32\drivers\cmuda.sys (C-Media Inc ) [On Demand - Running - Kernel driver]
COM+ System Application (COMSysApp) - C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (Microsoft Corporation ) [On Demand - Stopped - Win32, running in it's own process]
Cpqarray (Cpqarray) - (File not found)) [Disabled - Stopped - Kernel driver]
Cryptographic Services (CryptSvc) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
dac960nt (dac960nt) - (File not found)) [Disabled - Stopped - Kernel driver]
DCOM Server Process Launcher (DcomLaunch) - C:\WINDOWS\system32\svchost -k DcomLaunch (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
DHCP Client (Dhcp) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Disk Driver (Disk) - \SystemRoot\system32\DRIVERS\disk.sys (Microsoft Corporation ) [ - Running - Kernel driver]
Logical Disk Manager Administrative Service (dmadmin) - C:\WINDOWS\System32\dmadmin.exe /com (Microsoft Corp., Veritas Software ) [On Demand - Stopped - Win32, running in a shared process]
dmboot (dmboot) - System32\drivers\dmboot.sys (Microsoft Corp., Veritas Software ) [Disabled - Stopped - Kernel driver]
dmio (dmio) - System32\drivers\dmio.sys (Microsoft Corp., Veritas Software ) [Disabled - Stopped - Kernel driver]
dmload (dmload) - System32\drivers\dmload.sys (Microsoft Corp., Veritas Software. ) [Disabled - Stopped - Kernel driver]
Logical Disk Manager (dmserver) - C:\WINDOWS\System32\svchost.exe -k netsvcs (Microsoft Corporation ) [On Demand - Stopped - Win32, running in a shared process]
Microsoft Kernel DLS Syntheiszer (DMusic) - system32\drivers\DMusic.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
DNS Client (Dnscache) - C:\WINDOWS\system32\svchost.exe -k NetworkService (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
dpti2o (dpti2o) - (File not found)) [Disabled - Stopped - Kernel driver]
Microsoft Kernel DRM Audio Descrambler (drmkaud) - system32\drivers\drmkaud.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
Error Reporting Service (ERSvc) - C:\WINDOWS\System32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Event Log (Eventlog) - C:\WINDOWS\system32\services.exe (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
COM+ Event System (EventSystem) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [On Demand - Running - Win32, running in a shared process]
Fastfat (Fastfat) - (File not found)) [Disabled - Running - Filesystem driver]
Fast User Switching Compatibility (FastUserSwitchingCompatibility) - C:\WINDOWS\System32\svchost.exe -k netsvcs (Microsoft Corporation ) [On Demand - Running - Win32, running in a shared process]
Floppy Disk Controller Driver (Fdc) - system32\DRIVERS\fdc.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
VIA Rhine-Family Fast Ethernet Adapter Driver Service (FETND5BV) - system32\DRIVERS\fetnd5bv.sys (VIA Technologies, Inc. ) [On Demand - Running - Kernel driver]
VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver (FETNDIS) - system32\DRIVERS\fetnd5.sys (VIA Technologies, Inc. ) [On Demand - Stopped - Kernel driver]
Fips (Fips) - (File not found)) [ - Running - Kernel driver]
Floppy Disk Driver (Flpydisk) - system32\DRIVERS\flpydisk.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
FltMgr (FltMgr) - \SystemRoot\system32\DRIVERS\fltMgr.sys (Microsoft Corporation ) [ - Running - Filesystem driver]
FreshIO (FreshIO) - \??\C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys ( ) [On Demand - Stopped - Kernel driver]
Volume Manager Driver (Ftdisk) - \SystemRoot\system32\DRIVERS\ftdisk.sys (Microsoft Corporation ) [ - Running - Kernel driver]
Genius SM32X2 PCI Joystick (gameport) - system32\DRIVERS\fmjoy.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
giveio (giveio) - \SystemRoot\system32\giveio.sys ( ) [ - Running - Kernel driver]
Generic Packet Classifier (Gpc) - system32\DRIVERS\msgpc.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
Help and Support (helpsvc) - C:\WINDOWS\System32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Human Interface Device Access (HidServ) - C:\WINDOWS\System32\svchost.exe -k netsvcs (Microsoft Corporation ) [Disabled - Stopped - Win32, running in a shared process]
hpn (hpn) - (File not found)) [Disabled - Stopped - Kernel driver]
IEEE-1284.4 Driver HPZid412 (HPZid412) - system32\DRIVERS\HPZid412.sys (HP ) [On Demand - Running - Kernel driver]
Print Class Driver for IEEE-1284.4 HPZipr12 (HPZipr12) - system32\DRIVERS\HPZipr12.sys (HP ) [On Demand - Running - Kernel driver]
USB to IEEE-1284.4 Translation Driver HPZius12 (HPZius12) - system32\DRIVERS\HPZius12.sys (HP ) [On Demand - Running - Kernel driver]
HTTP (HTTP) - System32\Drivers\HTTP.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
HTTP SSL (HTTPFilter) - C:\WINDOWS\System32\svchost.exe -k HTTPFilter (Microsoft Corporation ) [On Demand - Running - Win32, running in a shared process]
i2omgmt (i2omgmt) - (File not found)) [ - Stopped - Kernel driver]
i2omp (i2omp) - (File not found)) [Disabled - Stopped - Kernel driver]
i8042 Keyboard and PS/2 Mouse Port Driver (i8042prt) - system32\DRIVERS\i8042prt.sys (Microsoft Corporation ) [ - Running - Kernel driver]
CD-Burning Filter Driver (Imapi) - system32\DRIVERS\imapi.sys (Microsoft Corporation ) [ - Running - Kernel driver]
IMAPI CD-Burning COM Service (ImapiService) - C:\WINDOWS\system32\imapi.exe (Microsoft Corporation ) [On Demand - Stopped - Win32, running in it's own process]
ini910u (ini910u) - (File not found)) [Disabled - Stopped - Kernel driver]
IntelIde (IntelIde) - (File not found)) [Disabled - Stopped - Kernel driver]
Intel Processor Driver (intelppm) - system32\DRIVERS\intelppm.sys (Microsoft Corporation ) [ - Running - Kernel driver]
IPv6 Windows Firewall Driver (Ip6Fw) - system32\DRIVERS\Ip6Fw.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
IP Traffic Filter Driver (IpFilterDriver) - system32\DRIVERS\ipfltdrv.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
IP in IP Tunnel Driver (IpInIp) - system32\DRIVERS\ipinip.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
IP Network Address Translator (IpNat) - system32\DRIVERS\ipnat.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
IPSEC driver (IPSec) - system32\DRIVERS\ipsec.sys (Microsoft Corporation ) [ - Running - Kernel driver]
IR Enumerator Service (IRENUM) - system32\DRIVERS\irenum.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
PnP ISA/EISA Bus Driver (isapnp) - \SystemRoot\system32\DRIVERS\isapnp.sys (Microsoft Corporation ) [ - Running - Kernel driver]
Keyboard Class Driver (Kbdclass) - system32\DRIVERS\kbdclass.sys (Microsoft Corporation ) [ - Running - Kernel driver]
Microsoft Kernel Wave Audio Mixer (kmixer) - system32\drivers\kmixer.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
KSecDD (KSecDD) - (File not found)) [ - Running - Kernel driver]
Server (lanmanserver) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Workstation (lanmanworkstation) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
lbrtfdc (lbrtfdc) - (File not found)) [ - Stopped - Kernel driver]
TCP/IP NetBIOS Helper (LmHosts) - C:\WINDOWS\system32\svchost.exe -k LocalService (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Messenger (Messenger) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [Disabled - Stopped - Win32, running in a shared process]
mnmdd (mnmdd) - (File not found)) [ - Running - Kernel driver]
NetMeeting Remote Desktop Sharing (mnmsrvc) - C:\WINDOWS\system32\mnmsrvc.exe (Microsoft Corporation ) [On Demand - Stopped - Win32, running in it's own process]
Modem (Modem) - (File not found)) [On Demand - Stopped - Kernel driver]
Mouse Class Driver (Mouclass) - system32\DRIVERS\mouclass.sys (Microsoft Corporation ) [ - Running - Kernel driver]
MountMgr (MountMgr) - (File not found)) [ - Running - Kernel driver]
mraid35x (mraid35x) - (File not found)) [Disabled - Stopped - Kernel driver]
WebDav Client Redirector (MRxDAV) - system32\DRIVERS\mrxdav.sys (Microsoft Corporation ) [On Demand - Running - Filesystem driver]
MRXSMB (MRxSmb) - system32\DRIVERS\mrxsmb.sys (Microsoft Corporation ) [ - Running - Filesystem driver]
Distributed Transaction Coordinator (MSDTC) - C:\WINDOWS\system32\msdtc.exe (Microsoft Corporation ) [On Demand - Stopped - Win32, running in it's own process]
Msfs (Msfs) - (File not found)) [ - Running - Filesystem driver]
Windows Installer (MSIServer) - C:\WINDOWS\system32\msiexec.exe /V (Microsoft Corporation ) [On Demand - Stopped - Win32, running in a shared process]
Microsoft Streaming Service Proxy (MSKSSRV) - system32\drivers\MSKSSRV.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
Microsoft Streaming Clock Proxy (MSPCLOCK) - system32\drivers\MSPCLOCK.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
Microsoft Streaming Quality Manager Proxy (MSPQM) - system32\drivers\MSPQM.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
Microsoft System Management BIOS Driver (mssmbios) - system32\DRIVERS\mssmbios.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
Mup (Mup) - (File not found)) [ - Running - Filesystem driver]
NDIS System Driver (NDIS) - (File not found)) [ - Running - Kernel driver]
Remote Access NDIS TAPI Driver (NdisTapi) - system32\DRIVERS\ndistapi.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
NDIS Usermode I/O Protocol (Ndisuio) - system32\DRIVERS\ndisuio.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
Remote Access NDIS WAN Driver (NdisWan) - system32\DRIVERS\ndiswan.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
NDIS Proxy (NDProxy) - (File not found)) [On Demand - Running - Kernel driver]
NetBIOS Interface (NetBIOS) - system32\DRIVERS\netbios.sys (Microsoft Corporation ) [ - Running - Filesystem driver]
NetBios over Tcpip (NetBT) - system32\DRIVERS\netbt.sys (Microsoft Corporation ) [ - Running - Kernel driver]
Network DDE (NetDDE) - C:\WINDOWS\system32\netdde.exe (Microsoft Corporation ) [Disabled - Stopped - Win32, running in a shared process]
Network DDE DSDM (NetDDEdsdm) - C:\WINDOWS\system32\netdde.exe (Microsoft Corporation ) [Disabled - Stopped - Win32, running in a shared process]
Net Logon (Netlogon) - C:\WINDOWS\system32\lsass.exe (Microsoft Corporation ) [On Demand - Stopped - Win32, running in a shared process]
Network Connections (Netman) - C:\WINDOWS\System32\svchost.exe -k netsvcs (Microsoft Corporation ) [On Demand - Running - Win32, running in a shared process]
Network Location Awareness (NLA) (Nla) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [On Demand - Running - Win32, running in a shared process]
Npfs (Npfs) - (File not found)) [ - Running - Filesystem driver]
Ntfs (Ntfs) - (File not found)) [Disabled - Running - Filesystem driver]
NT LM Security Support Provider (NtLmSsp) - C:\WINDOWS\system32\lsass.exe (Microsoft Corporation ) [On Demand - Stopped - Win32, running in a shared process]
Removable Storage (NtmsSvc) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [On Demand - Stopped - Win32, running in a shared process]
Null (Null) - (File not found)) [ - Running - Kernel driver]
IPX Traffic Filter Driver (NwlnkFlt) - system32\DRIVERS\nwlnkflt.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
IPX Traffic Forwarder Driver (NwlnkFwd) - system32\DRIVERS\nwlnkfwd.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
Office Source Engine (ose) - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (Microsoft Corporation ) [On Demand - Stopped - Win32, running in it's own process]
Parallel port driver (Parport) - system32\DRIVERS\parport.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
PartMgr (PartMgr) - (File not found)) [ - Running - Kernel driver]
ParVdm (ParVdm) - (File not found)) [Automatic - Running - Kernel driver]
PCI Bus Driver (PCI) - \SystemRoot\system32\DRIVERS\pci.sys (Microsoft Corporation ) [ - Running - Kernel driver]
PCIDump (PCIDump) - (File not found)) [ - Stopped - Kernel driver]
PCIIde (PCIIde) - (File not found)) [Disabled - Stopped - Kernel driver]
Pcmcia (Pcmcia) - (File not found)) [Disabled - Stopped - Kernel driver]
PDCOMP (PDCOMP) - (File not found)) [On Demand - Stopped - Kernel driver]
PDFRAME (PDFRAME) - (File not found)) [On Demand - Stopped - Kernel driver]
PDRELI (PDRELI) - (File not found)) [On Demand - Stopped - Kernel driver]
PDRFRAME (PDRFRAME) - (File not found)) [On Demand - Stopped - Kernel driver]
perc2 (perc2) - (File not found)) [Disabled - Stopped - Kernel driver]
perc2hib (perc2hib) - (File not found)) [Disabled - Stopped - Kernel driver]
Plug and Play (PlugPlay) - C:\WINDOWS\system32\services.exe (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Pml Driver HPZ12 (Pml Driver HPZ12) - C:\WINDOWS\system32\HPZipm12.exe (HP ) [On Demand - Stopped - Win32, running in it's own process]
IPSEC Services (PolicyAgent) - C:\WINDOWS\system32\lsass.exe (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
WAN Miniport (PPTP) (PptpMiniport) - system32\DRIVERS\raspptp.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
Protected Storage (ProtectedStorage) - C:\WINDOWS\system32\lsass.exe (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
QoS Packet Scheduler (PSched) - system32\DRIVERS\psched.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
Direct Parallel Link Driver (Ptilink) - system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc. ) [On Demand - Running - Kernel driver]
PxHelp20 (PxHelp20) - \SystemRoot\System32\Drivers\PxHelp20.sys (Sonic Solutions ) [ - Running - Kernel driver]
ql1080 (ql1080) - (File not found)) [Disabled - Stopped - Kernel driver]
Ql10wnt (Ql10wnt) - (File not found)) [Disabled - Stopped - Kernel driver]
ql12160 (ql12160) - (File not found)) [Disabled - Stopped - Kernel driver]
ql1240 (ql1240) - (File not found)) [Disabled - Stopped - Kernel driver]
ql1280 (ql1280) - (File not found)) [Disabled - Stopped - Kernel driver]
Remote Access Auto Connection Driver (RasAcd) - system32\DRIVERS\rasacd.sys (Microsoft Corporation ) [ - Running - Kernel driver]
Remote Access Auto Connection Manager (RasAuto) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [On Demand - Stopped - Win32, running in a shared process]
WAN Miniport (L2TP) (Rasl2tp) - system32\DRIVERS\rasl2tp.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
Remote Access Connection Manager (RasMan) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [On Demand - Running - Win32, running in a shared process]
Remote Access PPPOE Driver (RasPppoe) - system32\DRIVERS\raspppoe.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
Direct Parallel (Raspti) - system32\DRIVERS\raspti.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
Rdbss (Rdbss) - system32\DRIVERS\rdbss.sys (Microsoft Corporation ) [ - Running - Filesystem driver]
RDPCDD (RDPCDD) - System32\DRIVERS\RDPCDD.sys (Microsoft Corporation ) [ - Running - Kernel driver]
RDPWD (RDPWD) - (File not found)) [On Demand - Stopped - Kernel driver]
Remote Desktop Help Session Manager (RDSessMgr) - C:\WINDOWS\system32\sessmgr.exe (Microsoft Corporation ) [On Demand - Stopped - Win32, running in it's own process]
Digital CD Audio Playback Filter Driver (redbook) - system32\DRIVERS\redbook.sys (Microsoft Corporation ) [ - Running - Kernel driver]
Routing and Remote Access (RemoteAccess) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [Disabled - Stopped - Win32, running in a shared process]
Remote Procedure Call (RPC) Locator (RpcLocator) - C:\WINDOWS\system32\locator.exe (Microsoft Corporation ) [On Demand - Stopped - Win32, running in it's own process]
Remote Procedure Call (RPC) (RpcSs) - C:\WINDOWS\system32\svchost -k rpcss (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
QoS RSVP (RSVP) - C:\WINDOWS\system32\rsvp.exe (Microsoft Corporation ) [On Demand - Stopped - Win32, running in it's own process]
S3SavageNB (S3SavageNB) - system32\DRIVERS\s3gnbm.sys (S3 Graphics, Inc. ) [On Demand - Running - Kernel driver]
Security Accounts Manager (SamSs) - C:\WINDOWS\system32\lsass.exe (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Sandra Data Service (SandraDataSrv) - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe (SiSoftware ) [On Demand - Stopped - Win32, running in it's own process]
Sandra Service (SandraTheSrv) - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe (SiSoftware ) [On Demand - Stopped - Win32, running in it's own process]
Smart Card (SCardSvr) - C:\WINDOWS\System32\SCardSvr.exe (Microsoft Corporation ) [On Demand - Stopped - Win32, running in a shared process]
Task Scheduler (Schedule) - C:\WINDOWS\System32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Secdrv (Secdrv) - system32\DRIVERS\secdrv.sys ( ) [On Demand - Stopped - Kernel driver]
Secondary Logon (seclogon) - C:\WINDOWS\System32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
System Event Notification (SENS) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Serenum Filter Driver (serenum) - system32\DRIVERS\serenum.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
Serial port driver (Serial) - system32\DRIVERS\serial.sys (Microsoft Corporation ) [ - Running - Kernel driver]
Sfloppy (Sfloppy) - (File not found)) [ - Stopped - Kernel driver]
Windows Firewall/Internet Connection Sharing (ICS) (SharedAccess) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Shell Hardware Detection (ShellHWDetection) - C:\WINDOWS\System32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Simbad (Simbad) - (File not found)) [Disabled - Stopped - Kernel driver]
Sparrow (Sparrow) - (File not found)) [Disabled - Stopped - Kernel driver]
speedfan (speedfan) - \SystemRoot\system32\speedfan.sys (Windows ® 2000 DDK provider ) [ - Running - Kernel driver]
Microsoft Kernel Audio Splitter (splitter) - system32\drivers\splitter.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
Print Spooler (Spooler) - C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation ) [Automatic - Running - Win32, running in it's own process]
System Restore Filter Driver (sr) - \SystemRoot\system32\DRIVERS\sr.sys (Microsoft Corporation ) [ - Running - Filesystem driver]
srescan (srescan) - \SystemRoot\system32\ZoneLabs\srescan.sys (Zone Labs, LLC ) [ - Running - Kernel driver]
System Restore Service (srservice) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Srv (Srv) - system32\DRIVERS\srv.sys (Microsoft Corporation ) [On Demand - Running - Filesystem driver]
SSDP Discovery Service (SSDPSRV) - C:\WINDOWS\system32\svchost.exe -k LocalService (Microsoft Corporation ) [On Demand - Running - Win32, running in a shared process]
Windows Image Acquisition (W

Attached Files

•  BitDefender_Scan.html   20.17KB   37 downloads

[Spider-Man]

Windows Image Acquisition (WIA) (stisvc) - C:\WINDOWS\system32\svchost.exe -k imgsvc (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Software Bus Driver (swenum) - system32\DRIVERS\swenum.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
Microsoft Kernel GS Wavetable Synthesizer (swmidi) - system32\drivers\swmidi.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
MS Software Shadow Copy Provider (SwPrv) - C:\WINDOWS\system32\dllhost.exe /Processid:{0132C1CD-7334-4567-8BF4-EBF4B222D5AA} (Microsoft Corporation ) [On Demand - Stopped - Win32, running in it's own process]
symc810 (symc810) - (File not found)) [Disabled - Stopped - Kernel driver]
symc8xx (symc8xx) - (File not found)) [Disabled - Stopped - Kernel driver]
sym_hi (sym_hi) - (File not found)) [Disabled - Stopped - Kernel driver]
sym_u3 (sym_u3) - (File not found)) [Disabled - Stopped - Kernel driver]
Microsoft Kernel System Audio Device (sysaudio) - system32\drivers\sysaudio.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
Performance Logs and Alerts (SysmonLog) - C:\WINDOWS\system32\smlogsvc.exe (Microsoft Corporation ) [On Demand - Stopped - Win32, running in it's own process]
Telephony (TapiSrv) - C:\WINDOWS\System32\svchost.exe -k netsvcs (Microsoft Corporation ) [On Demand - Running - Win32, running in a shared process]
TCP/IP Protocol Driver (Tcpip) - system32\DRIVERS\tcpip.sys (Microsoft Corporation ) [ - Running - Kernel driver]
TDPIPE (TDPIPE) - (File not found)) [On Demand - Stopped - Kernel driver]
TDTCP (TDTCP) - (File not found)) [On Demand - Stopped - Kernel driver]
Terminal Device Driver (TermDD) - system32\DRIVERS\termdd.sys (Microsoft Corporation ) [ - Running - Kernel driver]
Terminal Services (TermService) - C:\WINDOWS\System32\svchost -k DComLaunch (Microsoft Corporation ) [On Demand - Running - Win32, running in a shared process]
Themes (Themes) - C:\WINDOWS\System32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
TosIde (TosIde) - (File not found)) [Disabled - Stopped - Kernel driver]
Distributed Link Tracking Client (TrkWks) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Udfs (Udfs) - (File not found)) [Disabled - Stopped - Filesystem driver]
ultra (ultra) - (File not found)) [Disabled - Stopped - Kernel driver]
Microcode Update Driver (Update) - system32\DRIVERS\update.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
Universal Plug and Play Device Host (upnphost) - C:\WINDOWS\system32\svchost.exe -k LocalService (Microsoft Corporation ) [On Demand - Stopped - Win32, running in a shared process]
Uninterruptible Power Supply (UPS) - C:\WINDOWS\System32\ups.exe (Microsoft Corporation ) [On Demand - Stopped - Win32, running in it's own process]
Microsoft USB Generic Parent Driver (usbccgp) - system32\DRIVERS\usbccgp.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
Microsoft USB 2.0 Enhanced Host Controller Miniport Driver (usbehci) - system32\DRIVERS\usbehci.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
USB2 Enabled Hub (usbhub) - system32\DRIVERS\usbhub.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
Microsoft USB PRINTER Class (usbprint) - system32\DRIVERS\usbprint.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
USB Scanner Driver (usbscan) - system32\DRIVERS\usbscan.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
USB Mass Storage Driver (USBSTOR) - system32\DRIVERS\USBSTOR.SYS (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
Microsoft USB Universal Host Controller Miniport Driver (usbuhci) - system32\DRIVERS\usbuhci.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
VgaSave (VgaSave) - \SystemRoot\System32\drivers\vga.sys (Microsoft Corporation ) [ - Running - Kernel driver]
VIA AGP Bus Filter (viaagp) - \SystemRoot\system32\DRIVERS\viaagp.sys (Microsoft Corporation ) [ - Running - Kernel driver]
ViaIde (ViaIde) - \SystemRoot\system32\DRIVERS\viaide.sys (Microsoft Corporation ) [ - Running - Kernel driver]
VolSnap (VolSnap) - (File not found)) [ - Running - Kernel driver]
vsdatant (vsdatant) - System32\vsdatant.sys (Zone Labs, LLC ) [ - Running - Kernel driver]
TrueVector Internet Monitor (vsmon) - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service (Zone Labs, LLC ) [Automatic - Running - Win32, running in it's own process]
Volume Shadow Copy (VSS) - C:\WINDOWS\System32\vssvc.exe (Microsoft Corporation ) [On Demand - Stopped - Win32, running in it's own process]
Windows Time (W32Time) - C:\WINDOWS\System32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Remote Access IP ARP Driver (Wanarp) - system32\DRIVERS\wanarp.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
Windows CE USB Serial Host Driver (wceusbsh) - system32\DRIVERS\wceusbsh.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
WDICA (WDICA) - (File not found)) [On Demand - Stopped - Kernel driver]
Microsoft WINMM WDM Audio Compatibility Driver (wdmaud) - system32\drivers\wdmaud.sys (Microsoft Corporation ) [On Demand - Running - Kernel driver]
Genius SM32X2 PCI Audio (WDM) (wdm_fm801) - system32\drivers\fm801.sys (ForteMedia, Inc. ) [On Demand - Running - Kernel driver]
WebClient (WebClient) - C:\WINDOWS\system32\svchost.exe -k LocalService (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Windows Defender (WinDefend) - "C:\Program Files\Windows Defender\MsMpEng.exe" (Microsoft Corporation ) [Automatic - Running - Win32, running in it's own process]
Windows Management Instrumentation (winmgmt) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Portable Media Serial Number Service (WmdmPmSN) - C:\WINDOWS\System32\svchost.exe -k netsvcs (Microsoft Corporation ) [On Demand - Stopped - Win32, running in a shared process]
WMI Performance Adapter (WmiApSrv) - C:\WINDOWS\system32\wbem\wmiapsrv.exe (Microsoft Corporation ) [On Demand - Stopped - Win32, running in it's own process]
Windows Media Player Network Sharing Service (WMPNetworkSvc) - "C:\Program Files\Windows Media Player\WMPNetwk.exe" (Microsoft Corporation ) [On Demand - Stopped - Win32, running in it's own process]
Security Center (wscsvc) - C:\WINDOWS\System32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Automatic Updates (wuauserv) - C:\WINDOWS\system32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - system32\DRIVERS\WudfPf.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - system32\DRIVERS\wudfrd.sys (Microsoft Corporation ) [On Demand - Stopped - Kernel driver]
Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup (Microsoft Corporation ) [On Demand - Stopped - Win32, running in a shared process]
Wireless Zero Configuration (WZCSVC) - C:\WINDOWS\System32\svchost.exe -k netsvcs (Microsoft Corporation ) [Automatic - Running - Win32, running in a shared process]
Network Provisioning Service (xmlprov) - C:\WINDOWS\System32\svchost.exe -k netsvcs (Microsoft Corporation ) [On Demand - Stopped - Win32, running in a shared process]

< Files >

%SystemDrive%

%ProgramFilesDir%

%WinDir%

%System%
C:\WINDOWS\SYSTEM32\dfrg.msc - PEC2 ( [Ver = | Size = 41397 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\DivX.dll - PEC2 (DivX, Inc. [Ver = 6.5.0.47 | Size = 638554 bytes | Date = 30/01/2007 04:56:48 | Attr = ])
C:\WINDOWS\SYSTEM32\DivX.dll - PECompact2 (DivX, Inc. [Ver = 6.5.0.47 | Size = 638554 bytes | Date = 30/01/2007 04:56:48 | Attr = ])
C:\WINDOWS\SYSTEM32\LegitCheckControl.DLL - PTech (Microsoft Corporation [Ver = 1.5.0723.1 | Size = 1474864 bytes | Date = 12/12/2006 10:45:04 | Attr = ])
C:\WINDOWS\SYSTEM32\MRT.exe - PECompact2 (Microsoft Corporation [Ver = 1.24.1635.0 | Size = 10980776 bytes | Date = 02/01/2007 15:19:46 | Attr = ])
C:\WINDOWS\SYSTEM32\MRT.exe - aspack (Microsoft Corporation [Ver = 1.24.1635.0 | Size = 10980776 bytes | Date = 02/01/2007 15:19:46 | Attr = ])
C:\WINDOWS\SYSTEM32\ntdll.dll - aspack (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 708096 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\nusrmgr.cpl - WSUD (Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 257024 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\rasdlg.dll - Umonitor (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 657920 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\wbdbase.deu - winsync ( [Ver = | Size = 1309184 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\wmploc.dll - PEC2 (Microsoft Corporation [Ver = 11.0.5721.5145 (WMP_11.061018-2006) | Size = 8231936 bytes | Date = 18/10/2006 21:47:20 | Attr = ])
C:\WINDOWS\SYSTEM32\wmploc.dll - WSUD (Microsoft Corporation [Ver = 11.0.5721.5145 (WMP_11.061018-2006) | Size = 8231936 bytes | Date = 18/10/2006 21:47:20 | Attr = ])

%System%\Drivers folder and sub-folders
C:\WINDOWS\SYSTEM32\drivers\avg7core.sys - UPX! (GRISOFT, s.r.o. [Ver = 7.5.0.435 | Size = 839936 bytes | Date = 09/02/2007 09:52:56 | Attr = ])
C:\WINDOWS\SYSTEM32\drivers\avg7core.sys - FSG! (GRISOFT, s.r.o. [Ver = 7.5.0.435 | Size = 839936 bytes | Date = 09/02/2007 09:52:56 | Attr = ])
C:\WINDOWS\SYSTEM32\drivers\avg7core.sys - PEC2 (GRISOFT, s.r.o. [Ver = 7.5.0.435 | Size = 839936 bytes | Date = 09/02/2007 09:52:56 | Attr = ])
C:\WINDOWS\SYSTEM32\drivers\avg7core.sys - aspack (GRISOFT, s.r.o. [Ver = 7.5.0.435 | Size = 839936 bytes | Date = 09/02/2007 09:52:56 | Attr = ])

%windir% + sub-dirs for System or Hidden files less than 60 days old
C:\WINDOWS\bootstat.dat - ( [Ver = | Size = 2048 bytes | Date = 10/02/2007 11:58:52 | Attr = S])
C:\WINDOWS\assembly\Desktop.ini - ( [Ver = | Size = 227 bytes | Date = 25/12/2006 18:28:12 | Attr = RHS])
C:\WINDOWS\inf\oem11.inf - ( [Ver = | Size = 0 bytes | Date = 24/12/2006 15:28:16 | Attr = H ])
C:\WINDOWS\LastGood\INF\oem15.inf - ( [Ver = | Size = 0 bytes | Date = 10/02/2007 12:26:26 | Attr = H ])
C:\WINDOWS\LastGood\INF\oem15.PNF - ( [Ver = | Size = 0 bytes | Date = 10/02/2007 12:26:26 | Attr = H ])
C:\WINDOWS\system32\vsconfig.xml - ( [Ver = | Size = 48877 bytes | Date = 10/02/2007 11:59:46 | Attr = H ])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB929969.cat - ( [Ver = | Size = 7894 bytes | Date = 22/12/2006 11:53:02 | Attr = S])
C:\WINDOWS\system32\config\default.LOG - ( [Ver = | Size = 1024 bytes | Date = 10/02/2007 18:30:02 | Attr = H ])
C:\WINDOWS\system32\config\SAM.LOG - ( [Ver = | Size = 1024 bytes | Date = 10/02/2007 17:06:46 | Attr = H ])
C:\WINDOWS\system32\config\SECURITY.LOG - ( [Ver = | Size = 1024 bytes | Date = 10/02/2007 12:09:30 | Attr = H ])
C:\WINDOWS\system32\config\software.LOG - ( [Ver = | Size = 1024 bytes | Date = 10/02/2007 18:29:08 | Attr = H ])
C:\WINDOWS\system32\config\system.LOG - ( [Ver = | Size = 1024 bytes | Date = 10/02/2007 17:59:18 | Attr = H ])
C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG - ( [Ver = | Size = 1024 bytes | Date = 02/02/2007 18:44:14 | Attr = H ])
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 - ( [Ver = | Size = 688 bytes | Date = 02/02/2007 05:53:22 | Attr = S])
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30 - ( [Ver = | Size = 47022 bytes | Date = 02/02/2007 05:53:24 | Attr = S])
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\CFC456E7E410D69E2C6F3E2DB75C7DB3 - ( [Ver = | Size = 1039 bytes | Date = 28/12/2006 02:26:38 | Attr = S])
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 - ( [Ver = | Size = 94 bytes | Date = 02/02/2007 05:53:22 | Attr = S])
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30 - ( [Ver = | Size = 124 bytes | Date = 02/02/2007 05:53:24 | Attr = S])
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\CFC456E7E410D69E2C6F3E2DB75C7DB3 - ( [Ver = | Size = 126 bytes | Date = 28/12/2006 02:26:38 | Attr = S])
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\5df5eac2-c0ce-48f2-8e72-5d757a353853 - ( [Ver = | Size = 388 bytes | Date = 27/01/2007 23:06:54 | Attr = HS])
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\Preferred - ( [Ver = | Size = 24 bytes | Date = 27/01/2007 23:06:54 | Attr = HS])
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\efca1d15-0ccc-4f12-9fc5-874b309b6992 - ( [Ver = | Size = 388 bytes | Date = 14/12/2006 20:50:28 | Attr = HS])
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred - ( [Ver = | Size = 24 bytes | Date = 14/12/2006 20:50:28 | Attr = HS])
C:\WINDOWS\Tasks\MP Scheduled Scan.job - ( [Ver = | Size = 330 bytes | Date = 10/02/2007 12:02:10 | Attr = H ])
C:\WINDOWS\Tasks\SA.DAT - ( [Ver = | Size = 6 bytes | Date = 10/02/2007 11:59:04 | Attr = H ])

CPL files
C:\WINDOWS\SYSTEM32\access.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 68608 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\appwiz.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 549888 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\bthprops.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 110592 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\desk.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 135168 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\firewall.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 80384 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\fmedia.cpl - ( [Ver = | Size = 29696 bytes | Date = 06/11/2001 13:50:28 | Attr = ])
C:\WINDOWS\SYSTEM32\hdwwiz.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 155136 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\inetcpl.cpl - (Microsoft Corporation [Ver = 7.00.5730.11 (winmain(wmbla).061017-1135) | Size = 1817088 bytes | Date = 17/10/2006 13:05:48 | Attr = ])
C:\WINDOWS\SYSTEM32\intl.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\irprops.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 380416 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\joy.cpl - (Microsoft Corporation [Ver = 5.03.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 68608 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\jpicpl32.cpl - (Sun Microsystems, Inc. [Ver = 5.0.80.3 | Size = 49265 bytes | Date = 26/07/2006 03:03:14 | Attr = ])
C:\WINDOWS\SYSTEM32\main.cpl - (Microsoft Corporation [Ver = 5.1.2403.1 | Size = 187904 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\mmsys.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 618496 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\ncpa.cpl - (Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 35840 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\netsetup.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 25600 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\nusrmgr.cpl - (Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 257024 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\odbccp32.cpl - (Microsoft Corporation [Ver = 3.525.1117.0 (xpsp_sp2_rtm.040803-2158) | Size = 32768 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\powercfg.cpl - (Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 114688 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\SanCpl.cpl - (SiSoftware [Ver = 10.105.2007.8 | Size = 38432 bytes | Date = 01/08/2006 18:14:06 | Attr = ])
C:\WINDOWS\SYSTEM32\sysdm.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 298496 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\telephon.cpl - (Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 28160 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\timedate.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 94208 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\wscui.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 148480 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\wuaucpl.cpl - (Microsoft Corporation [Ver = 5.8.0.2469 built by: lab01_n(wmbla) | Size = 174360 bytes | Date = 26/05/2005 03:16:30 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\access.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 68608 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\appwiz.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 549888 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\desk.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 135168 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\firewall.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 80384 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\hdwwiz.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 155136 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\inetcpl.cpl - (Microsoft Corporation [Ver = 7.00.5730.11 (winmain(wmbla).061017-1135) | Size = 1817088 bytes | Date = 17/10/2006 13:05:48 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\intl.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\joy.cpl - (Microsoft Corporation [Ver = 5.03.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 68608 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\main.cpl - (Microsoft Corporation [Ver = 5.1.2403.1 | Size = 187904 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\mmsys.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 618496 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\ncpa.cpl - (Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 35840 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\netsetup.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 25600 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\nusrmgr.cpl - (Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 257024 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\odbccp32.cpl - (Microsoft Corporation [Ver = 3.525.1117.0 (xpsp_sp2_rtm.040803-2158) | Size = 32768 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\powercfg.cpl - (Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 114688 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\sapi.cpl - (Microsoft Corporation [Ver = 5.1.4111.00 (xpsp_sp2_rtm.040803-2158) | Size = 155648 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\sysdm.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 298496 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\telephon.cpl - (Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 28160 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\timedate.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 94208 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\wscui.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 148480 bytes | Date = 04/08/2004 12:00:00 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\wuaucpl.cpl - (Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 162304 bytes | Date = 04/08/2004 12:00:00 | Attr = ])

Auto-Start Folders

HKLM->Explorer\Shell Folders\\Common Startup = C:\Documents and Settings\All Users\Start Menu\Programs\Startup
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini - ( [Ver = | Size = 84 bytes | Date = 27/10/2006 10:35:58 | Attr = HS])

HKLM->Explorer\User Shell Folders\\Common Startup = %ALLUSERSPROFILE%\Start Menu\Programs\Startup

HKLM->Explorer\Shell Folders\\Startup = C:\Documents and Settings\Rob\Start Menu\Programs\Startup
C:\Documents and Settings\Rob\Start Menu\Programs\Startup\desktop.ini - ( [Ver = | Size = 84 bytes | Date = 27/10/2006 10:35:58 | Attr = HS])

HKCU->Explorer\User Shell Folders\\Startup = %USERPROFILE%\Start Menu\Programs\Startup

Miscellaneous Auto-Start Files
System.ini->[Boot]\\Shell - Explorer.exe
Wininit.ini: Line 1 - [RENAME]
Wininit.ini: Line 2 - NUL=C:\DOCUME~1\Rob\LOCALS~1\Temp\nstmp\uninstall.exe
Wininit.ini: Line 3 - NUL=C:\DOCUME~1\Rob\LOCALS~1\Temp\nstmp\uninstall.ini
Wininit.ini: Line 4 - NUL=C:\DOCUME~1\Rob\LOCALS~1\Temp\nstmp
Wininit.ini: Line 5 - NUL=C:\DOCUME~1\Rob\LOCALS~1\Temp\nstmp\uninstall.exe
Wininit.ini: Line 6 - NUL=C:\DOCUME~1\Rob\LOCALS~1\Temp\nstmp\uninstall.ini
Wininit.ini: Line 7 - NUL=C:\DOCUME~1\Rob\LOCALS~1\Temp\nstmp
Config.nt: Line 54 - dos=high, umb
Config.nt: Line 55 - device=%SystemRoot%\system32\himem.sys
Config.nt: Line 56 - files=40
AutoExec.nt: Line 1 - @echo off
AutoExec.nt: Line 8 - lh %SystemRoot%\system32\mscdexnt.exe
AutoExec.nt: Line 11 - lh %SystemRoot%\system32\redir
AutoExec.nt: Line 14 - lh %SystemRoot%\system32\dosx
AutoExec.nt: Line 36 - SET BLASTER=A220 I5 D1 P330 T3

Miscellaneous Folders

AllUsers ApplicationData Folder
C:\Documents and Settings\All Users\Application Data\desktop.ini - ( [Ver = | Size = 62 bytes | Date = 27/10/2006 11:25:30 | Attr = HS])
C:\Documents and Settings\All Users\Application Data\hpzinstall.log - ( [Ver = | Size = 228 bytes | Date = 02/11/2006 23:20:50 | Attr = ])

CurrentUser ApplicationData Folder
C:\Documents and Settings\Rob\Application Data\$_hpcst$.hpc - ( [Ver = | Size = 2528 bytes | Date = 27/12/2006 21:43:56 | Attr = ])
C:\Documents and Settings\Rob\Application Data\desktop.ini - ( [Ver = | Size = 62 bytes | Date = 27/10/2006 11:25:30 | Attr = HS])

Program Files Folder

Common Files Folder

DPF files
{0E5F0222-96B9-11D3-8997-00104BD12D94} - PCPitstop Utility - CodeBase = http://www.pcpitstop...p/PCPitStop.CAB
{17492023-C23A-453E-A040-C7C580BBF700} - Windows Genuine Advantage Validation Tool - CodeBase = http://download.micr...heckControl.cab
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - BDSCANONLINE Control - CodeBase = http://download.bitd...can8/oscan8.cab
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - MUWebControl Class - CodeBase = http://update.micros...b?1166913209617
{8AD9C840-044E-11D1-B3E9-00805F499D93} - Java Plug-in 1.5.0_08 - CodeBase = http://java.sun.com/...indows-i586.cab
{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} - Java Plug-in 1.5.0_08 - CodeBase = http://java.sun.com/...indows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - Java Plug-in 1.5.0_08 - CodeBase = http://java.sun.com/...indows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} - - CodeBase = http://fpdownload.ma...ash/swflash.cab

Hosts file = 734 bytes. Reading all entries. C:\WINDOWS\System32\drivers\etc\Hosts
# Copyright © 1993-1999 Microsoft Corp. -
# -
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. -
# -
# This file contains the mappings of IP addresses to host names. Each -
# entry should be kept on an individual line. The IP address should -
# be placed in the first column followed by the corresponding host name. -
# The IP address and the host name should be separated by at least one -
# space. -
# -
# Additionally, comments (such as these) may be inserted on individual -
# lines or following the machine name denoted by a '#' symbol. -
# -
# For example: -
# -
# 102.54.94.97 rhino.acme.com # source server -
# 38.25.63.10 x.acme.com # x client host -
-
127.0.0.1 localhost -

< Add On's >

>>>>Output for AddOn file HKCU_IEDesktop.def<<<<

KEY - HKCU\Software\Microsoft\Internet Explorer\Desktop - Include SUBKEYS
HKCU\Software\Microsoft\Internet Explorer\Desktop -
Desktop\Components -
Desktop\Components\\DeskHtmlVersion - 272
Desktop\Components\\DeskHtmlMinorVersion - 5
Desktop\Components\\Settings - 1
Desktop\Components\\GeneralFlags - 5
Desktop\Components\0 -
Desktop\Components\0\\Source - About:Home
Desktop\Components\0\\SubscribedURL - About:Home
Desktop\Components\0\\FriendlyName - My Current Home Page
Desktop\Components\0\\Flags - 2
Desktop\Components\0\\Position - 2C 00 00 00 CC 00 00 00 00 00 00 00 34 03 00 00 E2 02 00 00 00 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00
Desktop\Components\0\\CurrentState - 04 00 00 40
Desktop\Components\0\\OriginalStateInfo - 18 00 00 00 CC 00 00 00 00 00 00 00 34 03 00 00 E2 02 00 00 04 00 00 40
Desktop\Components\0\\RestoredStateInfo - 18 00 00 00 CC 00 00 00 00 00 00 00 34 03 00 00 E2 02 00 00 01 00 00 00
Desktop\General -
Desktop\General\\BackupWallpaper - %SystemRoot%\web\wallpaper\Bliss.bmp
Desktop\General\\WallpaperFileTime - A8 63 13 75 B3 F9 C6 01
Desktop\General\\WallpaperLocalFileTime - A8 63 13 75 B3 F9 C6 01
Desktop\General\\TileWallpaper - 0
Desktop\General\\WallpaperStyle - 2
Desktop\General\\Wallpaper - %SystemRoot%\web\wallpaper\Bliss.bmp
Desktop\General\\ComponentsPositioned - 1
Desktop\Old WorkAreas -
Desktop\Old WorkAreas\\NoOfOldWorkAreas - 1
Desktop\Old WorkAreas\\OldWorkAreaRects - 00 00 00 00 00 00 00 00 80 02 00 00 C2 01 00 00
Desktop\SafeMode -
Desktop\SafeMode\General -
Desktop\SafeMode\General\\Wallpaper - %SystemRoot%\Web\SafeMode.htt
Desktop\SafeMode\General\\VisitGallery - 0
Desktop\Scheme -
Desktop\Scheme\\Edit -
Desktop\Scheme\\Display -

>>>>Output for AddOn file Policies.def<<<<

KEY - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies - Include SUBKEYS
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies -
policies\Attachments -
policies\Attachments\\ScanWithAntiVirus - 2
policies\NonEnum -
policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} - 1
policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} - 1073741857
policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} - 32
policies\Ratings -
policies\system -
policies\system\\dontdisplaylastusername - 0
policies\system\\legalnoticecaption -
policies\system\\legalnoticetext -
policies\system\\shutdownwithoutlogon - 1
policies\system\\undockwithoutlogon - 1

KEY - HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer - Include SUBKEYS
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer not found. -

KEY - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies - Include SUBKEYS
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies -
policies\Explorer -
policies\Explorer\\NoDriveTypeAutoRun - 145

KEY - HKCU\SOFTWARE\Policies\Microsoft\Internet Explorer - Include SUBKEYS
HKCU\SOFTWARE\Policies\Microsoft\Internet Explorer not found. -

>>>>Output for AddOn file SID_Run_Policies.def<<<<

KEY - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run - No SUBKEYS
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run -
Run\\AVG7_Run - C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE

KEY - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run - No SUBKEYS
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run -
Run\\AVG7_Run - C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE

KEY - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies - Include SUBKEYS
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies -
Policies\Explorer -
Policies\Explorer\\NoDriveTypeAutoRun - 145

KEY - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies - Include SUBKEYS
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies -
Policies\Explorer -
Policies\Explorer\\NoDriveTypeAutoRun - 145

< End of report >

[Flrman1]

As you can see Java 1.5 Update 8 is still installed as it is needed for my college course, although I can uninstall it if need be, although I will need to reinstall it again in future.

Does the application you need it for not run with the latest version of Java?

[Flrman1]

Before we go any further, please do this:

• Please go here using Internet Explorer.
• Click on "Windows Validation Assistant"
• Click on the "Validate Now" button.
• Be patient while the ActiveX loads, do not click on any links.
• Read the instructions on this page while it's loading. You will be prompted to install - click YES.
• Enter your product key then click "continue"
• When it says "Validation Complete" please click "Continue to return to your previous activity"
• Copy what it says and paste it here.

[Spider-Man]

Hi there. I am unsure why, but for my course I need JCreator 2.5 LE and the JDK 1.5 Update 8.

The M$ website says,

Thank you for comparing your anti-piracy features.

Your COA exhibits Microsoft’s anti-piracy features.

These features are designed to reduce counterfeiting, and their presence on your Certificate of Authenticity is a positive indicator of a genuine Microsoft Windows operating system.


The COA is 100% legal, it was stuck to the Fujitsu Siemens PC i bought around 5 years ago, which I have now stripped down due to the motherboard failing and have rebuilt it with a new motherboard. The license is only used on this computer[as far as I am aware, that is] and is 100% legal, I registered it with M$ when I first reinstalled Windows a few months back.

The 'Validation Crack' (virus) program you see installed on the system scans were downloaded to try and obtain the Product Key of my system, as I knew it was 100% legitimate, I just couldn't find the original case in my house, which I have since found. I thought the downloaded program just scanned the registries and found the product key so I could note it down before I reinstalled windows. I have found that Magic Jellybean Finder does this correctly, and doesn't give me viruses. I spoke to the MS representative when I re-activated it and they said it was legal to use such programs to access the installed(and validated) product key. The disk I reinstalled it with was the Fujitsu Siemens XP SP1 disk, which I then had to validate the installation over the phone to download SP2.

Thank you:)

EDIT:

I didn't realise, I had to validate that my cd is genuine. Here's what the website said to that:

Thank you for comparing your anti-piracy features.

Your disc exhibits Microsoft’s anti-piracy features.

These features are designed to reduce counterfeiting, and their presence on your disc is a positive indicator of a genuine Microsoft Windows operating system. If you acquired your Microsoft Windows operating system as an individually boxed product, your box should contain a Certificate of Authenticity. For more information on the Certificate of Authenticity, locate your product on the How to Tell Windows Category Page.

Edited by Spider-Man, 10 February 2007 - 02:40 PM.

[Flrman1]

How is the pc behaving now?

[Spider-Man]

The internet still seems very sluggish, sound on web pages still doesn't play(not sure if that's related or not) and the CPU Usage is always shown as being very high, even though the computer has just been started, the only thing running is one Firefox page and AVG is running in the background, so it's hardly intensive work, yet the CPU Usage is showing 80%+ pretty much all the time(Celeron D 2.13ghz)- although I'm not sure if that's malware causing that problem either. All the processes running are all normal so I don't see any things running that shouldn't be. Is it likely malware is the cause of having no sound on web pages?

Thanks

[Flrman1]

I'd say one thing that could be causing the internet to be sluggish is this:

O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized

Having that running can be a major resource hog. Not to mention the fact that you are taking a huge risk using it.

I'm going to take a minute to preach on that a bit and warn you further. Many of the infections we see here are spread primarily through p2p networks like Limewire and WinMX. I strongly urge you to stop using these applications. It just is not worth it.

By using these programs to share illegal files, you are opening yourself up to all kinds of infections. Not only do you put yourself at risk, but you are literally being used as a vehicle to spread infections around the world.

Add to that the ethical and legal implications of obtaining copyrighted material that you haven't paid for and you have yourself a no-win situation. I don't want to come across as holier than thou in any way. I'll confess that I used to use Kazaa a lot to download music and software some years ago. I was eventually persuaded by good folks on forums like this that I should discontinue this activity.

I would be doing you and the online community a disservice if I did not at least bring this to your attention. Of course the choice is yours and I'm not in any way trying to force you to do things my way. I'm just presenting the facts to you as I see them so that you can make your own informed decision.

At the very least you need to disable BitTorrent so it doesn't load at startup which brings me to the following recommendations:

There are just a couple more things I'd like to point out. One is the fact that you should always limit the unnecessary apps loading when Windows starts. These apps are running all the time. Even when you are not using them. This is putting an unnecessary drain on your pcs resources. Below I'm posting some info to help you remove some of those.

The maintenance practices you'll find below should be done on a regular basis to keep your machine running efficiently. The frequency with which you perform these depends largely on your pc usage.

Keeping the programs that run when Windows boots up to a minimum is of great importance and has a significant effect on the performance of your pc. These I refer to here as "startups". ** See the Note below for info to help you identify the startups in your Hijack This log.

Another thing that can have a significant effect on your pc's performance is fragmentation. Over time the files on your computer will become fragmented. This can cause your machine to slow down and freeze. This fragmentation can be corrected by running the Windows Defragmentation tool.

You should go ahead and do all of the following now:

1: Remove unnecessary startups

This should be done through the Windows System Configuration Utility. I do not recommend using Hijack This to control your startups.

To use the Windows System Configuration Utility, Go to Start > Run and type in msconfig.
Click OK or hit the Enter key.

Click on the "Startup" tab and remove the check by the items that you have determined are unnecessary. Click "Apply" then "Close"

You will be prompted to restart. Go ahead and restart.

Upon restart you will be confronted with a dialogue box warning about running in selective startup. Just ignore that message and put a check in the box by "Don't show me this message or launch the System Configuration Utility when Windows starts" and click "OK". You will not be bothered by the message again.

Keep in mind that some entries will be re-enabled in the startups each time you use that particular program. Therefore, you will have to find the option in that programs preferences that says something like "Load with Windows" or "Run when Windows Starts" and disable that option.

Go here for info on msconfig:

You can look up the startups at the following links to help determine what is needed and what is not:

ComputerCops Startuplist

BleepingComputer Startuplist

AnswersThatWork Task List

Windows Startup Application Knowledge Base


** Note: The startups are represented by the O4 entries in your Hijack This log like this one:

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

Look them up at those links by copying and pasting the name in the brackets (as bolded in the example above [QuickTime Task]) in the search box on the Startuplist (Castlecops) and Startup Programs Database (Bleepingcomputer) pages. Read the Usage Instructions/information that tells you how to use the pages and identify what to remove and what not to remove. For example, it tells you that if you see a "Y" under the Status column for startup entry it means Yes that entry is normally needed to run at startup. "N" under status means No it is not needed to run at startup and you should disable it. "X" means that it is definitely not needed and usually the Xs are malware. There is more info on those pages that tell you how to use the lists so please read that before you begin disabling startups.


2: How to Defrag your Hard Drive


3: How to Run Disk Cleanup


4: Finally, How to Run chkdsk:

To use Chkdsk, click Start and My Computer. Right-click the hard drive you want to check, and click Properties. Select the Tools tab and click Check Now. Check both boxes. Click Start. You'll get a message that the computer must be rebooted to run a complete check. Click Yes and reboot. Chkdsk will take awhile, so run it when you don't need to use the computer for something else.

[Spider-Man]

Hi there. Thanks for the advice, I always try to keep everything to a minimum in the startup list on msconfig, the only thing I usually let run is AVG, as my router has a built-in firewall. I usually only use things like BitTorrent to get old versions of programs, or to download trial versions just when I have a random thing to do, like convert a video file to audio only etc. Can you see anything obvious other than the bittorrent forced startup that may be causing sound not to play on web pages. Sound plays in games, windows media player etc but there's still no sound.I've now installed ALL audio programs yet no sound is achieved in either IE, Firefox or Opera, so I'm completely and utterly at a loss with this problem.

Thanks for all your help:)

[Flrman1]

Click here to download websoundfix.zip and save it to your desktop.

• Unzip it to extract the websoundfix.reg file it contains.
• Doubleclick on the websoundfix.reg file to add it to the registry.
• Answer yes to confirm the merge.
• Restart your computer then see if you have sound in web pages.

Attached Files

•  websoundfix.zip   736bytes   110 downloads