Here is the comboscan log
ComboScan v20070221.16 run by Scott on 2007-02-24 at 10:57:44
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Successfully created restore point.
Performed disk cleanup.
-- HijackThis (run as Scott.exe) ------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 10:58:39 AM, on 2/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LXSUPMON.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Scott\Desktop\comboscan.exe
C:\hjt\Scott.exe
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: SpeedUpMyPC.lnk = C:\Documents and Settings\Scott\Desktop\speedupmypc.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) -
http://www.ipix.com/viewers/ipixx.cabO16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) -
https://www-secure.s...sa/LSSupCtl.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) -
https://www-secure.s...sa/SymAData.cabO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
-- HijackThis Fixed Entries (C:\hjt\backups\) -----------------------------------
backup-20050109-004318-483 O4 - Startup: FriendFinder Messenger.lnk = C:\Program Files\FriendFinder Messenger\FriendFinder Messenger.exe
backup-20050109-004521-742 O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll
backup-20050109-005350-347 R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
backup-20050109-005421-754 O2 - BHO: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - (no file)
backup-20050109-005638-471 O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
backup-20050109-005908-529 O16 - DPF: Yahoo! Backgammon -
http://download.game...nts/y/at1_x.cabbackup-20050109-005908-714 O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
backup-20050109-005910-198 O16 - DPF: Yahoo! Literati -
http://download.game...nts/y/tt3_x.cabbackup-20050109-005910-598 O16 - DPF: Yahoo! Chat -
http://us.chat1.yimg...t/c381/chat.cabbackup-20050109-005910-880 O16 - DPF: Yahoo! Chess -
http://download.game...nts/y/ct2_x.cabbackup-20050109-005911-545 O16 - DPF: Yahoo! Poker -
http://download.game...nts/y/pt3_x.cabbackup-20050109-005911-562 O16 - DPF: {0F9B4CA4-A30F-480A-841D-69B45C50A8F8} (SekureL0gin.SekureKontrol) -
http://secure2.comne...iveSekurity.cabbackup-20050109-005912-789 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupd...b?1095879984751backup-20050109-005914-108 O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) -
http://www.nick.com/.../GrooveAX27.cabbackup-20050109-005914-893 O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) -
http://secure2.comne...iveSecurity.cabbackup-20050109-005915-365 O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) -
http://us.dl1.yimg.c...utocomplete.cabbackup-20050114-225709-593 O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
backup-20050115-090628-845 O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
backup-20050115-094055-316 O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
backup-20050115-094112-816 O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
backup-20050115-094423-458 O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
backup-20050115-094635-700 O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
backup-20050115-094642-318 O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
backup-20050120-072607-601 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - C:\WINDOWS\system32\xxvltgiu.dll (file missing)
backup-20050120-072620-969 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050120-072627-469 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050120-072633-122 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050120-072708-706 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - C:\WINDOWS\system32\ywbfsawf.dll
backup-20050120-072719-779 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - C:\WINDOWS\system32\ueiiafjk.dll
backup-20050120-072734-392 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050120-072734-524 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050120-072734-723 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050120-072745-314 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050120-072745-452 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050120-072745-698 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050120-202304-463 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050120-202304-546 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://tomcoyote.org/hjt/#Topbackup-20050120-202305-222 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050120-202305-432 O4 - HKLM\..\Run: [rqynwiqg] C:\WINDOWS\system32\rqynwiqg.exe
backup-20050120-202305-617 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050120-202440-160 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050120-202440-355 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050120-202440-491 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050120-202502-973 O4 - HKLM\..\Run: [LXBLKsk] C:\PROGRA~1\Lexmark\PHOTOC~1\LXBLKsk.exe
backup-20050120-202641-382 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050120-202641-390 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050120-202641-653 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050120-203444-503 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050120-203444-812 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050120-203444-860 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050120-203634-389 O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
backup-20050120-205120-467 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050120-205120-546 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050120-205120-815 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050120-221109-180 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050120-221109-577 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050120-221109-959 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050120-221131-285 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050120-221131-309 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050120-221131-470 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050120-221220-491 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050120-221220-498 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050120-221220-829 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050121-175036-390 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
backup-20050121-175036-470 R3 - Default URLSearchHook is missing
backup-20050121-175037-140 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050121-175037-932 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050121-175325-414 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050121-175325-685 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050121-175325-759 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050121-175337-710 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050121-175337-888 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050121-175337-977 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-075212-269 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050122-075212-352 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050122-075212-444 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-093807-403 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-093807-436 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050122-093807-457 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050122-093807-737 O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) -
http://www.nick.com/.../GrooveAX27.cabbackup-20050122-093807-923 O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
backup-20050122-093808-640 O23 - Service: Miscrosoft Updates Service 5 - Unknown - C:\WINDOWS\system32\msupd5.exe
backup-20050122-114856-555 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050122-114856-564 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-114856-846 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050122-153753-740 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050122-153753-821 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-153753-961 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050122-153801-168 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050122-153801-257 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-153801-990 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050122-153818-343 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050122-153818-559 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-153818-822 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050122-153828-318 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050122-153828-406 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-153828-647 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050122-153840-100 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050122-153840-827 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050122-153840-829 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-153846-225 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050122-153846-494 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-153846-723 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050122-153857-190 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-153857-838 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050122-153857-955 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050122-153904-260 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-153904-464 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050122-153904-839 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050122-161655-143 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-161655-364 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050122-161655-384 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050122-173506-564 O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
backup-20050122-173506-729 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050122-173506-750 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-173506-949 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050122-173522-164 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-173522-698 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050122-173522-833 O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
backup-20050122-173522-965 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050122-173551-283 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050122-173551-774 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050122-173551-924 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-173600-183 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-173600-265 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050122-173600-540 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050122-222137-140 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-222137-758 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050122-222137-830 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050122-222137-942 O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
backup-20050122-222153-131 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050122-222153-861 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050122-222153-864 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050124-064100-121 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050124-064100-450 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050124-064100-901 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050124-064108-268 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050124-064108-303 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050124-064108-738 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050127-072335-432 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050127-072336-178 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050127-072336-637 O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
backup-20050127-072336-948 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050607-065101-117 O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
backup-20050607-065101-244 O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
backup-20050607-065101-475 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
backup-20050607-065101-522 O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
backup-20050607-065101-615 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050607-065101-717 O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
backup-20050607-065101-760 O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
backup-20050607-065101-778 O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
backup-20050607-065101-785 O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
backup-20050607-065101-794 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050607-065101-825 O4 - HKLM\..\Run: [EarthLink Installer] " /C
backup-20050607-065101-836 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050607-065101-906 O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
backup-20050607-065101-913 O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
backup-20050701-102000-283 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050701-102000-478 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050701-102000-504 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050706-070107-527 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050706-070107-575 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050706-070107-684 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai...all/xscan53.cabbackup-20050706-070107-736 O4 - HKLM\..\Run: [Google Earth Viewer] GOOGLEMAPS.EXE
backup-20050706-070107-747 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050706-070107-922 O4 - HKLM\..\Run: [BO1HelperStartUp] C:\PROGRA~1\BUTTER~1\BO1HEL~1.EXE /partner BO1
backup-20050706-070108-421 O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
backup-20050709-111841-562 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050709-111841-594 O4 - HKLM\..\Run: [Google Earth Viewer] GOOGLEMAPS.EXE
backup-20050709-111841-771 O4 - HKLM\..\Run: [SystemClockManager] C:\WINDOWS\\\\\\\\\\\\\\\\\\\
backup-20050709-111841-798 O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.EXE 1
backup-20050709-111841-906 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050709-111841-957 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050709-111841-997 O4 - HKCU\..\RunOnce: [Google Earth Viewer] GOOGLEMAPS.EXE
backup-20050713-060630-303 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20050713-060631-157 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20050713-060631-377 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20050713-060631-552 O4 - HKLM\..\Run: [Google Earth Viewer] GOOGLEMAPS.EXE
backup-20051217-101729-132 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20051217-101729-476 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20051217-101729-871 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
backup-20051217-101758-464 O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
backup-20051217-101811-224 O2 - BHO: (no name) - {8EFFF703-4278-6F97-423D-DC11C0FB1DD8} - (no file)
backup-20051217-101811-571 O2 - BHO: (no name) - {1187095B-1026-D76E-4E16-CEEFF21BB026} - (no file)
backup-20051217-101811-893 O2 - BHO: (no name) - {96B10A41-6820-72E2-2CBA-C84720F4FC94} - (no file)
-- File Associations ------------------------------------------------------------
.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ----------------------
3R AN983 (ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter) - C:\WINDOWS\system32\drivers\an983.sys
3S Arp1394 (1394 ARP Client Protocol) - C:\WINDOWS\system32\drivers\arp1394.sys
1R AVG Anti-Spyware Driver - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
1R AvgAsCln (AVG Anti-Spyware Clean Driver) - C:\WINDOWS\system32\drivers\AvgAsCln.sys
3R basic2 - C:\WINDOWS\system32\drivers\basic2.sys
2R Cnxtdiag - C:\WINDOWS\system32\drivers\cnxtdiag.sys
1R eeCtrl (Symantec Eraser Control driver) - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
2R Fallback - C:\WINDOWS\system32\drivers\fallback.sys
2R Fsks - C:\WINDOWS\system32\drivers\fsksnt.sys
3R GEARAspiWDM (GEAR CDRom Filter) - C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
3S GTNDIS5 (GTNDIS5 NDIS Protocol Driver) - C:\WINDOWS\system32\GTNDIS5.sys
3R HidUsb (Microsoft HID Class Driver) - C:\WINDOWS\system32\drivers\hidusb.sys
3S hsf_msft - C:\WINDOWS\system32\drivers\HSF_MSFT.sys
3R i81x - C:\WINDOWS\system32\drivers\i81xnt5.sys
3S iAimFP0 - C:\WINDOWS\system32\drivers\wADV01nt.sys
3S iAimFP1 - C:\WINDOWS\system32\drivers\wADV02NT.sys
3S iAimFP2 - C:\WINDOWS\system32\drivers\wADV05NT.sys
3S iAimFP3 - C:\WINDOWS\system32\drivers\wSiINTxx.sys
3S iAimFP4 - C:\WINDOWS\system32\drivers\wVchNTxx.sys
3S iAimTV0 - C:\WINDOWS\system32\drivers\wATV01nt.sys
3S iAimTV1 - C:\WINDOWS\system32\drivers\wATV02NT.sys
3S iAimTV3 - C:\WINDOWS\system32\drivers\wATV04nt.sys
3S iAimTV4 - C:\WINDOWS\system32\drivers\wCh7xxNT.sys
0S IFP700 (iRiver Internet Audio Player IFP-700) - C:\WINDOWS\system32\drivers\ifp700.sys (not found)
3S Jukebox3 - C:\WINDOWS\system32\drivers\ctpdusb.sys
2R K56 - C:\WINDOWS\system32\drivers\k56nt.sys
2R MASPINT - C:\WINDOWS\system32\drivers\MASPINT.SYS
2R MCSTRM - C:\WINDOWS\system32\drivers\mcstrm.sys
3R mouhid (Mouse HID Driver) - C:\WINDOWS\system32\drivers\mouhid.sys
3R ms_mpu401 (Microsoft MPU-401 MIDI UART Driver) - C:\WINDOWS\system32\drivers\msmpu401.sys
3S mueaaldu - C:\WINDOWS\system32\drivers\mueaaldu.sys (not found)
3R NAVENG - C:\Program Files\Common Files\Symantec Shared\VirusDefs\20060614.035\NAVENG.SYS
3R NAVEX15 - C:\Program Files\Common Files\Symantec Shared\VirusDefs\20060614.035\NAVEX15.SYS
3S NIC1394 (1394 Net Driver) - C:\WINDOWS\system32\drivers\nic1394.sys
0R ohci1394 (Texas Instruments OHCI Compliant IEEE 1394 Host Controller) - C:\WINDOWS\system32\drivers\ohci1394.sys
1R P3 (Intel PentiumIII Processor Driver) - C:\WINDOWS\system32\drivers\p3.sys
3R pfc (Padus ASPI Shell) - C:\WINDOWS\system32\drivers\pfc.sys
3R Rksample - C:\WINDOWS\system32\drivers\rksample.sys
3S rtl8139 (Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver) - C:\WINDOWS\system32\drivers\rtl8139.sys
1R SASDIFSV - C:\Program Files\SUPERAntiSpyware\sasdifsv.sys
3R SASENUM - C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
1R SASKUTIL - C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
3R SAVRT - C:\Program Files\Norton AntiVirus\savrt.sys
1R SAVRTPEL - C:\Program Files\Norton AntiVirus\Savrtpel.sys
3S sermouse (Serial Mouse Driver) - C:\WINDOWS\system32\drivers\sermouse.sys
3R smwdm - C:\WINDOWS\system32\drivers\smwdm.sys
2R SoftFax - C:\WINDOWS\system32\drivers\faxnt.sys
3S SONYPVU1 (Sony USB Filter Driver (SONYPVU1)) - C:\WINDOWS\system32\drivers\SONYPVU1.SYS
1R SPBBCDrv - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
3R SYMDNS - C:\WINDOWS\system32\drivers\symdns.sys
3R SymEvent - C:\Program Files\Symantec\SYMEVENT.SYS
3R SYMFW - C:\WINDOWS\system32\drivers\symfw.sys
3R SYMIDS - C:\WINDOWS\system32\drivers\symids.sys
3R SYMIDSCO - C:\Program Files\Common Files\Symantec Shared\SymcData\ids-diskless\20060505.083\SymIDSCo.sys
2R symlcbrd - C:\WINDOWS\system32\drivers\symlcbrd.sys
3R SYMNDIS - C:\WINDOWS\system32\drivers\symndis.sys
3R SYMREDRV - C:\WINDOWS\system32\drivers\symredrv.sys
1R SYMTDI - C:\WINDOWS\system32\drivers\symtdi.sys
2R Tones - C:\WINDOWS\system32\drivers\tonesnt.sys
3S usbprint (Microsoft USB PRINTER Class) - C:\WINDOWS\system32\drivers\usbprint.sys
3R USBSTOR (USB Mass Storage Driver) - C:\WINDOWS\system32\drivers\USBSTOR.SYS
2R V124 - C:\WINDOWS\system32\drivers\v124nt.sys
3S wanatw (WAN Miniport (ATW)) - C:\WINDOWS\system32\DRIVERS\wanatw4.sys (not found)
3R winachsf - C:\WINDOWS\system32\drivers\HSF_CNXT.sys
3S WUSB54GV4SRV (Linksys Wireless-G USB Network Adapter Driver) - C:\WINDOWS\system32\drivers\rt2500usb.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
4S Alerter - C:\WINDOWS\system32\svchost.exe -k LocalService
3R ALG (Application Layer Gateway Service) - C:\WINDOWS\System32\alg.exe
3S AppMgmt (Application Management) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R AudioSrv (Windows Audio) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R Automatic LiveUpdate Scheduler - "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
2S AVG Anti-Spyware Guard - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
3S BITS (Background Intelligent Transfer Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2S Browser (Computer Browser) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R ccEvtMgr (Symantec Event Manager) - "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
2R ccSetMgr (Symantec Settings Manager) - "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
3S cisvc (Indexing Service) - C:\WINDOWS\System32\cisvc.exe
4S ClipSrv (ClipBook) - C:\WINDOWS\system32\clipsrv.exe
3S COMSysApp (COM+ System Application) - C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
2R CryptSvc (Cryptographic Services) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R DcomLaunch (DCOM Server Process Launcher) - C:\WINDOWS\system32\svchost -k DcomLaunch
2R Dhcp (DHCP Client) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S dmadmin (Logical Disk Manager Administrative Service) - C:\WINDOWS\System32\dmadmin.exe /com
3S dmserver (Logical Disk Manager) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R Dnscache (DNS Client) - C:\WINDOWS\System32\svchost.exe -k NetworkService
2R ERSvc (Error Reporting Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R Eventlog (Event Log) - C:\WINDOWS\system32\services.exe
3R EventSystem (COM+ Event System) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3R FastUserSwitchingCompatibility (Fast User Switching Compatibility) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R helpsvc (Help and Support) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R HidServ (HID Input Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3R HTTPFilter (HTTP SSL) - C:\WINDOWS\System32\svchost.exe -k HTTPFilter
3S ImapiService (IMAPI CD-Burning COM Service) - C:\WINDOWS\System32\imapi.exe
3S iPodService (iPod Service) - "C:\Program Files\iPod\bin\iPodService.exe"
2R LanmanServer (Server) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R LanmanWorkstation (Workstation) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R LexBceS (LexBce Server) - C:\WINDOWS\system32\LEXBCES.EXE
3S LiveUpdate - "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"
2R LmHosts (TCP/IP NetBIOS Helper) - C:\WINDOWS\System32\svchost.exe -k LocalService
4S Messenger - C:\WINDOWS\system32\svchost.exe -k netsvcs
3S mnmsrvc (NetMeeting Remote Desktop Sharing) - C:\WINDOWS\System32\mnmsrvc.exe
3S MSDTC (Distributed Transaction Coordinator) - C:\WINDOWS\System32\msdtc.exe
3S MSIServer (Windows Installer) - C:\WINDOWS\system32\msiexec.exe /V
4S MsUpdate5 (Miscrosoft Updates Service 5) - C:\WINDOWS\system32\msupd5.exe
3R navapsvc (Norton AntiVirus Auto-Protect Service) - "C:\Program Files\Norton AntiVirus\navapsvc.exe"
4S NetDDE (Network DDE) - C:\WINDOWS\system32\netdde.exe
4S NetDDEdsdm (Network DDE DSDM) - C:\WINDOWS\system32\netdde.exe
3S Netlogon (Net Logon) - C:\WINDOWS\system32\lsass.exe
3R Netman (Network Connections) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3R Nla (Network Location Awareness (NLA)) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R NPFMntor (Norton AntiVirus Firewall Monitor Service) - "C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe"
3R NSCService (Norton Protection Center Service) - "C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE"
3S NtLmSsp (NT LM Security Support Provider) - C:\WINDOWS\system32\lsass.exe
3S NtmsSvc (Removable Storage) - C:\WINDOWS\system32\svchost.exe -k netsvcs
3S ose (Office Source Engine) - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
2R PlugPlay (Plug and Play) - C:\WINDOWS\system32\services.exe
2R PolicyAgent (IPSEC Services) - C:\WINDOWS\System32\lsass.exe
2R ProtectedStorage (Protected Storage) - C:\WINDOWS\system32\lsass.exe
3S RasAuto (Remote Access Auto Connection Manager) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3R RasMan (Remote Access Connection Manager) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S RDSessMgr (Remote Desktop Help Session Manager) - C:\WINDOWS\system32\sessmgr.exe
4S RemoteAccess (Routing and Remote Access) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S RpcLocator (Remote Procedure Call (RPC) Locator) - C:\WINDOWS\system32\locator.exe
2R RpcSs (Remote Procedure Call (RPC)) - C:\WINDOWS\system32\svchost -k rpcss
3S RSVP (QoS RSVP) - C:\WINDOWS\System32\rsvp.exe
2R SamSs (Security Accounts Manager) - C:\WINDOWS\system32\lsass.exe
3S SAVScan (Symantec AVScan) - "C:\Program Files\Norton AntiVirus\SAVScan.exe"
3S SCardSvr (Smart Card) - C:\WINDOWS\System32\SCardSvr.exe
2R Schedule (Task Scheduler) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R seclogon (Secondary Logon) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R SENS (System Event Notification) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R SharedAccess (Windows Firewall/Internet Connection Sharing (ICS)) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R ShellHWDetection (Shell Hardware Detection) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R SNDSrvc (Symantec Network Drivers Service) - "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"
2R SPBBCSvc - "C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"
2R Spooler (Print Spooler) - C:\WINDOWS\system32\spoolsv.exe
2R srservice (System Restore Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3R SSDPSRV (SSDP Discovery Service) - C:\WINDOWS\System32\svchost.exe -k LocalService
3S stisvc (Windows Image Acquisition (WIA)) - C:\WINDOWS\System32\svchost.exe -k imgsvc
3S SwPrv (MS Software Shadow Copy Provider) - C:\WINDOWS\System32\dllhost.exe /Processid:{F36D09CD-D108-4A24-ADE5-A4AF066231A8}
2R Symantec Core LC - "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"
3S SysmonLog (Performance Logs and Alerts) - C:\WINDOWS\system32\smlogsvc.exe
3R TapiSrv (Telephony) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3R TermService (Terminal Services) - C:\WINDOWS\System32\svchost -k DComLaunch
2R Themes - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R TrkWks (Distributed Link Tracking Client) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2S UMWdf (Windows User Mode Driver Framework) - C:\WINDOWS\system32\wdfmgr.exe
3S upnphost (Universal Plug and Play Device Host) - C:\WINDOWS\System32\svchost.exe -k LocalService
3S UPS (Uninterruptible Power Supply) - C:\WINDOWS\System32\ups.exe
3S VSS (Volume Shadow Copy) - C:\WINDOWS\System32\vssvc.exe
2R W32Time (Windows Time) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R WebClient - C:\WINDOWS\System32\svchost.exe -k LocalService
2R winmgmt (Windows Management Instrumentation) - C:\WINDOWS\system32\svchost.exe -k netsvcs
3S WmdmPmSN (Portable Media Serial Number Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S WmiApSrv (WMI Performance Adapter) - C:\WINDOWS\System32\wbem\wmiapsrv.exe
2R wscsvc (Security Center) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R wuauserv (Automatic Updates) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R WZCSVC (Wireless Zero Configuration) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S xmlprov (Network Provisioning Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs
-- Scheduled Tasks --------------------------------------------------------------
2007-02-23 20:00:01 530 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Scott.job<NORTON~1.JOB>
2005-11-29 23:02:28 480 -----n--- C:\WINDOWS\Tasks\Norton AntiVirus - Run Norton QuickScan - Scott.job<NORTON~2.JOB>
-- Files created between 2007-01-24 and 2007-02-24 ------------------------------
2007-02-23 19:49:29 0 d-------- C:\Documents and Settings\Scott\WinPFind3u<WINPFI~1>
2007-01-29 03:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe
-- Find3M Report ----------------------------------------------------------------
2007-02-24 08:35:54 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-01-22 13:52:53 0 d---s---- C:\Documents and Settings\Scott\Application Data\Microsoft<MICROS~1>
2007-01-14 21:40:22 0 d-------- C:\Program Files\Symantec
2007-01-14 21:40:08 0 d-------- C:\Program Files\SUPERAntiSpyware<SUPERA~1>
2007-01-14 21:39:27 0 d-------- C:\Program Files\QuickTime<QUICKT~1>
2007-01-14 21:05:07 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-01-14 21:03:56 0 d-------- C:\Program Files\iTunes
2007-01-14 21:02:28 0 d-------- C:\Program Files\Common Files\Symantec Shared<SYMANT~1>
2007-01-14 20:56:47 0 d-------- C:\Program Files\AIM
2007-01-14 20:43:54 0 d-------- C:\Documents and Settings\Scott\Application Data\Symantec
2007-01-14 14:49:32 0 d-------- C:\Documents and Settings\Scott\Application Data\SUPERAntiSpyware.com<SUPERA~1.COM>
2007-01-14 14:47:46 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard<WISEIN~1>
2007-01-14 10:08:11 0 d-------- C:\Program Files\Grisoft
2007-01-13 15:38:43 0 d-------- C:\Program Files\RegScrubXP<REGSCR~1>
2007-01-07 19:22:14 0 d-------- C:\Program Files\iPod
2007-01-07 19:19:04 0 d-------- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor<LINKSY~1>
2007-01-06 10:18:19 0 d-------- C:\Program Files\Common Files\InstallShield<INSTAL~1>
2007-01-06 10:17:47 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-01-06 10:04:02 0 d-------- C:\Documents and Settings\Scott\Application Data\FullAudio<FULLAU~1>
2007-01-06 09:50:48 0 d-------- C:\Program Files\Microsoft Games<MI9A48~1>
2007-01-06 09:34:27 0 d-------- C:\Program Files\Barbie<BARBIE~1>
2006-12-19 16:52:18 134656 --a------ C:\WINDOWS\system32\shsvcs.dll
2006-12-19 13:16:47 333824 -----n--- C:\WINDOWS\system32\wiaservc.dll
2006-12-07 01:40:49 2362184 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-11-27 09:54:06 433152 --a------ C:\WINDOWS\system32\riched20.dll
2006-11-27 09:54:06 539136 -----n--- C:\WINDOWS\system32\msftedit.dll
-- Registry Dump ----------------------------------------------------------------
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"LXSUPMON"="C:\\WINDOWS\\system32\\LXSUPMON.EXE RUN"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"MSConfig"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig.exe /auto"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BigFix.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\BigFix.lnk"
"backup"="C:\\WINDOWS\\pss\\BigFix.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\BigFix\\BigFix.exe /atstartup"
"item"="BigFix"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CreataCard Plus 3 Forget Me Not Reminders Tray Icon.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\CreataCard Plus 3 Forget Me Not Reminders Tray Icon.lnk"
"backup"="C:\\WINDOWS\\pss\\CreataCard Plus 3 Forget Me Not Reminders Tray Icon.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\CREATA~1\\Plus\\FMRemind.exe "
"item"="CreataCard Plus 3 Forget Me Not Reminders Tray Icon"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Image Transfer.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Image Transfer.lnk"
"backup"="C:\\WINDOWS\\pss\\Image Transfer.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\SONYCO~1\\IMAGET~1\\SonyTray.exe "
"item"="Image Transfer"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="aim"
"hkey"="HKCU"
"command"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="C:\\Program Files\\iTunes\\iTunesHelper.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MemoryCardManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MemoryCardManager"
"hkey"="HKLM"
"command"="C:\\Program Files\\Lexmark\\Lexmark Photo Center\\MemoryCardManager.exe -startup"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Money Express"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Microsoft Money\\System\\Money Express.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MsnMsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="realsched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{03A80B1D-5C6A-42c2-9DFB-81B6005D8023}"="Trend Micro Anti-Spyware Shell Extension"
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source REG_SZ
http://www.123-party...mages/01303.jpg[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1]
Source REG_SZ
http://www.awltovhc....368...130,1,0,0[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\2]
Source REG_SZ
http://www.haunted.5...ss-horseman.gif[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\3]
Source REG_SZ
http://www.aeroposta...w_tops_8736.jpg[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\4]
Source REG_SZ
http://www.limitedto...3224233_074.jpgHKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e66519ab-0cea-11d9-9ece-806d6172696f}]
Shell\AutoRun\command D:\Setup.exe
Shell\dxsetup\command D:\directx\dxsetup.exe
Shell\setup\command D:\setup.exe
-- End of ComboScan: finished at 2007-02-24 at 10:59:29 -------------------------