Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

PROB? [RESOLVED]

Started by AQUA258 , Feb 03 2008 02:58 AM

  • This topic is locked This topic is locked

#16
AQUA258
Posted 11 February 2008 - 07:34 PM

AQUA258

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts
Not sure whether or not this is done right. tried to disable avasti before scan but because its new to me not sure if i did or not. PLUS... Noticed on theWinpfind that it has a REG=session manager settings....This is what my site keeps saying to me when i try to log out ...that the session does not match the user?????????????(if this helps)



WinPFind35 logfile created on: 12/02/2008 10:10:49 AM
WinPFind35U Version Beta50 Folder = C:\Documents and Settings\Owner\Desktop\WinPFind35u
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

447.36 Mb Total Physical Memory | 100.70 Mb Available Physical Memory | 22.51% Memory free
1.03 Gb Paging File | 0.67 Gb Available in Paging File | 64.67% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 33.14 Gb Total Space | 19.01 Gb Free Space | 57.35% Space Free | Partition Type: NTFS
Drive D: | 4.14 Gb Total Space | 0.91 Gb Free Space | 21.96% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-NS7NXR4R4G
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user

[Processes - Non-Microsoft Only]
aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,6 | Size = 587096 bytes | Modified Date = 4/01/2008 1:27:08 PM | Attr = ]
aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 17272 bytes | Modified Date = 4/12/2007 11:36:33 PM | Attr = ]
ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 140664 bytes | Modified Date = 4/12/2007 10:00:16 PM | Attr = ]
hpsysdrv.exe -> %SystemRoot%\system\hpsysdrv.exe -> Hewlett-Packard Company [Ver = 1, 7, 0, 0 | Size = 52736 bytes | Modified Date = 7/05/1998 2:04:38 PM | Attr = ]
nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.4523 | Size = 77824 bytes | Modified Date = 28/07/2003 3:19:00 PM | Attr = ]
shwicon.exe -> %ProgramFiles%\USB Storage RW\shwicon.exe -> MyComp [Ver = 2, 0, 2, 2 | Size = 69632 bytes | Modified Date = 25/10/2002 1:33:46 PM | Attr = ]
hpsrvui.exe -> %SystemRoot%\system32\HpSrvUI.exe -> Hewlett-Packard Co. [Ver = 1, 0, 0, 3 | Size = 32768 bytes | Modified Date = 18/06/2002 6:24:30 PM | Attr = ]
hpgs2wnd.exe -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe -> Hewlett-Packard [Ver = 2,3,0,0\ 162 | Size = 69632 bytes | Modified Date = 17/04/2002 3:42:56 PM | Attr = ]
hpqcmon.exe -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe -> [Ver = 1.1.0.121 | Size = 69632 bytes | Modified Date = 17/06/2002 9:11:24 PM | Attr = ]
kbd.exe -> %SystemDrive%\hp\KBD\kbd.exe -> Hewlett-Packard Company [Ver = 1.0.2.0 | Size = 61440 bytes | Modified Date = 6/07/2001 6:56:56 PM | Attr = ]
alcxmntr.exe -> %SystemRoot%\ALCXMNTR.EXE -> Realtek Semiconductor Corp. [Ver = 1.5 | Size = 57344 bytes | Modified Date = 7/09/2004 2:47:52 PM | Attr = ]
hpgs2wnf.exe -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe -> [Ver = 2, 6, 0, 162 | Size = 77824 bytes | Modified Date = 17/04/2002 3:49:16 PM | Attr = ]
e_s4i3v1.exe -> %SystemRoot%\system32\spool\drivers\w32x86\3\E_S4I3V1.EXE -> SEIKO EPSON CORPORATION [Ver = 3.00 | Size = 99840 bytes | Modified Date = 1/06/2004 7:26:02 PM | Attr = ]
vsnpstd.exe -> %SystemRoot%\vsnpstd.exe -> [Ver = 1, 0, 1, 1 | Size = 286720 bytes | Modified Date = 10/06/2004 2:48:04 PM | Attr = ]
dap.exe -> %ProgramFiles%\DAP\DAP.exe -> Speedbit Ltd. [Ver = 8, 6, 1, 4 | Size = 4568576 bytes | Modified Date = 1/11/2007 11:23:06 AM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_04\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 144784 bytes | Modified Date = 14/12/2007 3:42:38 AM | Attr = ]
ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 79224 bytes | Modified Date = 4/12/2007 10:00:23 PM | Attr = ]
ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 247160 bytes | Modified Date = 4/12/2007 9:59:53 PM | Attr = ]
ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 345464 bytes | Modified Date = 4/12/2007 9:59:01 PM | Attr = ]
winpfind35u.exe -> %UserProfile%\Desktop\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.0.0 | Size = 309248 bytes | Modified Date = 11/02/2008 7:14:48 PM | Attr = ]

[Win32 Services - Non-Microsoft Only]
(a2free) a-squared Free Service [Win32_Own | Disabled | Stopped] -> -> File not found
(aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,6 | Size = 587096 bytes | Modified Date = 4/01/2008 1:27:08 PM | Attr = ]
(aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 17272 bytes | Modified Date = 4/12/2007 11:36:33 PM | Attr = ]
(avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 140664 bytes | Modified Date = 4/12/2007 10:00:16 PM | Attr = ]
(avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 247160 bytes | Modified Date = 4/12/2007 9:59:53 PM | Attr = ]
(avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 345464 bytes | Modified Date = 4/12/2007 9:59:01 PM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 4/08/2004 4:56:48 PM | Attr = ]
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> -> File not found
(NVSvc) NVIDIA Driver Helper Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.4523 | Size = 77824 bytes | Modified Date = 28/07/2003 3:19:00 PM | Attr = ]
(PctrlsInjectService) PctrlsInjectService [Win32_Own | Disabled | Stopped] -> -> File not found
(SfCtlCom) Trend Micro Central Control Component [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\Internet Security\SfCtlCom.exe -> File not found
(TMBMServer) Trend Micro Unauthorized Change Prevention Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\BM\TMBMSRV.exe -> File not found
(Tmntsrv) Trend Micro Real-time Service [Win32_Own | Auto | Stopped] -> %SystemDrive%\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe -> File not found
(TmPfw) Trend Micro Personal Firewall [Win32_Own | Auto | Stopped] -> %SystemDrive%\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe -> File not found
(tmproxy) Trend Micro Proxy Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\Internet Security\TmProxy.exe -> File not found

[Driver Services - Non-Microsoft Only]
(Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> %SystemRoot%\system32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 26624 bytes | Modified Date = 4/12/2007 11:49:02 PM | Attr = ]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found
(abp480n5) abp480n5 [Kernel | Disabled | Stopped] -> -> File not found
(adpu160m) adpu160m [Kernel | Disabled | Stopped] -> -> File not found
(AFS2K) AFS2K [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AFS2K.SYS -> Oak Technology Inc. [Ver = 3.1.21.1103 | Size = 35840 bytes | Modified Date = 8/10/2004 10:16:04 AM | Attr = ]
(Aha154x) Aha154x [Kernel | Disabled | Stopped] -> -> File not found
(aic78u2) aic78u2 [Kernel | Disabled | Stopped] -> -> File not found
(aic78xx) aic78xx [Kernel | Disabled | Stopped] -> -> File not found
(ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ALCXWDM.SYS -> Realtek Semiconductor Corp. [Ver = 5.10.5730 built by: WinDDK | Size = 2279424 bytes | Modified Date = 1/10/2004 11:24:02 AM | Attr = ]
(AliIde) AliIde [Kernel | Disabled | Stopped] -> -> File not found
(amsint) amsint [Kernel | Disabled | Stopped] -> -> File not found
(asc) asc [Kernel | Disabled | Stopped] -> -> File not found
(asc3350p) asc3350p [Kernel | Disabled | Stopped] -> -> File not found
(asc3550) asc3550 [Kernel | Disabled | Stopped] -> -> File not found
(aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> %SystemRoot%\system32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 94544 bytes | Modified Date = 4/12/2007 11:55:46 PM | Attr = ]
(aswRdr) aswRdr [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 23152 bytes | Modified Date = 4/12/2007 11:53:39 PM | Attr = ]
(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %SystemRoot%\system32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 42912 bytes | Modified Date = 4/12/2007 11:51:52 PM | Attr = ]
(Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found
(cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped] -> -> File not found
(Changer) Changer [Kernel | System | Stopped] -> -> File not found
(CmdIde) CmdIde [Kernel | Disabled | Stopped] -> -> File not found
(Cpqarray) Cpqarray [Kernel | Disabled | Stopped] -> -> File not found
(dac960nt) dac960nt [Kernel | Disabled | Stopped] -> -> File not found
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 4/08/2004 3:07:17 PM | Attr = ]
(dmio) dmio [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 4/08/2004 3:07:16 PM | Attr = ]
(dmload) dmload [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 22/09/2002 11:22:00 AM | Attr = ]
(dpti2o) dpti2o [Kernel | Disabled | Stopped] -> -> File not found
(gmer) gmer [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\gmer.sys -> GMER [Ver = 1, 0, 12, 3911 | Size = 70001 bytes | Modified Date = 7/08/2007 8:40:18 AM | Attr = ]
(hpn) hpn [Kernel | Disabled | Stopped] -> -> File not found
(HSFHWBS2) HSFHWBS2 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSFHWBS2.sys -> Conexant Systems, Inc. [Ver = 7.04.05 | Size = 210304 bytes | Modified Date = 13/11/2003 7:19:48 PM | Attr = ]
(HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_DP.sys -> Conexant Systems, Inc. [Ver = 7.04.05 | Size = 1042816 bytes | Modified Date = 13/11/2003 7:17:00 PM | Attr = ]
(i2omgmt) i2omgmt [Kernel | System | Stopped] -> -> File not found
(i2omp) i2omp [Kernel | Disabled | Stopped] -> -> File not found
(ialm) ialm [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ialmnt5.sys -> Intel Corporation [Ver = 6.13.01.3317 | Size = 80283 bytes | Modified Date = 25/10/2002 2:02:20 PM | Attr = ]
(ini910u) ini910u [Kernel | Disabled | Stopped] -> -> File not found
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found
(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\mdmxsdk.sys -> Conexant [Ver = 1.0.2.002 | Size = 11043 bytes | Modified Date = 9/04/2003 2:48:08 PM | Attr = ]
(mraid35x) mraid35x [Kernel | Disabled | Stopped] -> -> File not found
(neokdss) neokdss [Kernel | On_Demand | Stopped] -> system32\Drivers\neokdss.sys -> File not found
(nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.10.4523 | Size = 1341339 bytes | Modified Date = 28/07/2003 3:19:00 PM | Attr = ]
(NVENET) NVIDIA nForce MCP Networking Adapter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\NVENET.sys -> NVIDIA Corporation [Ver = 4.14.01.0281 | Size = 80896 bytes | Modified Date = 23/09/2002 3:37:00 PM | Attr = ]
(nv_agp) NVIDIA nForce AGP Bus Filter [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\nv_agp.SYS -> NVIDIA Corporation [Ver = 4.12.01.0278 | Size = 13568 bytes | Modified Date = 6/09/2002 4:24:00 PM | Attr = ]
(PCDRDRV) Pcdr Helper Driver [Kernel | On_Demand | Stopped] -> %SystemDrive%\PROGRA~1\PC-DOC~1\DIAGNO~1\PCDRDRV.sys -> File not found
(PcdrNt) PcdrNt [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\PcdrNt.sys -> PC-Doctor Inc. [Ver = 4.0.7 | Size = 44192 bytes | Modified Date = 23/03/2000 3:42:24 AM | Attr = ]
(PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(perc2) perc2 [Kernel | Disabled | Stopped] -> -> File not found
(perc2hib) perc2hib [Kernel | Disabled | Stopped] -> -> File not found
(pfc) Padus ASPI Shell [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\pfc.sys -> Padus, Inc. [Ver = 2, 5, 0, 201 | Size = 9856 bytes | Modified Date = 20/11/2002 3:08:24 PM | Attr = ]
(Ps2) Ps2 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\PS2.sys -> Hewlett-Packard Company [Ver = 1.0.2.0 | Size = 23808 bytes | Modified Date = 29/07/2002 7:43:50 PM | Attr = ]
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 22/09/2002 12:34:00 PM | Attr = ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> VERITAS Software, Inc. [Ver = 2.02.44a | Size = 17232 bytes | Modified Date = 27/11/2002 7:02:00 AM | Attr = ]
(ql1080) ql1080 [Kernel | Disabled | Stopped] -> -> File not found
(Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] -> -> File not found
(ql12160) ql12160 [Kernel | Disabled | Stopped] -> -> File not found
(ql1240) ql1240 [Kernel | Disabled | Stopped] -> -> File not found
(ql1280) ql1280 [Kernel | Disabled | Stopped] -> -> File not found
(rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\rtl8139.sys -> Realtek Semiconductor Corporation [Ver = 5.398.613.2003 built by: WinDDK | Size = 20992 bytes | Modified Date = 4/08/2004 2:31:32 PM | Attr = ]
(S3Psddr) S3Psddr [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\s3gnbm.sys -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 166912 bytes | Modified Date = 4/08/2004 2:29:51 PM | Attr = ]
(SDTHOOK) SDTHOOK [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SDTHOOK.SYS -> Panda Software [Ver = 1.6.0.0 | Size = 44928 bytes | Modified Date = 5/06/2007 10:56:40 AM | Attr = ]
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 13/11/2007 7:25:53 PM | Attr = ]
(Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found
(snpstd) USB PC Cam [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\snpstd.sys -> [Ver = 1, 1, 4, 0 | Size = 366848 bytes | Modified Date = 19/11/2004 7:44:26 PM | Attr = ]
(Sparrow) Sparrow [Kernel | Disabled | Stopped] -> -> File not found
(symc810) symc810 [Kernel | Disabled | Stopped] -> -> File not found
(symc8xx) symc8xx [Kernel | Disabled | Stopped] -> -> File not found
(sym_hi) sym_hi [Kernel | Disabled | Stopped] -> -> File not found
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> -> File not found
(tmactmon) tmactmon [Kernel | Auto | Stopped] -> %SystemRoot%\system32\drivers\tmactmon.sys -> Trend Micro Inc. [Ver = 2.0.0.1118 | Size = 52496 bytes | Modified Date = 11/09/2007 11:55:00 AM | Attr = ]
(tmcfw) Trend Micro Common Firewall Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\TM_CFW.sys -> Trend Micro Inc. [Ver = 5.0.0.1131 | Size = 333328 bytes | Modified Date = 18/09/2007 2:31:14 AM | Attr = ]
(tmcomm) tmcomm [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.6.0.1059 | Size = 102664 bytes | Modified Date = 9/02/2008 9:16:05 AM | Attr = ]
(tmevtmgr) tmevtmgr [Kernel | Auto | Stopped] -> %SystemRoot%\system32\drivers\tmevtmgr.sys -> Trend Micro Inc. [Ver = 2.0.0.1118 | Size = 52368 bytes | Modified Date = 11/09/2007 11:55:00 AM | Attr = ]
(Tmfilter) Tmfilter [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\tmxpflt.sys -> Trend Micro Inc. [Ver = 8.500.0.1002 | Size = 203024 bytes | Modified Date = 18/09/2007 2:31:14 AM | Attr = ]
(Tmpreflt) Tmpreflt [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\tmpreflt.sys -> Trend Micro Inc. [Ver = 8.500.0.1002 | Size = 36112 bytes | Modified Date = 18/09/2007 2:31:14 AM | Attr = ]
(tmxpflt) tmxpflt [Kernel | Auto | Stopped] -> %SystemRoot%\system32\drivers\tmxpflt.sys -> Trend Micro Inc. [Ver = 8.500.0.1002 | Size = 203024 bytes | Modified Date = 18/09/2007 2:31:14 AM | Attr = ]
(TosIde) TosIde [Kernel | Disabled | Stopped] -> -> File not found
(ultra) ultra [Kernel | Disabled | Stopped] -> -> File not found
(viaagp1) VIA AGP Filter [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\VIAAGP1.SYS -> VIA Technologies, Inc. [Ver = 5.0.0.3430 built by: VIA | Size = 32128 bytes | Modified Date = 24/07/2002 9:30:00 AM | Attr = ]
(Vsapint) Vsapint [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\vsapint.sys -> Trend Micro Inc. [Ver = 8.500-1002 | Size = 1126328 bytes | Modified Date = 18/09/2007 2:31:14 AM | Attr = ]
(WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found
(winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_CNXT.sys -> Conexant Systems, Inc. [Ver = 7.04.05 built by: WinDDK | Size = 679808 bytes | Modified Date = 13/11/2003 7:18:36 PM | Attr = ]
({6080A529-897E-4629-A488-ABA0C29B635E}) Intel® Graphics Platform (SoftBIOS) Driver [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\ialmsbw.sys -> Intel Corporation [Ver = 6.13.01.3317 | Size = 91774 bytes | Modified Date = 25/10/2002 2:03:22 PM | Attr = ]
({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) Intel® Graphics Chipset (KCH) Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ialmkchw.sys -> Intel Corporation [Ver = 6.13.01.3317 | Size = 71514 bytes | Modified Date = 25/10/2002 2:03:30 PM | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 40048 bytes | Modified Date = 11/05/2007 4:06:32 AM | Attr = ]
AlcxMonitor -> %SystemRoot%\ALCXMNTR.EXE -> Realtek Semiconductor Corp. [Ver = 1.5 | Size = 57344 bytes | Modified Date = 7/09/2004 2:47:52 PM | Attr = ]
avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 79224 bytes | Modified Date = 4/12/2007 10:00:23 PM | Attr = ]
CamMonitor -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe -> [Ver = 1.1.0.121 | Size = 69632 bytes | Modified Date = 17/06/2002 9:11:24 PM | Attr = ]
DownloadAccelerator -> %ProgramFiles%\DAP\DAP.exe -> Speedbit Ltd. [Ver = 8, 6, 1, 4 | Size = 4568576 bytes | Modified Date = 1/11/2007 11:23:06 AM | Attr = ]
EPSON Stylus CX1500 Series -> %SystemRoot%\system32\spool\drivers\w32x86\3\E_S4I3V1.EXE -> SEIKO EPSON CORPORATION [Ver = 3.00 | Size = 99840 bytes | Modified Date = 1/06/2004 7:26:02 PM | Attr = ]
HotKeysCmds -> %SystemRoot%\system32\hkcmd.exe -> Intel Corporation [Ver = 3,0,0,1918 | Size = 114688 bytes | Modified Date = 16/10/2002 4:05:58 AM | Attr = ]
hp Silent Service -> %SystemRoot%\system32\HpSrvUI.exe -> Hewlett-Packard Co. [Ver = 1, 0, 0, 3 | Size = 32768 bytes | Modified Date = 18/06/2002 6:24:30 PM | Attr = ]
hpScannerFirstBoot -> %SystemDrive%\hp\drivers\scanners\ScannerFB.EXE -> Hewlett-Packard Co. [Ver = 1, 0, 0, 2 | Size = 20480 bytes | Modified Date = 13/12/2001 5:24:54 PM | Attr = ]
hpsysdrv -> %SystemRoot%\system\hpsysdrv.exe -> Hewlett-Packard Company [Ver = 1, 7, 0, 0 | Size = 52736 bytes | Modified Date = 7/05/1998 2:04:38 PM | Attr = ]
IgfxTray -> %SystemRoot%\system32\igfxtray.exe -> Intel Corporation [Ver = 3,0,0,1918 | Size = 155648 bytes | Modified Date = 16/10/2002 4:18:02 AM | Attr = ]
KBD -> %SystemDrive%\hp\KBD\kbd.exe -> Hewlett-Packard Company [Ver = 1.0.2.0 | Size = 61440 bytes | Modified Date = 6/07/2001 6:56:56 PM | Attr = ]
KYE_Showicon -> %ProgramFiles%\USB Storage RW\shwicon.exe -> MyComp [Ver = 2, 0, 2, 2 | Size = 69632 bytes | Modified Date = 25/10/2002 1:33:46 PM | Attr = ]
NvCplDaemon -> %SystemRoot%\system32\nvcpl.dll -> NVIDIA Corporation [Ver = 6.14.10.4523 | Size = 4841472 bytes | Modified Date = 28/07/2003 3:19:00 PM | Attr = ]
nwiz -> %SystemRoot%\system32\nwiz.exe -> NVIDIA Corporation [Ver = 6.14.10.4523 | Size = 323584 bytes | Modified Date = 28/07/2003 3:19:00 PM | Attr = ]
PS2 -> %SystemRoot%\system32\ps2.EXE -> Hewlett-Packard Company [Ver = 1.0.2.1 | Size = 81920 bytes | Modified Date = 31/07/2002 5:28:38 PM | Attr = ]
Share-to-Web Namespace Daemon -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe -> Hewlett-Packard [Ver = 2,3,0,0\ 162 | Size = 69632 bytes | Modified Date = 17/04/2002 3:42:56 PM | Attr = ]
snpstd -> %SystemRoot%\vsnpstd.exe -> [Ver = 1, 0, 1, 1 | Size = 286720 bytes | Modified Date = 10/06/2004 2:48:04 PM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_04\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 144784 bytes | Modified Date = 14/12/2007 3:42:38 AM | Attr = ]
UfSeAgnt.exe -> %ProgramFiles%\Trend Micro\Internet Security\UfSeAgnt.exe -> File not found
< OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL-> Installed = 1 ->
MAPI-> Installed = 1 ->
MSFS-> Installed = 1 ->
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
EPSON Stylus CX1500 Series -> %SystemRoot%\system32\spool\drivers\w32x86\3\E_S4I3V1.EXE -> SEIKO EPSON CORPORATION [Ver = 3.00 | Size = 99840 bytes | Modified Date = 1/06/2004 7:26:02 PM | Attr = ]
NvMediaCenter -> %SystemRoot%\system32\nvmctray.dll -> NVIDIA Corporation [Ver = 6.14.10.4523 | Size = 49152 bytes | Modified Date = 28/07/2003 3:19:00 PM | Attr = ]
OE -> %ProgramFiles%\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe -> File not found
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
< Owner Startup Folder > -> C:\Documents and Settings\Owner\Start Menu\Programs\Startup ->
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> %SystemRoot%\system32\igfxsrvc.dll -> Intel Corporation [Ver = 3,0,0,1918 | Size = 315392 bytes | Modified Date = 16/10/2002 4:05:10 AM | Attr = ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\\ScanWithAntiVirus -> 2 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> ->
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> ->
< HOSTS File > (141 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft....k/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft....k/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.google.com ->
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.google.com.au/ ->
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn...st/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn...st/srchasst.htm ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.google.com ->
HKEY_CURRENT_USER\: Main\\Start Page -> http://www.google.com ->
HKEY_CURRENT_USER\: ProxyEnable -> 0 ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 33 domain(s) found. ->
33 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 33 domain(s) found. ->
*.update_microsoft.com [https] -> Trusted sites ->
33 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_04\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 509328 bytes | Modified Date = 14/12/2007 3:42:36 AM | Attr = ]
{C1656CCA-D2EA-4A32-94AE-AE0B180E6449} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll [TSToolbarBHO] -> File not found
{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [EpsonToolBandKicker Class] -> SEIKO EPSON CORPORATION [Ver = 1, 0, 0, 0 | Size = 339968 bytes | Modified Date = 10/02/2004 3:08:58 PM | Attr = ]
< Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{E7620C98-FCCC-40E5-92EC-C7685D2E1E40} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll [Transaction Protector] -> File not found
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [EPSON Web-To-Page] -> SEIKO EPSON CORPORATION [Ver = 1, 0, 0, 0 | Size = 339968 bytes | Modified Date = 10/02/2004 3:08:58 PM | Attr = ]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [EPSON Web-To-Page] -> SEIKO EPSON CORPORATION [Ver = 1, 0, 0, 0 | Size = 339968 bytes | Modified Date = 10/02/2004 3:08:58 PM | Attr = ]
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_04\bin\npjpi160_04.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 132496 bytes | Modified Date = 14/12/2007 3:42:37 AM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_04\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 509328 bytes | Modified Date = 14/12/2007 3:42:36 AM | Attr = ]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\{2670000A-7350-4f3c-8081-5663EE0C6C49} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{E023F504-0C5A-4750-A1E7-A9046DEA8A21} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Clean Traces -> %ProgramFiles%\DAP\Privacy Package\dapcleanerie.htm -> [Ver = | Size = 1748 bytes | Modified Date = 1/11/2007 11:23:06 AM | Attr = ]
&Download with &DAP -> %ProgramFiles%\DAP\dapextie.htm -> [Ver = | Size = 2020 bytes | Modified Date = 1/11/2007 11:23:08 AM | Attr = ]
Download &all with DAP -> %ProgramFiles%\DAP\dapextie2.htm -> [Ver = | Size = 1041 bytes | Modified Date = 1/11/2007 11:23:08 AM | Attr = ]
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.micro...d...=%s&mime=%s ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{3F97555B-BCF5-42B9-AC29-09FAD6F1D10A} -> (NVIDIA nForce MCP Networking Adapter) ->
{B40A95E9-2288-4ED6-AD2A-84E2B21E0B37} -> (1394 Net Adapter) ->
{DC5DBE86-0408-459F-A3E3-C0553016F9BD} -> () ->
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found
msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{166B1BCA-3F9C-11CF-8075-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.ma...director/sw.cab[Shockwave ActiveX Control] ->
{17492023-C23A-453E-A040-C7C580BBF700}[HKEY_LOCAL_MACHINE] -> http://go.microsoft....k/?linkid=39204[Windows Genuine Advantage Validation Tool] ->
{6414512B-B978-451D-A0D8-FCFDF33E833C}[HKEY_LOCAL_MACHINE] -> http://www.update.mi...b?1186103321781[WUWebControl Class] ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}[HKEY_LOCAL_MACHINE] -> http://www.update.mi...b?1186116406453[MUWebControl Class] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/...indows-i586.cab[Java Plug-in 1.6.0_04] ->
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/...indows-i586.cab[Java Plug-in 1.6.0_03] ->
{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/...indows-i586.cab[Java Plug-in 1.6.0_04] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/...indows-i586.cab[Java Plug-in 1.6.0_04] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://download.macr...ash/swflash.cab[Shockwave Flash Object] ->
DirectAnimation Java Classes[HKEY_LOCAL_MACHINE] -> file://C:\WINDOWS\Java\classes\dajava.cab[Reg Error: Key does not exist or could not be opened.] ->
Microsoft XML Parser for Java[HKEY_LOCAL_MACHINE] -> file://C:\WINDOWS\Java\classes\xmldso.cab[Reg Error: Key does not exist or could not be opened.] ->


[Registry - Additional Scans - Non-Microsoft Only]


[Files/Folders - Created Within 90 days]
Deckard -> %SystemDrive%\Deckard -> [Folder | Created Date = 12/02/2008 8:21:56 AM | Attr = ]
Desktop -> %SystemDrive%\Desktop -> [Folder | Created Date = 27/01/2008 8:31:15 PM | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 469159936 bytes | Modified Date = 12/02/2008 5:49:18 AM | Attr = HS]
sqmdata14.sqm -> %SystemDrive%\sqmdata14.sqm -> [Ver = | Size = 232 bytes | Modified Date = 26/11/2007 6:02:37 PM | Attr = H ]
sqmnoopt14.sqm -> %SystemDrive%\sqmnoopt14.sqm -> [Ver = | Size = 244 bytes | Modified Date = 26/11/2007 6:02:37 PM | Attr = H ]
aavmker4.sys -> %SystemRoot%\System32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 26624 bytes | Modified Date = 4/12/2007 11:49:02 PM | Attr = ]
aswmon.sys -> %SystemRoot%\System32\drivers\aswmon.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 93264 bytes | Modified Date = 4/12/2007 11:56:02 PM | Attr = ]
aswmon2.sys -> %SystemRoot%\System32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 94544 bytes | Modified Date = 4/12/2007 11:55:46 PM | Attr = ]
aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 23152 bytes | Modified Date = 4/12/2007 11:53:39 PM | Attr = ]
aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 42912 bytes | Modified Date = 4/12/2007 11:51:52 PM | Attr = ]
SDTHOOK.SYS -> %SystemRoot%\System32\drivers\SDTHOOK.SYS -> Panda Software [Ver = 1.6.0.0 | Size = 44928 bytes | Modified Date = 5/06/2007 10:56:40 AM | Attr = ]
tmactmon.sys -> %SystemRoot%\System32\drivers\tmactmon.sys -> Trend Micro Inc. [Ver = 2.0.0.1118 | Size = 52496 bytes | Modified Date = 11/09/2007 11:55:00 AM | Attr = ]
tmcomm.sys -> %SystemRoot%\System32\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.6.0.1059 | Size = 102664 bytes | Modified Date = 9/02/2008 9:16:05 AM | Attr = ]
tmevtmgr.sys -> %SystemRoot%\System32\drivers\tmevtmgr.sys -> Trend Micro Inc. [Ver = 2.0.0.1118 | Size = 52368 bytes | Modified Date = 11/09/2007 11:55:00 AM | Attr = ]
actskin4.ocx -> %SystemRoot%\System32\actskin4.ocx -> [Ver = 4, 2, 7, 3 | Size = 380928 bytes | Modified Date = 9/01/2004 6:13:58 PM | Attr = ]
asuninst.exe -> %SystemRoot%\System32\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 | Size = 73728 bytes | Modified Date = 2/08/2006 12:39:06 PM | Attr = ]
aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 837496 bytes | Modified Date = 4/12/2007 10:04:28 PM | Attr = ]
AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 95608 bytes | Modified Date = 4/12/2007 9:54:04 PM | Attr = ]
Help.ico -> %SystemRoot%\System32\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 7/02/2008 9:00:29 AM | Attr = ]
java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 135168 bytes | Modified Date = 14/12/2007 12:57:22 AM | Attr = ]
javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 69632 bytes | Modified Date = 14/12/2007 1:59:16 AM | Attr = ]
javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 135168 bytes | Modified Date = 14/12/2007 12:57:24 AM | Attr = ]
javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 139264 bytes | Modified Date = 14/12/2007 1:59:16 AM | Attr = ]
kdfapi.dll -> %SystemRoot%\System32\kdfapi.dll -> Kings Information & Network [Ver = 1, 1, 6, 5 | Size = 77824 bytes | Modified Date = 21/12/2007 5:47:48 PM | Attr = ]
Kdfhok.dll -> %SystemRoot%\System32\Kdfhok.dll -> Kings Information & Network [Ver = 4, 0, 0, 5 | Size = 53248 bytes | Modified Date = 21/12/2007 5:47:48 PM | Attr = ]
kdfinj.dll -> %SystemRoot%\System32\kdfinj.dll -> Bluegem Security [Ver = 5, 1, 3, 8 | Size = 849920 bytes | Modified Date = 21/12/2007 5:02:17 PM | Attr = ]
kdfmgr.exe -> %SystemRoot%\System32\kdfmgr.exe -> Bluegem Security [Ver = 5, 1, 8, 7 | Size = 726568 bytes | Modified Date = 21/12/2007 5:47:46 PM | Attr = ]
kdfvmgr.exe -> %SystemRoot%\System32\kdfvmgr.exe -> 킹스정보통신 [Ver = 1, 0, 0, 1 | Size = 192512 bytes | Modified Date = 21/12/2007 5:47:49 PM | Attr = ]
lsdelete.exe -> %SystemRoot%\System32\lsdelete.exe -> [Ver = | Size = 12632 bytes | Modified Date = 14/12/2007 11:32:52 AM | Attr = ]
Uninstall.ico -> %SystemRoot%\System32\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 7/02/2008 9:00:29 AM | Attr = ]
Bigfish Games 7 Wonders II Second Edition -> %SystemRoot%\Bigfish Games 7 Wonders II Second Edition -> [Folder | Created Date = 18/12/2007 10:36:39 PM | Attr = ]
3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
buff-in.ogf -> %SystemRoot%\buff-in.ogf -> [Ver = | Size = 4256 bytes | Modified Date = 22/12/2007 3:17:33 PM | Attr = ]
buff-in.r72 -> %SystemRoot%\buff-in.r72 -> [Ver = | Size = 62688 bytes | Modified Date = 18/01/2008 6:44:43 AM | Attr = ]
buff-out.r72 -> %SystemRoot%\buff-out.r72 -> [Ver = | Size = 32 bytes | Modified Date = 18/01/2008 6:41:55 AM | Attr = ]
d3dx.dat -> %SystemRoot%\d3dx.dat -> [Ver = | Size = 4096 bytes | Modified Date = 10/02/2008 8:21:35 PM | Attr = ]
Downloaded Installations -> %SystemRoot%\Downloaded Installations -> [Folder | Created Date = 16/12/2007 6:35:07 AM | Attr = ]
erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 26/01/2008 8:12:58 AM | Attr = ]
iun6002ev.exe -> %SystemRoot%\iun6002ev.exe -> Indigo Rose Corporation [Ver = 6.0.1.0 | Size = 720896 bytes | Modified Date = 18/11/2007 12:37:30 AM | Attr = ]
jantje -> %SystemRoot%\jantje -> [Ver = | Size = 32 bytes | Modified Date = 18/01/2008 6:44:43 AM | Attr = ]
kdefense -> %SystemRoot%\kdefense -> [Folder | Created Date = 21/12/2007 5:02:18 PM | Attr = ]
l2schemas -> %SystemRoot%\l2schemas -> [Folder | Created Date = 21/12/2007 5:05:38 PM | Attr = ]
LocalSSL -> %SystemRoot%\LocalSSL -> [Folder | Created Date = 21/12/2007 7:50:24 AM | Attr = ]
pss -> %SystemRoot%\pss -> [Folder | Created Date = 23/01/2008 2:46:53 PM | Attr = ]
SxsCaPendDel -> %SystemRoot%\SxsCaPendDel -> [Folder | Created Date = 21/12/2007 8:07:14 PM | Attr = ]
MP Scheduled Scan.job -> %SystemRoot%\tasks\MP Scheduled Scan.job -> [Ver = | Size = 330 bytes | Modified Date = 12/02/2008 7:01:49 AM | Attr = H ]
[Files Created - Additional Folder Scans - Non-Microsoft Only]
Awem -> %AllUsersProfile%\Application Data\Awem -> [Folder | Created Date = 19/01/2008 10:38:45 PM | Attr = ]
FreshGames -> %AllUsersProfile%\Application Data\FreshGames -> [Folder | Created Date = 21/01/2008 2:36:48 PM | Attr = ]
Friends Games -> %AllUsersProfile%\Application Data\Friends Games -> [Folder | Created Date = 20/01/2008 5:38:54 PM | Attr = ]
Lavasoft -> %AllUsersProfile%\Application Data\Lavasoft -> [Folder | Created Date = 9/02/2008 5:24:11 AM | Attr = ]
MumboJumbo -> %AllUsersProfile%\Application Data\MumboJumbo -> [Folder | Created Date = 22/12/2007 6:35:45 PM | Attr = ]
PlayFirst -> %AllUsersProfile%\Application Data\PlayFirst -> [Folder | Created Date = 19/01/2008 4:59:13 PM | Attr = ]
7Wonders -> %AppData%\7Wonders -> [Folder | Created Date = 20/01/2008 12:49:49 AM | Attr = ]
Age of Japan II -> %AppData%\Age of Japan II -> [Folder | Created Date = 19/01/2008 10:49:38 PM | Attr = ]
SampleView -> %AppData%\SampleView -> [Folder | Created Date = 11/02/2008 6:32:59 PM | Attr = ]
Zen Puzzle Garden -> %AppData%\Zen Puzzle Garden -> [Folder | Created Date = 20/01/2008 1:23:22 AM | Attr = ]
IsolatedStorage -> %UserProfile%\Local Settings\Application Data\IsolatedStorage -> [Folder | Created Date = 19/12/2007 10:56:49 PM | Attr = ]
PCHealth -> %UserProfile%\Local Settings\Application Data\PCHealth -> [Folder | Created Date = 20/11/2007 7:09:25 PM | Attr = ]
My Music -> %AllUsersProfile%\Documents\My Music -> [Folder | Created Date = 9/02/2008 5:16:27 PM | Attr = R ]
HUMAN ACTIONS.docx -> %UserProfile%\My Documents\HUMAN ACTIONS.docx -> [Ver = | Size = 12869 bytes | Modified Date = 5/01/2008 7:48:38 AM | Attr = ]
RESPECT.docx -> %UserProfile%\My Documents\RESPECT.docx -> [Ver = | Size = 12900 bytes | Modified Date = 14/12/2007 3:07:59 PM | Attr = ]
Ad-Aware 2007.lnk -> %AllUsersProfile%\Desktop\Ad-Aware 2007.lnk -> [Ver = | Size = 1798 bytes | Modified Date = 9/02/2008 8:39:43 PM | Attr = ]
avast! Antivirus.lnk -> %AllUsersProfile%\Desktop\avast! Antivirus.lnk -> [Ver = | Size = 1717 bytes | Modified Date = 9/02/2008 1:19:14 PM | Attr = ]
7 Wonders II.lnk -> %UserProfile%\Desktop\7 Wonders II.lnk -> [Ver = | Size = 892 bytes | Modified Date = 24/01/2008 10:58:26 AM | Attr = ]
BluetoothJavaFiles -> %UserProfile%\Desktop\BluetoothJavaFiles -> [Folder | Created Date = 17/01/2008 5:16:14 PM | Attr = ]
Cradle Of Persia.lnk -> %UserProfile%\Desktop\Cradle Of Persia.lnk -> [Ver = | Size = 930 bytes | Modified Date = 24/01/2008 10:58:27 AM | Attr = ]
Druids Battle Of Magic.lnk -> %UserProfile%\Desktop\Druids Battle Of Magic.lnk -> [Ver = | Size = 947 bytes | Modified Date = 24/01/2008 10:58:28 AM | Attr = ]
Gold Miner Vegas.lnk -> %UserProfile%\Desktop\Gold Miner Vegas.lnk -> [Ver = | Size = 930 bytes | Modified Date = 24/01/2008 10:58:28 AM | Attr = ]
Jewel Match Winter Wonderland.lnk -> %UserProfile%\Desktop\Jewel Match Winter Wonderland.lnk -> [Ver = | Size = 1086 bytes | Modified Date = 24/01/2008 10:58:29 AM | Attr = ]
Jewel Quest Solitaire.lnk -> %UserProfile%\Desktop\Jewel Quest Solitaire.lnk -> [Ver = | Size = 950 bytes | Modified Date = 24/01/2008 10:58:29 AM | Attr = ]
Lost Treasures Of El Dorado.lnk -> %UserProfile%\Desktop\Lost Treasures Of El Dorado.lnk -> [Ver = | Size = 977 bytes | Modified Date = 24/01/2008 10:58:29 AM | Attr = ]
Magic Match The Genies Journey.lnk -> %UserProfile%\Desktop\Magic Match The Genies Journey.lnk -> [Ver = | Size = 1023 bytes | Modified Date = 22/01/2008 9:58:13 PM | Attr = ]
Ozzy Bubbles.lnk -> %UserProfile%\Desktop\Ozzy Bubbles.lnk -> [Ver = | Size = 733 bytes | Modified Date = 10/02/2008 5:11:02 PM | Attr = ]
Poker Pop.lnk -> %UserProfile%\Desktop\Poker Pop.lnk -> [Ver = | Size = 851 bytes | Modified Date = 22/01/2008 8:23:25 PM | Attr = ]
Reflexive.Arcade.games.crack.patch.(working.for.all.games).Released.April.2007 -> %UserProfile%\Desktop\Reflexive.Arcade.games.crack.patch.(working.for.all.games).Released.April.2
007 -> [Folder | Created Date = 19/01/2008 10:29:49 PM | Attr = ]
Shortcut to ATF-Cleaner.lnk -> %UserProfile%\Desktop\Shortcut to ATF-Cleaner.lnk -> [Ver = | Size = 774 bytes | Modified Date = 31/01/2008 12:30:52 AM | Attr = ]
Solitaire Pop.lnk -> %UserProfile%\Desktop\Solitaire Pop.lnk -> [Ver = | Size = 899 bytes | Modified Date = 24/01/2008 10:58:34 AM | Attr = ]
Svetlograd.lnk -> %UserProfile%\Desktop\Svetlograd.lnk -> [Ver = | Size = 868 bytes | Modified Date = 24/01/2008 10:58:34 AM | Attr = ]
Temple Of Tangram.lnk -> %UserProfile%\Desktop\Temple Of Tangram.lnk -> [Ver = | Size = 942 bytes | Modified Date = 23/01/2008 7:12:10 AM | Attr = ]
Tiks Texas Hold Em.lnk -> %UserProfile%\Desktop\Tiks Texas Hold Em.lnk -> [Ver = | Size = 902 bytes | Modified Date = 22/01/2008 8:32:12 PM | Attr = ]
Turtix.lnk -> %UserProfile%\Desktop\Turtix.lnk -> [Ver = | Size = 662 bytes | Modified Date = 10/02/2008 5:43:33 PM | Attr = ]
Turtle Odyssey.lnk -> %UserProfile%\Desktop\Turtle Odyssey.lnk -> [Ver = | Size = 527 bytes | Modified Date = 10/02/2008 4:55:16 PM | Attr = ]
WinPFind35u -> %UserProfile%\Desktop\WinPFind35u -> [Folder | Created Date = 12/02/2008 10:05:40 AM | Attr = ]
Zen Puzzle Garden.lnk -> %UserProfile%\Desktop\Zen Puzzle Garden.lnk -> [Ver = | Size = 876 bytes | Modified Date = 24/01/2008 10:58:35 AM | Attr = ]
Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Created Date = 9/02/2008 8:36:35 PM | Attr = ]

[Files/Folders - Modified Within 90 days]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 201 bytes | Modified Date = 9/02/2008 7:42:43 AM | Attr = RHS]
Deckard -> %SystemDrive%\Deckard -> [Folder | Modified Date = 12/02/2008 8:21:56 AM | Attr = ]
Desktop -> %SystemDrive%\Desktop -> [Folder | Modified Date = 27/01/2008 8:31:15 PM | Attr = ]
Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 7/02/2008 5:10:13 PM | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 469159936 bytes | Modified Date = 12/02/2008 5:49:18 AM | Attr = HS]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 12/02/2008 8:19:53 AM | Attr = R ]
sqmdata14.sqm -> %SystemDrive%\sqmdata14.sqm -> [Ver = | Size = 232 bytes | Modified Date = 26/11/2007 6:02:37 PM | Attr = H ]
sqmnoopt14.sqm -> %SystemDrive%\sqmnoopt14.sqm -> [Ver = | Size = 244 bytes | Modified Date = 26/11/2007 6:02:37 PM | Attr = H ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 9/02/2008 3:07:50 AM | Attr = HS]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 12/02/2008 7:48:48 AM | Attr = ]
aavmker4.sys -> %SystemRoot%\System32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 26624 bytes | Modified Date = 4/12/2007 11:49:02 PM | Attr = ]
aswmon.sys -> %SystemRoot%\System32\drivers\aswmon.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 93264 bytes | Modified Date = 4/12/2007 11:56:02 PM | Attr = ]
aswmon2.sys -> %SystemRoot%\System32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 94544 bytes | Modified Date = 4/12/2007 11:55:46 PM | Attr = ]
aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 23152 bytes | Modified Date = 4/12/2007 11:53:39 PM | Attr = ]
aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 42912 bytes | Modified Date = 4/12/2007 11:51:52 PM | Attr = ]
etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 9/02/2008 9:29:33 AM | Attr = ]
1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp ->
hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [Ver = | Size = 141 bytes | Modified Date = 4/02/2008 1:18:14 AM | Attr = R ]
hosts.20080204-011752.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080204-011752.backup -> [Ver = | Size = 27 bytes | Modified Date = 26/01/2008 8:33:55 AM | Attr = ]
hosts.bak -> %SystemRoot%\System32\drivers\etc\hosts.bak -> [Ver = | Size = 223945 bytes | Modified Date = 24/01/2008 12:02:41 PM | Attr = R ]
tmvsthfss.bin -> %SystemRoot%\System32\drivers\etc\tmvsthfss.bin -> [Ver = | Size = 734 bytes | Modified Date = 23/01/2008 12:54:49 PM | Attr = ]
tmvsthfud.bin -> %SystemRoot%\System32\drivers\etc\tmvsthfud.bin -> [Ver = | Size = 734 bytes | Modified Date = 23/01/2008 12:54:58 PM | Attr = ]
tmcomm.sys -> %SystemRoot%\System32\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.6.0.1059 | Size = 102664 bytes | Modified Date = 9/02/2008 9:16:05 AM | Attr = ]
1033 -> %SystemRoot%\System32\1033 -> [Folder | Modified Date = 26/01/2008 7:54:12 AM | Attr = ]
1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 837496 bytes | Modified Date = 4/12/2007 10:04:28 PM | Attr = ]
AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 95608 bytes | Modified Date = 4/12/2007 9:54:04 PM | Attr = ]
CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 9/02/2008 1:06:06 PM | Attr = ]
CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 12/02/2008 8:10:37 AM | Attr = ]
config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 11/02/2008 6:43:49 PM | Attr = ]
CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [Ver = | Size = 2626 bytes | Modified Date = 9/02/2008 1:19:11 PM | Attr = ]
dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 9/01/2008 11:09:13 PM | Attr = RHS]
drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 9/02/2008 8:39:19 PM | Attr = ]
en-US -> %SystemRoot%\System32\en-US -> [Folder | Modified Date = 25/01/2008 6:06:33 AM | Attr = ]
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 302032 bytes | Modified Date = 25/01/2008 6:15:23 AM | Attr = ]
Help.ico -> %SystemRoot%\System32\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 7/02/2008 9:00:29 AM | Attr = ]
java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.4
  • 0

Advertisements

#17
Rorschach112
Posted 11 February 2008 - 07:42 PM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Can you attach the report please, and not post it
  • 0

#18
AQUA258
Posted 11 February 2008 - 07:51 PM

AQUA258

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts
hope this works...sorry if it doesnt.

Attached Files

  • Attached File  scan.txt   52.11KB   134 downloads

  • 0

#19
Rorschach112
Posted 12 February 2008 - 07:06 AM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Hello

Start WinPFind35U. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.

[Kill Explorer]
[Unregister Dlls]
[Processes - Non-Microsoft Only]
YY -> alcxmntr.exe -> %SystemRoot%\ALCXMNTR.EXE
[Win32 Services - Non-Microsoft Only]
YY -> (a2free) a-squared Free Service [Win32_Own | Disabled | Stopped] ->
YY -> (SfCtlCom) Trend Micro Central Control Component [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\Internet Security\SfCtlCom.exe
YY -> (TMBMServer) Trend Micro Unauthorized Change Prevention Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\BM\TMBMSRV.exe
YY -> (Tmntsrv) Trend Micro Real-time Service [Win32_Own | Auto | Stopped] -> %SystemDrive%\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
YY -> (TmPfw) Trend Micro Personal Firewall [Win32_Own | Auto | Stopped] -> %SystemDrive%\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
YY -> (tmproxy) Trend Micro Proxy Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\Internet Security\TmProxy.exe
[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YY -> AlcxMonitor -> %SystemRoot%\ALCXMNTR.EXE
YY -> UfSeAgnt.exe -> %ProgramFiles%\Trend Micro\Internet Security\UfSeAgnt.exe
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YY -> OE -> %ProgramFiles%\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
*.update_microsoft.com [https] -> Trusted sites
YY -> {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll [TSToolbarBHO]
< Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
YN -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
YY -> {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll [Transaction Protector]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YN -> ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\
YN -> CmdMapping\\{2670000A-7350-4f3c-8081-5663EE0C6C49} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.]
YN -> CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.]
YN -> CmdMapping\\{E023F504-0C5A-4750-A1E7-A9046DEA8A21} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.]
YN -> CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.]
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
YN -> ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.]
YN -> msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.]
[Files/Folders - Created Within 90 days]
YY -> 3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp
[Files/Folders - Modified Within 90 days]
YY -> 1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp
YY -> 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp
[Empty Temp Folders]
[Start Explorer]
[Reboot]


The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here

I will review the information when it comes back in.



Also post a new HijackThis log
  • 0

#20
AQUA258
Posted 12 February 2008 - 09:00 AM

AQUA258

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts
HEY HEY, Sorry it has taken so long but i don't think its working. It kinda gets stuck. I did what you said copy-paste into the box click run fix and i waited. It removed all my icons off the screen left the screen saver up and thats how it stayed this whole time. when i went to try to stop it, it wouldnt respond so i turned off comp and then on again....?
  • 0

#21
Rorschach112
Posted 12 February 2008 - 09:14 AM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Try this instead


Start WinPFind35U. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.

[Processes - Non-Microsoft Only]
YY -> alcxmntr.exe -> %SystemRoot%\ALCXMNTR.EXE
[Win32 Services - Non-Microsoft Only]
YY -> (a2free) a-squared Free Service [Win32_Own | Disabled | Stopped] ->
YY -> (SfCtlCom) Trend Micro Central Control Component [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\Internet Security\SfCtlCom.exe
YY -> (TMBMServer) Trend Micro Unauthorized Change Prevention Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\BM\TMBMSRV.exe
YY -> (Tmntsrv) Trend Micro Real-time Service [Win32_Own | Auto | Stopped] -> %SystemDrive%\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
YY -> (TmPfw) Trend Micro Personal Firewall [Win32_Own | Auto | Stopped] -> %SystemDrive%\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
YY -> (tmproxy) Trend Micro Proxy Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\Internet Security\TmProxy.exe
[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YY -> AlcxMonitor -> %SystemRoot%\ALCXMNTR.EXE
YY -> UfSeAgnt.exe -> %ProgramFiles%\Trend Micro\Internet Security\UfSeAgnt.exe
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YY -> OE -> %ProgramFiles%\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
*.update_microsoft.com [https] -> Trusted sites
YY -> {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll [TSToolbarBHO]
< Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
YN -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
YY -> {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll [Transaction Protector]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YN -> ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\
YN -> CmdMapping\\{2670000A-7350-4f3c-8081-5663EE0C6C49} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.]
YN -> CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.]
YN -> CmdMapping\\{E023F504-0C5A-4750-A1E7-A9046DEA8A21} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.]
YN -> CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.]
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
YN -> ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.]
YN -> msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.]
[Files/Folders - Created Within 90 days]
YY -> 3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp
[Files/Folders - Modified Within 90 days]
YY -> 1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp
YY -> 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp
[Reboot]


The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here


I will review the information when it comes back in.



Post a new HijackThis log even if it fails
  • 0

#22
AQUA258
Posted 12 February 2008 - 09:26 AM

AQUA258

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts
Sorry, this time it doesn't change anything on my screen. Says that the fix is running but comp ain't doing anything. When i went to turn it off it says....program not responding.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:36:20 AM, on 13/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\USB Storage RW\shwicon.exe
C:\Windows\system32\HpSrvUI.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\HP\KBD\KBD.EXE
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3V1.EXE
C:\WINDOWS\vsnpstd.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Owner\My Documents\My Completed Downloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: TransactionProtector BHO - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - C:\Program Files\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Transaction Protector - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - C:\Program Files\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll (file missing)
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KYE_Showicon] "C:\Program Files\USB Storage RW\shwicon.exe" -t"KYE\USB Storage RW"
O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe
O4 - HKLM\..\Run: [hpScannerFirstBoot] c:\hp\drivers\scanners\scannerfb.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [EPSON Stylus CX1500 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3V1.EXE /P26 "EPSON Stylus CX1500 Series" /O6 "USB001" /M "Stylus CX1500"
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [EPSON Stylus CX1500 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3V1.EXE /P26 "EPSON Stylus CX1500 Series" /M "Stylus CX1500" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1186103321781
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1186116406453
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7161 bytes

Edited by AQUA258, 12 February 2008 - 09:33 AM.

  • 0

#23
Rorschach112
Posted 12 February 2008 - 10:20 AM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Part of it worked

1. Please re-open HiJackThis and choose do a system scan only. Check the boxes next to ONLY the entries listed below(if present):

O2 - BHO: TransactionProtector BHO - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - C:\Program Files\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll (file missing)
O3 - Toolbar: Transaction Protector - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - C:\Program Files\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll (file missing)


2. Now close all windows other than HiJackThis, including browsers, so that nothing other than HijackThis is open, then click Fix Checked. A box will pop up asking you if you wish to fix the selected items. Please choose YES. Once it has fixed them, please exit/close HijackThis.


Then tell me how your PC is running
  • 0

#24
AQUA258
Posted 12 February 2008 - 04:53 PM

AQUA258

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts
Have done what you asked....So far so good (Still cant get into ACP). There is one trace of Trend left that i can't remove. In the control panel, were all the icons come up, there is an icon...Run Pc-cillin Internet Security......No delete option.

How can i remove it?????
  • 0

#25
Rorschach112
Posted 12 February 2008 - 04:56 PM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Try the steps in this link

http://www.support.a...i...530&appId=1

Your problems aren't malware related so it would be better off if you posted in the Windows XP forum

Let me know if you have any more questions
  • 0

Advertisements

#26
Rorschach112
Posted 17 February 2008 - 04:32 PM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP