Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Win32.Trojan.Yspy

Started by kelkay , Jun 10 2008 07:09 AM

  • This topic is locked This topic is locked

#46
kelkay
Posted 16 June 2008 - 06:59 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
I will be back in about 3-4 minutes.
  • 0

Advertisements

#47
kelkay
Posted 16 June 2008 - 07:05 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
I am back now.
  • 0

#48
koko_crunch
Posted 16 June 2008 - 07:10 PM

koko_crunch

    Trusted Helper

  • Retired Staff
  • 1,751 posts
Ok, Let's do another scan.

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
  • Under "Configuration and Preferences", click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

then,

Please download Deckard's System Scanner (DSS) and save it to your Desktop.
  • Close all other windows before proceeding.
  • Double-click on dss.exe and follow the prompts.
  • When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.


Post back with the following log

- SuperAntispyware log
- DSS main and extra
  • 0

#49
kelkay
Posted 16 June 2008 - 07:12 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
I already have the first program downloaded. Last night it took a little over two hours to run it. I will start it now.
  • 0

#50
koko_crunch
Posted 16 June 2008 - 07:15 PM

koko_crunch

    Trusted Helper

  • Retired Staff
  • 1,751 posts
That's fine... Just update the definition then do the scan.
Post back when ready. :)
  • 0

#51
kelkay
Posted 16 June 2008 - 07:15 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
I started the scan.
  • 0

#52
kelkay
Posted 16 June 2008 - 07:16 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
Yes, I just updated, and started it. Thanks!
  • 0

#53
kelkay
Posted 16 June 2008 - 07:18 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
I had the Deckard System Scan downloaded, but after it finished the last time I did this a few days ago, it disappeared. I guess I have to re-download that one.
  • 0

#54
kelkay
Posted 16 June 2008 - 09:21 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
The scan found no infections at all!
  • 0

#55
kelkay
Posted 16 June 2008 - 09:32 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
dss only opened one notepad....I will copy and paste it here...

Deckard's System Scanner v20071014.68
Run by Kelly on 2008-06-16 22:26:55
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Kelly.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:27:35, on 6/16/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
C:\PROGRA~1\DrWeb\SpiderNT.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\PROGRA~1\DrWeb\spiderui.exe
C:\Program Files\DrWeb\spiderml.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Kelly\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Kelly.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - (no file)
O3 - Toolbar: WebFerret - {A58686ED-FC46-44C3-95C6-4A812AB776F1} - C:\Program Files\FerretSoft\WebFerret\FerretBand.dll
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /startup
O4 - HKLM\..\Run: [SpIDerNT] C:\PROGRA~1\DrWeb\spiderui.exe /agent
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SpIDerMail] "C:\Program Files\DrWeb\spiderml.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-18\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (User 'Default user')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: PI Monitor.lnk = C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\system32\wweb32.dll/lookup.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....030/CTSUEng.cab
O16 - DPF: {127CE7BA-AD89-4108-A913-C52EFC037C36} (OMN Player Support) - http://kdx.omn.org/s...ayerSupport.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewid...oOnlineScan.cab
O16 - DPF: {2776DDE9-D4B2-4BF7-9F98-ADC1A1B80AF5} (OMN Media Publisher) - http://kdx.omn.org/s...iaPublisher.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.shockwave...h2.1.0.0.67.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1165348971449
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -
O16 - DPF: {A7ECD556-D6F6-4F41-8C6B-14AB246801A0} (Secure Delivery) - http://kdx.omn.org/s...ery/omn/kdx.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15030/CTPID.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Unknown owner - C:\Program Files\Kontiki\KService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sansa Updater Service (SansaService) - Unknown owner - C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
O23 - Service: SpIDer Guard for Windows NT (spidernt) - Doctor Web, Ltd. - C:\PROGRA~1\DrWeb\SpiderNT.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 10645 bytes

-- Files created between 2008-05-16 and 2008-06-16 -----------------------------

2008-06-16 18:30:08 82944 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-06-16 15:42:13 3322 --a------ C:\WINDOWS\system32\tmp.reg
2008-06-16 15:35:36 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-06-16 15:35:36 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-06-16 15:35:36 86528 --a------ C:\WINDOWS\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>
2008-06-16 15:35:36 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-06-16 15:35:35 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-06-16 15:35:35 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2008-06-15 21:31:48 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-06-15 21:31:41 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-06-15 21:31:41 0 d-------- C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com
2008-06-12 15:35:16 0 d-------- C:\Program Files\iPod
2008-06-12 15:35:06 0 d-------- C:\Program Files\iTunes
2008-06-12 15:34:02 0 d-------- C:\Program Files\QuickTime
2008-06-12 15:32:24 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-06-12 15:31:58 0 d-------- C:\Program Files\Common Files\Apple
2008-06-12 15:29:32 0 d-------- C:\Program Files\Apple Software Update
2008-06-12 15:29:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-06-06 17:04:15 21312 --a------ C:\WINDOWS\choice.exe
2008-06-06 16:59:37 0 d-------- C:\old
2008-06-06 16:59:37 0 d-------- C:\choice
2008-06-06 16:59:37 0 d-------- C:\adult
2008-06-06 16:59:00 0 d-------- C:\ie-spyad
2008-06-06 08:57:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-06-06 08:57:03 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\winupie.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\winmuschi.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\updatewinlocator.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\zp.dll
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\zeropopupbar.dll
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\winwsl.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\wintft.dll
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\wintbpx.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\wintbp.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\winshow.dll
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\winsb.dll
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\winrvl.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\winpup32.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\winpup.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\winlocatorhelper.dll
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\winlocator.dll
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\winksl.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\update.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\systemout.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\sysdll32.dll
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\servises.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\rx.exe
2008-06-05 23:49:24 0 d-------- C:\WINDOWS\system32\regperf.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\pup.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\pnp.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\per.exe
2008-06-05 23:49:24 0 d-------- C:\WINDOWS\system32\nvctrl.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\norton update.exe
2008-06-05 23:49:24 0 d-------- C:\WINDOWS\system32\mssearchnet.exe
2008-06-05 23:49:24 0 d-------- C:\WINDOWS\system32\msmsgs.exe
2008-06-05 23:49:24 0 d-------- C:\WINDOWS\system32\mscornet.exe
2008-06-05 23:49:24 0 d-------- C:\WINDOWS\system32\issearch.exe
2008-06-05 23:49:24 0 d-------- C:\WINDOWS\system32\isnotify.exe
2008-06-05 23:49:24 0 d-------- C:\WINDOWS\system32\ismon.exe
2008-06-05 23:49:24 0 d-------- C:\WINDOWS\system32\ishost.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\[bleep].exe
2008-06-05 23:49:24 0 d-------- C:\WINDOWS\system32\dfrgsrv.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\df_kme.exe
2008-06-05 23:49:24 0 d-------- C:\WINDOWS\system32\dcomcfg.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\csm.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\botzor.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\axconfig.dll
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\system32\4ccc3cea.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\pnpasn32.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\hpsv.exe
2008-06-05 23:49:24 0 dr-hs---- C:\WINDOWS\cdproxyserv.exe
2008-06-05 23:49:24 230 -r-h----- C:\Program Files\zsearch
2008-06-05 23:49:24 240 -r-h----- C:\Program Files\zeropopupbar
2008-06-05 23:49:24 226 -r-h----- C:\Program Files\zangoclient
2008-06-05 23:49:24 226 -r-h----- C:\Program Files\zango games
2008-06-05 23:49:24 228 -r-h----- C:\Program Files\xsoftware
2008-06-05 23:49:24 228 -r-h----- C:\Program Files\xpcspy
2008-06-05 23:49:24 232 -r-h----- C:\Program Files\winfixer 2005
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\windowsupd4.exe
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\windowsupd2.exe
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\windowsupd1.exe
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\vx2.dll
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\winntcreate.exe
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\vx2.dll
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\vwix32.exe
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\uninmyad.exe
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\tps108.dll
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\tisa.dll
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\tips.exe
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\tippcls.dat
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\tipp.dat
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\ticont.dll
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\ticads.exe
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\tconini.dat
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\sysmonnt.exe
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\spwgoc.exe
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\rvreg.exe
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\rulesak.dll
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\myad.dll
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\msview.dll
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\msnavc32.exe
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\lut.dat
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\lspak.dll
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\localnrd.dll
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\lcch.dat
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\ladchkr.exe
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\host.dll
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\gdu.dll
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\dad.bat
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\cidrules.dll
2008-06-05 23:49:23 0 d-------- C:\WINDOWS\system32\bridge.dll
2008-06-05 23:49:23 0 d-------- C:\WINDOWS\system32\a.exe
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\system32\6fo4svc.dll
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\psapi.dll
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\kernellos.dll
2008-06-05 23:49:23 222 -r-h----- C:\WINDOWS\isrvs
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\iehelper.dll
2008-06-05 23:49:23 0 dr-hs---- C:\WINDOWS\cleanhistories.dll
2008-06-05 23:49:23 0 d-------- C:\WINDOWS\ads.js
2008-06-05 23:49:23 240 -r-h----- C:\Program Files\winfavorites
2008-06-05 23:49:23 246 -r-h----- C:\Program Files\windows adtools
2008-06-05 23:49:23 250 -r-h----- C:\Program Files\windows adcontrol
2008-06-05 23:49:23 230 -r-h----- C:\Program Files\win comm
2008-06-05 23:49:23 226 -r-h----- C:\Program Files\whenu
2008-06-05 23:49:23 236 -r-h----- C:\Program Files\web_rebates
2008-06-05 23:49:23 236 -r-h----- C:\Program Files\web_cpr
2008-06-05 23:49:23 224 -r-h----- C:\Program Files\vvsn
2008-06-05 23:49:23 226 -r-h----- C:\Program Files\vvsdl
2008-06-05 23:49:23 226 -r-h----- C:\Program Files\vomba
2008-06-05 23:49:23 238 -r-h----- C:\Program Files\vmntoolbar
2008-06-05 23:49:23 232 -r-h----- C:\Program Files\ts trial
2008-06-05 23:49:23 222 -r-h----- C:\Program Files\hpdll
2008-06-05 23:49:23 232 -r-h----- C:\Program Files\Common Files\winsoftware
2008-06-05 23:49:23 226 -r-h----- C:\Program Files\Common Files\ucontrol
2008-06-05 23:49:23 222 -r-h----- C:\Program Files\autoupdate
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\t2serv.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\t2serv.dll
2008-06-05 23:49:22 0 d-------- C:\WINDOWS\system32\zlbw.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\wshtlprh.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\wshnseri.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\winftsap.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\winftsap.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\wincom32.sys
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\w3sskbda.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\vsxmpgpc.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\vnetsmme.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\vb5dmspo.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\v4pbpt51.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\trafracp.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\timesrv.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\snmpmssw.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\slbrmqtr.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\slbipsch.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\slbipsch.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\shfoxpob.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\secumsje.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\se.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\sd16win.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\scp3jgaw.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\rdpwmsjt.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\rcbdwmpd.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\qdvtscf.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\ppl.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\oebdfc.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\nordsys.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\msstersv.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\msnsxole.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\msnsxole.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\mslsicwd.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\msexcred.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\msafiasn.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\messenger.lib.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\hook2.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\hook1.dll
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\google.png.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\game3.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\game2.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\game1.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\alsys.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\system32\adchkr.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\sserrvv.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\serrv.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\reggserv.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\msupdtwiz.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\cserv32.exe
2008-06-05 23:49:22 0 dr-hs---- C:\WINDOWS\ccsserv.exe
2008-06-05 23:49:22 234 -r-h----- C:\temp_kl
2008-06-05 23:49:22 232 -r-h----- C:\Program Files\topmoxie
2008-06-05 23:49:22 244 -r-h----- C:\Program Files\sys detective+
2008-06-05 23:49:22 240 -r-h----- C:\Program Files\surfsidekick
2008-06-05 23:49:22 240 -r-h----- C:\Program Files\surfsidekick 2
2008-06-05 23:49:22 232 -r-h----- C:\Program Files\superbar
2008-06-05 23:49:22 232 -r-h----- C:\Program Files\netmeting
2008-06-05 23:49:22 234 -r-h----- C:\archivos de programa
2008-06-05 23:49:21 0 d-------- C:\WINDOWS\system32\xkrdk.dll
2008-06-05 23:49:21 0 d-------- C:\WINDOWS\system32\wiatwain.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\unsocul.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\sodahk.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\socul.dll
2008-06-05 23:49:21 0 d-------- C:\WINDOWS\system32\replmap.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\mqoacdmo.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\mqadscp3.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\mgmtmtxc.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\mcd3mscm.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\lmrtatkc.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\kbdpkbdr.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\kbdfwshe.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\jgsdrpcn.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\jgsdrpcn.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\jgdwadsn.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\jgdwadsn.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\iuennwcf.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\ir32racp.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\ipxwshel.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\ipxrmfc4.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\imesrdch.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\icmpdx3j.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\iaspdpus.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\i4n27vl.exe
2008-06-05 23:49:21 0 d-------- C:\WINDOWS\system32\higehsg.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\hhselz32.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\fltlauto.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\fileserv.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\e1.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\dsseds32.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\dsseds32.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\dpugmswe.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\dnsrxpob.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\deskmcd3.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\ddemdmco.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\davctool.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\davctool.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\confbrw.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\comrkbdd.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\comploader.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\chkmfdep.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\camodpnm.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\brwstat.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\brwprf32.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\brwperf.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\brwmgr32.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\brwconf.exe
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\avifipxr.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\admeiolo.dll
2008-06-05 23:49:21 0 dr-hs---- C:\WINDOWS\system32\actidmoc.exe
2008-06-05 23:49:21 234 -r-h----- C:\spedia
2008-06-05 23:49:21 244 -r-h----- C:\Program Files\swagent
2008-06-05 23:49:21 244 -r-h----- C:\Program Files\stealthwatcher200
2008-06-05 23:49:21 230 -r-h----- C:\Program Files\spytech software
2008-06-05 23:49:21 234 -r-h----- C:\Program Files\spyonthis
2008-06-05 23:49:21 232 -r-h----- C:\Program Files\spyblast
2008-06-05 23:49:21 226 -r-h----- C:\Program Files\p4p
2008-06-05 23:49:21 226 -r-h----- C:\Program Files\Common Files\sogou pxp
2008-06-05 23:49:20 236 -r-h----- C:\WINDOWS\winsecurity
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\waladhpr.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\wzhelper.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\webalize.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\somatic.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\smdnn05.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\servehost.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\seqsb.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\searchupdate33.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\searchupdate31.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\searchsquire33.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\searchsquire3.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\searchsquire2.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\searchsquire.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\seantb.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\s4helper.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\reg2.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\pqhelper.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\mygeek.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\msqsb.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\msplus4.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\msplus3.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\msplus2.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\mslspcg.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\mgeekremove.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\ifsomatic.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\ifhelper.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\iebrw.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\hotlink.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\homepage.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\hmepge.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\gsim.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\system32\barbho.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\svrmgr.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\ssmsgr.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\ssls.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\ssdgt.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\sscrg.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\skynetave.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\napatch.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\lsasss.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\gsim.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\cssswd.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\csssupd.exe
2008-06-05 23:49:20 236 -r-h----- C:\WINDOWS\connectionstatus
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\cfg32s.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\cfg32r.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\cfg32o.dll
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\cfg32.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\avserve3.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\avserve2.exe
2008-06-05 23:49:20 0 dr-hs---- C:\WINDOWS\adrsb.exe
2008-06-05 23:49:20 232 -r-h----- C:\Program Files\valintines day card
2008-06-05 23:49:20 234 -r-h----- C:\Program Files\softomate
2008-06-05 23:49:20 248 -r-h----- C:\Program Files\selectrebates
2008-06-05 23:49:20 234 -r-h----- C:\Program Files\searchnet
2008-06-05 23:49:20 240 -r-h----- C:\Program Files\searchlocate
2008-06-05 23:49:20 236 -r-h----- C:\Program Files\screenview
2008-06-05 23:49:20 230 -r-h----- C:\Program Files\savenow
2008-06-05 23:49:20 234 -r-h----- C:\Program Files\rxtoolbar
2008-06-05 23:49:20 234 -r-h----- C:\Program Files\ietoolbar
2008-06-05 23:49:20 230 -r-h----- C:\Program Files\ezthemes_whenusavenow_installer
2008-06-05 23:49:20 242 -r-h----- C:\Program Files\dynamic toolbar
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\wserver.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\winlogon.scr
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\winlogon.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\visualguard.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\userconfig9x.dll
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\system32\vlcx052.dll
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\system32\speeder.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\system32\slpube03.dll
2008-06-05 23:49:19 0 d-------- C:\WINDOWS\system32\shnlog.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\system32\rlvknlg.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\system32\rkinstaller.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\system32\rk.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\system32\optserve.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\system32\optserve.dll
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\system32\mstc.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\system32\msplus1.dll
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\system32\msplus.dll
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\system32\msclt.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\system32\mrkscr.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\system32\lp.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\system32\lp.dll
2008-06-05 23:49:19 0 d-------- C:\WINDOWS\system32\intmon.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\system32\auole4.dll
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\sysmonxp.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\symav.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\switpb.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\switpa.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\services.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\rundil32.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\rundil.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\phantom.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\pandaavengine.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\netmedia.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\msnmsgrs.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\maja.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\lansas.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\kasperskyaveng.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\jammer2nd.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\infodll.dll
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\fvprotect.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\fooding.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\firewallsvr.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\easyav.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\diskmonitor.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\comp.cpl
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\avprotect9x.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\avprotect.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\avpguard.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\avguard.exe
2008-06-05 23:49:19 0 dr-hs---- C:\WINDOWS\avbgle.exe
2008-06-05 23:49:19 234 -r-h----- C:\Program Files\startup mechanic
2008-06-05 23:49:19 250 -r-h----- C:\Program Files\relevantknowledge
2008-06-05 23:49:19 234 -r-h----- C:\Program Files\rax search helper
2008-06-05 23:49:19 228 -r-h----- C:\Program Files\psupport
2008-06-05 23:49:19 234 -r-h----- C:\Program Files\need2find
2008-06-05 23:49:19 226 -r-h----- C:\Program Files\ncase
2008-06-05 23:49:19 232 -r-h----- C:\Program Files\navexcel
2008-06-05 23:49:19 232 -r-h----- C:\Program Files\navexcel search toolbar
2008-06-05 23:49:19 238 -r-h----- C:\Program Files\mywebsearch
2008-06-05 23:49:19 228 -r-h----- C:\Program Files\exolon
2008-06-05 23:49:19 234 -r-h----- C:\Program Files\ddr
2008-06-05 23:49:19 236 -r-h----- C:\Program Files\Common Files\nsis
2008-06-05 23:49:19 234 -r-h----- C:\Program Files\arcade!
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\xpfirewall.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\wpwmgrs.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\winvnc.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\wintasker.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\winsyscfg.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\winsys32.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\winsys.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\winsvc32.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\winstart.pif
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\winnt.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\wininfo.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\winhlpapi.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\wingmt32.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\winds.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\windowz.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\windowsfirewall.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\windasz-updote.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\win32.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\win24.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\wid32.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\wfdmgr.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\wfdgmr.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\wdns33.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\w32ntupdt.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\w1nt5k.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\twunk_65.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\timemanager.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\taskgmr32.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\taskgmr.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\taskgamr.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\tagmr.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\sysconf.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\sword.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\svshost.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\stagmr.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\sp2winfix.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\sp2fx.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\skybot.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\shell.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\service5.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\sd.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\scvhost32.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\scrigz.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\scalpe91.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\rundll.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\remote.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\protection.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\plugnplay32.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\picx.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\phantom.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\netcog.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\mtrnqs.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\mswins.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\mssck.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\msplus32.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\msnl.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\msmgrxp.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\msgmr.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\msdev32.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\mouse.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\microupdate.exe
2008-06-05 23:49:18 0 dr-hs---- C:\WINDOWS\system32\memloader.exe
2008-06-05 23:49:17 0 dr-hs---- C:\winssystem.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\unstall.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\winnb60.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\winnb58.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\winnb57.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\winnb56.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\winnb52.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\winnb51.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\winnb42.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\winnb41.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\winnb40.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\windmy.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\winats.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\patch31345.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\osalogbe.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\nn_bar31.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\nn_bar22.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\nn_bar21.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\nn_bar.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\myaccess.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\msapasrc.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\msa64chk.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\microsystem.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\mcscn.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\mailinfo.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\logitechwls.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\logic.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\lienvdk.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\lienvandekelder.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\lientjeuh.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\lien vd kelder.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\lien vande kelder.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\lien Van de kelderrr.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\lien van de kelder.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\lcd32.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\jusched32.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\itunegui.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\internet.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\iexplorer.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\hostdrvxp.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\hbmail.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\gothica.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\fixupdattr.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\evil.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\ds.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\dcomuser.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\coolbot.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\ccsrs.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\avpr.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\abs.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\666.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\1hellbot.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\system32\0.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\patch31345.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\msnarrator.exe
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\mrhop.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\mpgcom.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\iempg2.dll
2008-06-05 23:49:17 0 dr-hs---- C:\WINDOWS\iempg.dll
2008-06-05 23:49:17 236 -r-h----- C:\Program Files\support software
2008-06-05 23:49:17 236 -r-h----- C:\Program Files\network essentials
2008-06-05 23:49:17 236 -r-h----- C:\Program Files\medialoads
2008-06-05 23:49:17 236 -r-h----- C:\Program Files\medialoads enhanced
2008-06-05 23:49:17 0 dr-hs---- C:\hellmsn.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\xwrm.exe
2008-06-05 23:49:16 240 -r-h----- C:\WINDOWS\wintrim
2008-06-05 23:49:16 240 -r-h----- C:\WINDOWS\winmgts
2008-06-05 23:49:16 240 -r-h----- C:\WINDOWS\wincomp
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\wgavm.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\wgareg.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\vtlbar1.dll
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\version.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\updtscheduler.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\tubby.dll
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\toolbar.dll
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\tbc.dll
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\sys.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\nas.dll
2008-06-05 23:49:16 0 d-------- C:\WINDOWS\system32\mtc.dll
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\msxml4r.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\msklive.dll
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\mseggrpid.dll
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\msegcompid.dll
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\mscache.dll
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\mapisvc32.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\madise.dll
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\keyhost.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\keyactivex.ocx
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\jeired.dll
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\iexplore.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\ia.dll
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\gcasctrl.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\egdial.dll
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\egdhtml_1027.dll
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\egdhtml_1026.dll
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\duel.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\dll.dll
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\aupdate_uninstall.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\aupdate.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\system32\adv.dll
2008-06-05 23:49:16 240 -r-h----- C:\WINDOWS\navpmc
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\mscache.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\mscache.dll
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\mmups.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\mm63.ocx
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\mm21.ocx
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\mm20.ocx
2008-06-05 23:49:16 240 -r-h----- C:\WINDOWS\mc
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\istsvc.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\imgurla.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\exedialer.exe
2008-06-05 23:49:16 0 dr-hs---- C:\WINDOWS\a64sddd.exe
2008-06-05 23:49:16 234 -r-h----- C:\Program Files\powersearch
2008-06-05 23:49:16 234 -r-h----- C:\Program Files\perfectnav
2008-06-05 23:49:16 242 -r-h----- C:\Program Files\media gateway
2008-06-05 23:49:16 232 -r-h----- C:\Program Files\md
2008-06-05 23:49:16 228 -r-h----- C:\Program Files\lstsvc
2008-06-05 23:49:16 244 -r-h----- C:\Program Files\kuaiso toolsbar
2008-06-05 23:49:16 242 -r-h----- C:\Program Files\kgb keylogger
2008-06-05 23:49:16 266 -r-h----- C:\Program Files\invisible secrets toolbar
2008-06-05 23:49:16 240 -r-h----- C:\Program Files\instant buzz
2008-06-05 23:49:16 234 -r-h----- C:\Program Files\incredifind
2008-06-05 23:49:16 228 -r-h----- C:\Program Files\ebayshop
2008-06-05 23:49:16 234 -r-h----- C:\Program Files\Common Files\updmgr
2008-06-05 23:49:16 234 -r-h----- C:\Program Files\Common Files\updater
2008-06-05 23:49:16 234 -r-h----- C:\Program Files\Common Files\keenvalue
2008-06-05 23:49:15 232 -r-h----- C:\WINDOWS\wqzq
2008-06-05 23:49:15 0 dr-hs---- C:\WINDOWS\winserv.exe
2008-06-05 23:49:15 0 dr-hs---- C:\WINDOWS\winobject.dll
2008-06-05 23:49:15 0 dr-hs---- C:\WINDOWS\wdskctl.exe
2008-06-05 23:49:15
  • 0

Advertisements

#56
kelkay
Posted 16 June 2008 - 09:39 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
I tried to find the other txt file, but it didn't have one. It only popped up the main.txt Do you want me to run it again?
I will be on just a little while longer. If I miss you online, I will have to do whatever needs to be done, if anything later.
  • 0

#57
kelkay
Posted 16 June 2008 - 09:45 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
I guess I should add...last time I did this the dss.exe file disappeared, and had two txt files. This time it is still on my desktop.
  • 0

#58
koko_crunch
Posted 17 June 2008 - 12:19 AM

koko_crunch

    Trusted Helper

  • Retired Staff
  • 1,751 posts
Still seeing those infected files..


click on Start, click on Run
copy and paste the following in bold in the open window and then click OK
"%userprofile%\desktop\dss.exe" /config
This will open up DSS configuration
click on Check All then Uncheck All
Place a check on
"File Associations"
"Drivers"
"Services"
"Add/remove programs"
"Security Center"
"User profiles"
click Scan
DSS will now run again when finished
Please post back both logs that open in notepad
  • 0

#59
kelkay
Posted 17 June 2008 - 06:53 AM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
Deckard's System Scanner v20071014.68
Run by Kelly on 2008-06-17 07:50:48
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- File Associations -----------------------------------------------------------

.bat - batfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-153
.bat - batfile - shell\open\command - "%1" %*
.bat - batfile - shell\edit\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.cmd - cmdfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-153
.cmd - cmdfile - shell\open\command - "%1" %*
.cmd - cmdfile - shell\edit\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.chm - chm.file - DefaultIcon - C:\WINDOWS\hh.exe,0
.chm - chm.file - shell\open\command - "C:\WINDOWS\hh.exe" %1
.com - comfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,2
.com - comfile - shell\open\command - "%1" %*
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*
.exe - exefile - DefaultIcon - %1
.exe - exefile - shell\open\command - "%1" %*
.hlp - hlpfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,23
.hlp - hlpfile - shell\open\command - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-151
.inf - inffile - shell\open\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-151
.ini - inifile - shell\open\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - DefaultIcon - %SystemRoot%\System32\WScript.exe,3
.js - JSFile - shell\open\command - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - CLSID - {00021401-0000-0000-C000-000000000046}
.pif - piffile - shell\open\command - "%1" %*
.reg - regfile - DefaultIcon - %SystemRoot%\regedit.exe,1
.reg - regfile - shell\open\command - regedit.exe "%1"
.reg - regfile - shell\edit\command - %SystemRoot%\system32\NOTEPAD.EXE %1
.scr - scrfile - shell\open\command - "%1" /S
.txt - txtfile - DefaultIcon - %SystemRoot%\system32\shell32.dll,-152
.txt - txtfile - shell\open\command - "%WinDir%\NOTEPAD.EXE" %1
.vbs - VBSFile - DefaultIcon - %SystemRoot%\System32\WScript.exe,2
.vbs - VBSFile - shell\open\command - %SystemRoot%\System32\WScript.exe "%1" %*
.vbs - VBSFile - shell\edit\command - %SystemRoot%\System32\Notepad.exe %1



-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 ACPI (Microsoft ACPI Driver) - c:\windows\system32\drivers\acpi.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 atapi (Standard IDE/ESDI Hard Disk Controller) - c:\windows\system32\drivers\atapi.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Disk (Disk Driver) - c:\windows\system32\drivers\disk.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 dmio (Logical Disk Manager Driver) - c:\windows\system32\drivers\dmio.sys <Verified; Microsoft Corp., Veritas Software; VERITAS® NT Disk Manager>
R0 dmload - c:\windows\system32\drivers\dmload.sys <Verified; Microsoft Corp., Veritas Software.; Logical Disk Manager for Windows NT>
R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Ftdisk (Volume Manager Driver) - c:\windows\system32\drivers\ftdisk.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 giveio - c:\windows\system32\giveio.sys
R0 iaStor (Intel RAID Controller) - c:\windows\system32\drivers\iastor.sys <Verified; Intel Corporation; Intel Matrix Storage Manager driver>
R0 IntelIde - c:\windows\system32\drivers\intelide.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 isapnp (PnP ISA/EISA Bus Driver) - c:\windows\system32\drivers\isapnp.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 MountMgr - c:\windows\system32\drivers\mountmgr.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Mup - c:\windows\system32\drivers\mup.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 NDIS (NDIS System Driver) - c:\windows\system32\drivers\ndis.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 ohci1394 (OHCI Compliant IEEE 1394 Host Controller) - c:\windows\system32\drivers\ohci1394.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PartMgr - c:\windows\system32\drivers\partmgr.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PCI (PCI Bus Driver) - c:\windows\system32\drivers\pci.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PCIIde - c:\windows\system32\drivers\pciide.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PxHelp20 - c:\windows\system32\drivers\pxhelp20.sys <Verified; Sonic Solutions; PxHelp20>
R0 speedfan - c:\windows\system32\speedfan.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
R0 sr (System Restore Filter Driver) - c:\windows\system32\drivers\sr.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 srescan - c:\windows\system32\zonelabs\srescan.sys <Verified; Zone Labs, LLC; srescanner>
R0 ViaIde - c:\windows\system32\drivers\viaide.sys <Verified; Microsoft Corporation; Microsoft® Windows NT® Operating System>
R0 VolSnap - c:\windows\system32\drivers\volsnap.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - c:\windows\system32\drivers\wudfpf.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 AFD - c:\windows\system32\drivers\afd.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 AmdK8 (AMD Processor Driver) - c:\windows\system32\drivers\amdk8.sys <Verified; Advanced Micro Devices; AMD Processor Driver>
R1 Beep - c:\windows\system32\drivers\beep.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Cdrom (CD-ROM Driver) - c:\windows\system32\drivers\cdrom.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Fips - c:\windows\system32\drivers\fips.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 i8042prt (i8042 Keyboard and PS/2 Mouse Port Driver) - c:\windows\system32\drivers\i8042prt.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Imapi (CD-Burning Filter Driver) - c:\windows\system32\drivers\imapi.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 IPSec (IPSEC driver) - c:\windows\system32\drivers\ipsec.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Kbdclass (Keyboard Class Driver) - c:\windows\system32\drivers\kbdclass.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 mnmdd - c:\windows\system32\drivers\mnmdd.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Mouclass (Mouse Class Driver) - c:\windows\system32\drivers\mouclass.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 MRxSmb - c:\windows\system32\drivers\mrxsmb.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Msfs - c:\windows\system32\drivers\msfs.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers\netbios.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 NetBT (NetBios over Tcpip) - c:\windows\system32\drivers\netbt.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Npfs - c:\windows\system32\drivers\npfs.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Null - c:\windows\system32\drivers\null.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Rdbss - c:\windows\system32\drivers\rdbss.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 redbook (Digital CD Audio Playback Filter Driver) - c:\windows\system32\drivers\redbook.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys <Verified; SUPERAdBlocker.com and SUPERAntiSpyware.com; SUPERAntiSpyware>
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys <Verified; SUPERAdBlocker.com and SUPERAntiSpyware.com; SUPERAntiSpyware>
R1 Tcpip (TCP/IP Protocol Driver) - c:\windows\system32\drivers\tcpip.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 TermDD (Terminal Device Driver) - c:\windows\system32\drivers\termdd.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 VgaSave - c:\windows\system32\drivers\vga.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 vsdatant - c:\windows\system32\vsdatant.sys <Verified; Zone Labs, LLC; TrueVector Device Driver>
R1 WS2IFSL (Windows Socket 2.0 Non-IFS Service Provider Support Environment) - c:\windows\system32\drivers\ws2ifsl.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 mdmxsdk - c:\windows\system32\drivers\mdmxsdk.sys <Verified; Conexant; Diagnostic Interface>
R2 Secdrv - c:\windows\system32\drivers\secdrv.sys <Verified; Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.; Macrovision SECURITY Driver>
R2 SPIDER (SpIDer FS Monitor for Windows NT) - c:\program files\drweb\spider.sys <Verified; Doctor Web, Ltd.; Dr.Web ® for Windows>
R3 aracpi - c:\windows\system32\drivers\aracpi.sys <Verified; Microsoft Corporation; Microsoft AR ACPI Driver>
R3 arkbcfltr (Microsoft PS2 Keyboard Filter) - c:\windows\system32\drivers\arkbcfltr.sys <Verified; Microsoft Corporation; Microsoft AR PS/2 Keyboard Filter Driver>
R3 armoucfltr (Microsoft PS2 Mouse Filter) - c:\windows\system32\drivers\armoucfltr.sys <Verified; Microsoft Corporation; Microsoft AR PS/2 Mouse Filter Driver>
R3 Arp1394 (1394 ARP Client Protocol) - c:\windows\system32\drivers\arp1394.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 ARPolicy - c:\windows\system32\drivers\arpolicy.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 audstub (Audio Stub Driver) - c:\windows\system32\drivers\audstub.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 GEARAspiWDM - c:\windows\system32\drivers\gearaspiwdm.sys <Verified; GEAR Software Inc.; CD DVD Filter>
R3 Gpc (Generic Packet Classifier) - c:\windows\system32\drivers\msgpc.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 HDAudBus (Microsoft UAA Bus Driver for High Definition Audio) - c:\windows\system32\drivers\hdaudbus.sys <Verified; Windows ® Server 2003 DDK provider; Microsoft® Windows® Operating System>
R3 HSX_DP - c:\windows\system32\drivers\hsx_dp.sys <Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
R3 HSXHWBS2 - c:\windows\system32\drivers\hsxhwbs2.sys <Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
R3 HTTP - c:\windows\system32\drivers\http.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 IntcAzAudAddService (Service for Realtek HD Audio (WDM)) - c:\windows\system32\drivers\rtkhdaud.sys <Verified; Realtek Semiconductor Corp.; Realtek® High Definition Audio Function Driver (HRTF data Copyright 1994 by MIT Media Lab)>
R3 IpNat (IP Network Address Translator) - c:\windows\system32\drivers\ipnat.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 kmixer (Microsoft Kernel Wave Audio Mixer) - c:\windows\system32\drivers\kmixer.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 L8042pr2 (Logitech PS/2 Mouse Filter Driver) - c:\windows\system32\drivers\l8042pr2.sys <Verified; Logitech, Inc.; Logitech MouseWare™>
R3 LMouFlt2 (Logitech Mouse Class Filter Driver) - c:\windows\system32\drivers\lmouflt2.sys <Verified; Logitech, Inc.; Logitech MouseWare™>
R3 Modem - c:\windows\system32\drivers\modem.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 MRxDAV (WebDav Client Redirector) - c:\windows\system32\drivers\mrxdav.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 mssmbios (Microsoft System Management BIOS Driver) - c:\windows\system32\drivers\mssmbios.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NdisTapi (Remote Access NDIS TAPI Driver) - c:\windows\system32\drivers\ndistapi.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Ndisuio (NDIS Usermode I/O Protocol) - c:\windows\system32\drivers\ndisuio.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NdisWan (Remote Access NDIS WAN Driver) - c:\windows\system32\drivers\ndiswan.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers\ndproxy.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NIC1394 (1394 Net Driver) - c:\windows\system32\drivers\nic1394.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 nv - c:\windows\system32\drivers\nv4_mini.sys <Verified; NVIDIA Corporation; NVIDIA Compatible Windows 2000 Miniport Driver, Version 82.08>
R3 NVENETFD (NVIDIA nForce Networking Controller Driver) - c:\windows\system32\drivers\nvenetfd.sys <Verified; NVIDIA Corporation; NVENETFD>
R3 nvnetbus (NVIDIA Network Bus Enumerator) - c:\windows\system32\drivers\nvnetbus.sys <Verified; NVIDIA Corporation; NVNETBUS>
R3 PptpMiniport (WAN Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Ps2 - c:\windows\system32\drivers\ps2.sys <Verified; Hewlett-Packard Company; Hewlett-Packard Company PS2 SYS>
R3 PSched (QoS Packet Scheduler) - c:\windows\system32\drivers\psched.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Ptilink (Direct Parallel Link Driver) - c:\windows\system32\drivers\ptilink.sys <Verified; Parallel Technologies, Inc.; Microsoft® Windows® Operating System>
R3 Rasl2tp (WAN Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 RasPppoe (Remote Access PPPOE Driver) - c:\windows\system32\drivers\raspppoe.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Raspti (Direct Parallel) - c:\windows\system32\drivers\raspti.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 rdpdr (Terminal Server Device Redirector Driver) - c:\windows\system32\drivers\rdpdr.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Srv - c:\windows\system32\drivers\srv.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 swenum (Software Bus Driver) - c:\windows\system32\drivers\swenum.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 sysaudio (Microsoft Kernel System Audio Device) - c:\windows\system32\drivers\sysaudio.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Update (Microcode Update Driver) - c:\windows\system32\drivers\update.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - c:\windows\system32\drivers\usbehci.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbhub (Microsoft USB Standard Hub Driver) - c:\windows\system32\drivers\usbhub.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbohci (Microsoft USB Open Host Controller Miniport Driver) - c:\windows\system32\drivers\usbohci.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbstor (USB Mass Storage Driver) - c:\windows\system32\drivers\usbstor.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Wanarp (Remote Access IP ARP Driver) - c:\windows\system32\drivers\wanarp.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys <Verified; America Online, Inc.; Wan Miniport (ATW)>
R3 wdmaud (Microsoft WINMM WDM Audio Compatibility Driver) - c:\windows\system32\drivers\wdmaud.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 winachsx - c:\windows\system32\drivers\hsx_cnxt.sys <Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
R4 Cdfs - c:\windows\system32\drivers\cdfs.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Fastfat - c:\windows\system32\drivers\fastfat.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Ntfs - c:\windows\system32\drivers\ntfs.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

S0 ftsata2 - c:\windows\system32\drivers\ftsata2.sys (file missing)
S1 Cdaudio - c:\windows\system32\drivers\cdaudio.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 Fdc - c:\windows\system32\drivers\fdc.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 Flpydisk - c:\windows\system32\drivers\flpydisk.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 Processor (Processor Driver) - c:\windows\system32\drivers\processr.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 Sfloppy - c:\windows\system32\drivers\sfloppy.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S2 Serial - c:\windows\system32\drivers\serial.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 aec (Microsoft Kernel Acoustic Echo Canceller) - c:\windows\system32\drivers\aec.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 arhidfltr (MS Ar HID Filter Driver) - c:\windows\system32\drivers\arhidfltr.sys <Verified; Microsoft Corporation; Microsoft AR Human Interface Device Filter Driver>
S3 AsyncMac (RAS Asynchronous Media Driver) - c:\windows\system32\drivers\asyncmac.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Atmarpc (ATM ARP Client Protocol) - c:\windows\system32\drivers\atmarpc.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 DMusic (Microsoft Kernel DLS Syntheiszer) - c:\windows\system32\drivers\dmusic.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 drmkaud (Microsoft Kernel DRM Audio Descrambler) - c:\windows\system32\drivers\drmkaud.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Ip6Fw (IPv6 Windows Firewall Driver) - c:\windows\system32\drivers\ip6fw.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IpFilterDriver (IP Traffic Filter Driver) - c:\windows\system32\drivers\ipfltdrv.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IpInIp (IP in IP Tunnel Driver) - c:\windows\system32\drivers\ipinip.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IRENUM (IR Enumerator Service) - c:\windows\system32\drivers\irenum.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 MEMSWEEP2 - c:\windows\system32\3.tmp (file missing)
S3 MHNDRV (MHN driver) - c:\windows\system32\drivers\mhndrv.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 MSKSSRV (Microsoft Streaming Service Proxy) - c:\windows\system32\drivers\mskssrv.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 MSPCLOCK (Microsoft Streaming Clock Proxy) - c:\windows\system32\drivers\mspclock.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 MSPQM (Microsoft Streaming Quality Manager Proxy) - c:\windows\system32\drivers\mspqm.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NwlnkFlt (IPX Traffic Filter Driver) - c:\windows\system32\drivers\nwlnkflt.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NwlnkFwd (IPX Traffic Forwarder Driver) - c:\windows\system32\drivers\nwlnkfwd.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Parport (Parallel port driver) - c:\windows\system32\drivers\parport.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 PCAMPR5 (PCAMPR5 NDIS Protocol Driver) - c:\windows\system32\pcampr5.sys (file missing)
S3 RDPWD - c:\windows\system32\drivers\rdpwd.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 rtl8139 (Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver) - c:\windows\system32\drivers\rtl8139.sys <Verified; Realtek Semiconductor Corporation; Realtek RTL8139 Family Fast Ethernet Adapter>
S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Verified; SUPERAdBlocker.com and SUPERAntiSpyware.com; SUPERAntiSpyware>
S3 splitter (Microsoft Kernel Audio Splitter) - c:\windows\system32\drivers\splitter.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 swmidi (Microsoft Kernel GS Wavetable Synthesizer) - c:\windows\system32\drivers\swmidi.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 TDPIPE - c:\windows\system32\drivers\tdpipe.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 TDTCP - c:\windows\system32\drivers\tdtcp.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 TVICHW32 - c:\windows\system32\drivers\tvichw32.sys <Not Verified; EnTech Taiwan; TVicHW32 Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64>
S3 usb_rndisx (USB RNDIS Adapter) - c:\windows\system32\drivers\usb8023x.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 usbccgp (Microsoft USB Generic Parent Driver) - c:\windows\system32\drivers\usbccgp.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 usbprint (Microsoft USB PRINTER Class) - c:\windows\system32\drivers\usbprint.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 usbuhci (Microsoft USB Universal Host Controller Miniport Driver) - c:\windows\system32\drivers\usbuhci.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 wceusbsh (Windows CE USB Serial Host Driver) - c:\windows\system32\drivers\wceusbsh.sys <Verified; Microsoft Corporation; Windows CE USB Serial Host Driver>
S3 WpdUsb - c:\windows\system32\drivers\wpdusb.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WudfRd (Windows Driver Foundation - User-mode Driver Framework Reflector) - c:\windows\system32\drivers\wudfrd.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ACPIEC - c:\windows\system32\drivers\acpiec.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 cbidf2k - c:\windows\system32\drivers\cbidf2k.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 dmboot - c:\windows\system32\drivers\dmboot.sys <Verified; Microsoft Corp., Veritas Software; VERITAS® NT Disk Manager>
S4 intelppm (Intel Processor Driver) - c:\windows\system32\drivers\intelppm.sys (file missing)
S4 ParVdm - c:\windows\system32\drivers\parvdm.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 Pcmcia - c:\windows\system32\drivers\pcmcia.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 spcstb - c:\windows\system32\drivers\spcstb.sys (file missing)
S4 Udfs - c:\windows\system32\drivers\udfs.sys <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 aawservice (Ad-Aware 2007 Service) - "c:\program files\lavasoft\ad-aware 2007\aawservice.exe" <Verified; Lavasoft; Ad-Aware 2007 Service>
R2 Alerter - c:\windows\system32\svchost.exe -k localservice <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 AOL ACS (AOL Connectivity Service) - "c:\program files\common files\aol\acs\aolacsd.exe" <Verified; AOL LLC; AOL Connectivity Service>
R2 AOL TopSpeedMonitor (AOL TopSpeed Monitor) - c:\program files\common files\aol\topspeed\2.0\aoltsmon.exe <Verified; America Online, Inc; AOL TopSpeed™ Monitor>
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 ARSVC - c:\windows\arservice.exe <Verified; Microsoft; ARSVC Application>
R2 AudioSrv (Windows Audio) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 BITS (Background Intelligent Transfer Service) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Browser (Computer Browser) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Creative Service for CDROM Access - c:\windows\system32\ctsvccda.exe <Not Verified; Creative Technology Ltd; Creative Service for CDROM Access>
R2 CryptSvc (Cryptographic Services) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 DcomLaunch (DCOM Server Process Launcher) - c:\windows\system32\svchost -k dcomlaunch <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Dhcp (DHCP Client) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 dmserver (Logical Disk Manager) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 ehRecvr (Media Center Receiver Service) - c:\windows\ehome\ehrecvr.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 ehSched (Media Center Scheduler Service) - c:\windows\ehome\ehsched.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Eventlog (Event Log) - c:\windows\system32\services.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 helpsvc (Help and Support) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 KService - "c:\program files\kontiki\kservice.exe"
R2 lanmanserver (Server) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 lanmanworkstation (Workstation) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 LmHosts (TCP/IP NetBIOS Helper) - c:\windows\system32\svchost.exe -k localservice <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 McrdSvc (Media Center Extender Service) - c:\windows\ehome\mcrdsvc.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 MDM (Machine Debug Manager) - "c:\program files\common files\microsoft shared\vs7debug\mdm.exe" <Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
R2 NVSvc (NVIDIA Display Driver Service) - c:\windows\system32\nvsvc32.exe <Verified; NVIDIA Corporation; NVIDIA Driver Helper Service, Version 82.08>
R2 PlugPlay (Plug and Play) - c:\windows\system32\services.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Pml Driver HPZ12 - c:\windows\system32\hpzipm12.exe <Verified; HP; HP PML>
R2 PolicyAgent (IPSEC Services) - c:\windows\system32\lsass.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 ProtectedStorage (Protected Storage) - c:\windows\system32\lsass.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 RasAuto (Remote Access Auto Connection Manager) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 RemoteRegistry (Remote Registry) - c:\windows\system32\svchost.exe -k localservice <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 RpcSs (Remote Procedure Call (RPC)) - c:\windows\system32\svchost -k rpcss <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SamSs (Security Accounts Manager) - c:\windows\system32\lsass.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Schedule (Task Scheduler) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 seclogon (Secondary Logon) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SENS (System Event Notification) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SharedAccess (Windows Firewall/Internet Connection Sharing (ICS)) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 ShellHWDetection (Shell Hardware Detection) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 spidernt (SpIDer Guard for Windows NT) - c:\progra~1\drweb\spidernt.exe <Verified; Doctor Web, Ltd.; Dr.Web ® for Windows>
R2 Spooler (Print Spooler) - c:\windows\system32\spoolsv.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 srservice (System Restore Service) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SSDPSRV (SSDP Discovery Service) - c:\windows\system32\svchost.exe -k localservice <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Themes - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 TrkWks (Distributed Link Tracking Client) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 upnphost (Universal Plug and Play Device Host) - c:\windows\system32\svchost.exe -k localservice <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 vsmon (TrueVector Internet Monitor) - c:\windows\system32\zonelabs\vsmon.exe -service <Verified; Zone Labs, LLC; TrueVector Service>
R2 W32Time (Windows Time) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 WebClient - c:\windows\system32\svchost.exe -k localservice <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 winmgmt (Windows Management Instrumentation) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 wscsvc (Security Center) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 wuauserv (Automatic Updates) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 WudfSvc (Windows Driver Foundation - User-mode Driver Framework) - c:\windows\system32\svchost.exe -k wudfservicegroup <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 WZCSVC (Wireless Zero Configuration) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 ALG (Application Layer Gateway Service) - c:\windows\system32\alg.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 COMSysApp (COM+ System Application) - c:\windows\system32\dllhost.exe /processid:{02d4b3f1-fd88-11d1-960d-00805fc79235} <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 EventSystem (COM+ Event System) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 FastUserSwitchingCompatibility (Fast User Switching Compatibility) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 iPod Service - "c:\program files\ipod\bin\ipodservice.exe" <Verified; Apple Inc.; iTunes>
R3 Netman (Network Connections) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Nla (Network Location Awareness (NLA)) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 RasMan (Remote Access Connection Manager) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 TapiSrv (Telephony) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 TermService (Terminal Services) - c:\windows\system32\svchost -k dcomlaunch <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

S2 SansaService (Sansa Updater Service) - c:\program files\sandisk\sansa updater\sansasvr.exe
S3 AppMgmt (Application Management) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 aspnet_state (ASP.NET State Service) - c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe <Verified; Microsoft Corporation; Microsoft® .NET Framework>
S3 CiSvc (Indexing Service) - c:\windows\system32\cisvc.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 clr_optimization_v2.0.50727_32 (.NET Runtime Optimization Service v2.0.50727_X86) - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe <Verified; Microsoft Corporation; Microsoft® .NET Framework>
S3 dmadmin (Logical Disk Manager Administrative Service) - c:\windows\system32\dmadmin.exe /com <Verified; Microsoft Corp., Veritas Software; Logical Disk Manager for Windows NT>
S3 Dnscache (DNS Client) - c:\windows\system32\svchost.exe -k networkservice <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 FontCache3.0.0.0 (Windows Presentation Foundation Font Cache 3.0.0.0) - c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 HTTPFilter (HTTP SSL) - c:\windows\system32\svchost.exe -k httpfilter <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IDriverT (InstallDriver Table Manager) - "c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe" <Not Verified; Macrovision Corporation; InstallShield ®>
S3 idsvc (Windows CardSpace) - "c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe" <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
S3 ImapiService (IMAPI CD-Burning COM Service) - c:\windows\system32\imapi.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 MHN - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 mnmsrvc (NetMeeting Remote Desktop Sharing) - c:\windows\system32\mnmsrvc.exe <Verified; Microsoft Corporation; Windows® NetMeeting®>
S3 MSIServer (Windows Installer) - c:\windows\system32\msiexec.exe /v <Verified; Microsoft Corporation; Windows Installer - Unicode>
S3 Netlogon (Net Logon) - c:\windows\system32\lsass.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NtLmSsp (NT LM Security Support Provider) - c:\windows\system32\lsass.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NtmsSvc (Removable Storage) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RDSessMgr (Remote Desktop Help Session Manager) - c:\windows\system32\sessmgr.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RpcLocator (Remote Procedure Call (RPC) Locator) - c:\windows\system32\locator.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RSVP (QoS RSVP) - c:\windows\system32\rsvp.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 SCardSvr (Smart Card) - c:\windows\system32\scardsvr.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 stisvc (Windows Image Acquisition (WIA)) - c:\windows\system32\svchost.exe -k imgsvc <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 SwPrv (MS Software Shadow Copy Provider) - c:\windows\system32\dllhost.exe /processid:{8da84759-6c62-4695-9db6-4789d64faf43} <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 SysmonLog (Performance Logs and Alerts) - c:\windows\system32\smlogsvc.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 UPS (Uninterruptible Power Supply) - c:\windows\system32\ups.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 VSS (Volume Shadow Copy) - c:\windows\system32\vssvc.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WmdmPmSN (Portable Media Serial Number Service) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Wmi (Windows Management Instrumentation Driver Extensions) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WmiApSrv (WMI Performance Adapter) - c:\windows\system32\wbem\wmiapsrv.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WMPNetworkSvc (Windows Media Player Network Sharing Service) - "c:\program files\windows media player\wmpnetwk.exe" <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 xmlprov (Network Provisioning Service) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ClipSrv (ClipBook) - c:\windows\system32\clipsrv.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ERSvc (Error Reporting Service) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 HidServ (Human Interface Device Access) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 Messenger - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 NetDDE (Network DDE) - c:\windows\system32\netdde.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 NetDDEdsdm (Network DDE DSDM) - c:\windows\system32\netdde.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 NetTcpPortSharing (Net.Tcp Port Sharing Service) - "c:\windows\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe" <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
S4 RemoteAccess (Routing and Remote Access) - c:\windows\system32\svchost.exe -k netsvcs <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 TlntSvr (Telnet) - c:\windows\system32\tlntsvr.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- End of Deckard's System Scanner: finished at 2008-06-17 07:51:55 ------------
  • 0

#60
kelkay
Posted 17 June 2008 - 06:54 AM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.

FW: Norton Internet Worm Protection v2006 (Symantec) Disabled
FW: ZoneAlarm Pro Firewall v7.0.470.000 (Check Point, LTD.)
AV: Doctor Web Anti-Virus v4.44.4.03250 (Doctor Web, Ltd.)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"="C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe:*:Enabled:Updates from HP"
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"="C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe:*:Enabled:Earthlink"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Application Loader"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe:*:Enabled:AOLTsMon"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe:*:Enabled:AOLTopSpeed"
"C:\\Program Files\\Common Files\\AOL\\1164757353\\EE\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1164757353\\EE\\AOLServiceHost.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"="C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"="C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0a\\waol.exe"="C:\\Program Files\\America Online 9.0a\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe:*:Enabled:AOL"
"C:\\Program Files\\Paltalk Messenger\\paltalk.exe"="C:\\Program Files\\Paltalk Messenger\\paltalk.exe:*:Enabled:Paltalk 9 beta"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe"="C:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe:*:Enabled:Zoo Tycoon 2 Executable"
"C:\\Program Files\\Common Files\\AOL\\1164757353\\EE\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1164757353\\EE\\aolsoftware.exe:*:Enabled:AOL Shared Components"
"C:\\Program Files\\kontiki\\KService.exe"="C:\\Program Files\\kontiki\\KService.exe:*:Enabled:Delivery Manager Service"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe:*:Enabled:AOL TopSpeed"
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe:*:Enabled:MySpaceIM"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"


-- User Profiles ---------------------------------------------------------------

Kelly (admin)
Kayla
Kyle
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\BZEdit1.6.5TankGame\uninstall.exe"
--> "C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /nolog/l0x0009
--> "C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /nolog/l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /nolog/l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /nolog/l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /nolog/l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MTP_U\Setup.exe" /remove /nolog/l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MUSICPLAYER_MSS_U\Setup.exe" /remove /nolog/l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_NOMADJUKEBOXTYPE2_U\Setup.exe" /remove /nolog/l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /nolog/l0x0009
--> "C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /nolog/l0x0009
--> C:\PROGRA~1\SBCSEL~1\CustomUninstall.exe SBC
--> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNNMP.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8DF9BF77-7E10-4973-965E-3B7013ABEA6D}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8DF9BF77-7E10-4973-965E-3B7013ABEA6D}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A0B5225-B59B-4D72-B3FE-71AAA693A8E2}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A0B5225-B59B-4D72-B3FE-71AAA693A8E2}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C029DB0E-C59F-417A-90F8-88FD5B2C4AE7}\setup.exe" -l0x9
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.57 --> "C:\Program Files\7-Zip\Uninstall.exe"
Active Ports --> C:\WINDOWS\unvise32.exe C:\Program Files\Active Ports\uninstal.log
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
AOL Coach Version 2.0(Build:20041026.5 en) --> C:\Program Files\Common Files\AolCoach\en_en\AolCInUn.exe -lang=en_en -ext=UDP
AOL Toolbar --> "C:\Program Files\AOL Toolbar\UNWISE.EXE" /u "C:\Program Files\AOL Toolbar\INSTALL.LOG"
AOL Uninstaller (Choose which Products to Remove) --> C:\Program Files\Common Files\AOL\uninstaller.exe
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
ArcSoft PhotoImpression 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{069364A0-8F64-4691-8719-B3CC728BFD6C}\Setup.exe" -l0x9
ArcSoft PhotoPrinter 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65D30520-CFB9-4E46-A101-68C0AADAE40C}\Setup.exe" -l0x9
Ashampoo Burning Studio 2007 --> "C:\Program Files\Ashampoo\Ashampoo Burning Studio 2007\Uninstall\1010_Uninstall.EXE"
Ashampoo Burning Studio 5 --> "C:\Program Files\Ashampoo\Ashampoo Burning Studio 5\Uninstall\BS5_Uninstall.EXE"
Ashampoo Burning Studio 6 --> "C:\Program Files\Ashampoo\Ashampoo Burning Studio 6\Uninstall\BS6_Uninstall.EXE"
Ashampoo Music Studio 3 --> "C:\Program Files\Ashampoo\Ashampoo Music Studio 3\Uninstall\0230_Uninstall.EXE"
Ashampoo PowerUP XP Platinum 2 --> C:\Program Files\Ashampoo\Ashampoo PowerUp XP Platinum 2\Uninstall\PowerUp_Uninstall.EXE
Ashampoo WinOptimizer Platinum 3 --> "C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\Uninstall\WOP3_Uninstall.exe"
AT&T Self Support Tool --> C:\WINDOWS\Motive\SBC\MCCUninst.exe
Audacity 1.2.6 --> "C:\Program Files\Audacity\unins000.exe"
AudibleManager --> C:\Program Files\Audible\Bin\Upgrade.exe /Uninstall
Camp Funshine: Carrie the Caregiver 3 --> C:\PROGRA~1\SHOCKW~1.COM\CAMPFU~1\UNWISE.EXE C:\PROGRA~1\SHOCKW~1.COM\CAMPFU~1\INSTALL.LOG
Career Direct --> C:\PROGRA~1\CAREER~1\UNWISE.EXE C:\PROGRA~1\CAREER~1\INSTALL.LOG
CCleaner (remove only) --> "C:\Program Files\CCleaner137\uninst.exe"
Click'N Design 3D (V5) --> C:\PROGRA~1\CLICK'~1\UNWISE.EXE C:\PROGRA~1\CLICK'~1\INSTALL.LOG
Coffee Rush --> C:\PROGRA~1\SHOCKW~1.COM\COFFEE~1\UNWISE.EXE C:\PROGRA~1\SHOCKW~1.COM\COFFEE~1\INSTALL.LOG
Creative MediaSource 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x9 /remove
Creative Removable Disk Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9 /remove
Creative System Information --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
Creative ZEN Vision M Series --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{31C44235-A613-4E95-B297-207BF6C6A8C1}\SETUP.EXE" -l0x9 /remove
Data Fax SoftModem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\HXFSETUP.EXE -U -ITrx200Ck.inf
DiskTools ImageMaker 1.1 Version 1.1 --> "C:\Program Files\DiskTools\ImageMaker\unins000.exe"
Dr.Web --> C:\Program Files\InstallShield Installation Information\{BBE2F69C-4338-11D7-8F0C-00A0244F4E2D}\setup.exe -runfromtemp -l0x0009 -removeonly
DropMyRights --> MsiExec.exe /I{E5B72007-07C9-4E67-B29E-696073F45704}
DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
e-Sword --> MsiExec.exe /I{87791AF4-4D4C-43DC-97BF-05EEEE5187F2}
Enhanced Multimedia Keyboard Solution --> C:\HP\KBD\Install.exe /u
Error Messages for Windows --> C:\WINDOWS\SDUnInst.exe c:\program files\software by design\mswinerr.uni
Fish Tycoon --> "C:\Program Files\Oberon Media\Fish Tycoon\Uninstall.exe" "C:\Program Files\Oberon Media\Fish Tycoon\install.log"
Free CD to MP3 Converter --> C:\PROGRA~1\CDTOMP~1\UNWISE.EXE C:\PROGRA~1\CDTOMP~1\INSTALL.LOG
Google Earth --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly
Google Video Player --> "C:\Program Files\Google\Google Video Player\Uninstall.exe"
GTK+ 2.10.13 runtime environment --> "C:\Program Files\Common Files\GTK\2.0\setup\unins000.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Internet Explorer 7 (KB947864) --> "C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157) -->
Hotfix for Windows XP (KB888795) -->
Hotfix for Windows XP (KB891593) -->
Hotfix for Windows XP (KB895961) -->
Hotfix for Windows XP (KB899337) -->
Hotfix for Windows XP (KB899510) -->
Hotfix for Windows XP (KB902841) -->
HP Boot Optimizer --> MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP Customer Participation Program 7.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP DigitalMedia Archive --> MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920}
HP DVD Play 2.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart and Deskjet 7.0 Software --> C:\Program Files\HP\Digital Imaging\{D2A3C9D5-0B56-4656-8277-7EDC65D62B6E}\setup\hpzscr01.exe -datfile hphscr12.dat -showdisconnect -forcereboot
HP Photosmart Essential --> MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
HP Photosmart for Media Center PC --> c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
HP Photosmart Premier Software 6.5 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Solution Center 7.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update --> MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP Web Helper --> regsvr32 /u /s "C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll"
IObit SmartDefrag Beta1.1 --> "C:\Program Files\IObit\IObit SmartDefrag\unins000.exe"
iTunes --> MsiExec.exe /I{9F70BF98-003C-491D-81FC-FF9792206AF0}
iVocalize Web Conference 4 --> rundll32 C:\WINDOWS\system32\iv4.dll,uninstall
Java™ 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java™ 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java™ 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
JGsoft EditPad Lite 6.2.1 --> C:\WINDOWS\UnDeploy.exe "C:\Program Files\JGsoft\EditPadLite\Deploy.log"
Lame ACM MP3 Codec --> C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
Legacy 6.0 --> C:\Legacy\UNWISE.EXE /U C:\Legacy\Install.log
Logitech MouseWare 9.79 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.exe" -l0x9 -l0009 UNINSTALL
Malware Immunizer 1.5 --> C:\PROGRA~1\MALWAR~1\MI.exe /remove /q0
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Media Center Karaoke Plug-in --> MsiExec.exe /I{348054A0-6F9A-4EF9-BBB0-827C14C20D86}
MediaCoder 0.5.1 --> C:\Program Files\MediaCoder\uninst.exe
MediaMonkey 2.5 --> "C:\Program Files\MediaMonkey\unins000.exe"
Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 Hotfix (KB928366) --> "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 2.0 Service Pack 1 --> MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1 --> MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft ActiveSync --> MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Age of Empires II --> "C:\Program Files\Microsoft Games\Age of Empires II\UNINSTAL.EXE" /runtemp /uninstall
Microsoft Age of Empires II: The Conquerors Expansion --> "C:\Program Files\Microsoft Games\Age of Empires II\UNINSTALX.EXE" /runtemp /addremove
Microsoft Away Mode -->
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs --> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs --> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Outlook 2002 --> MsiExec.exe /I{911A0409-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Moodflow.com Inspirational Screen Saver --> sstunst3.exe Moodflow.com Inspirational
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
muvee autoProducer 5.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB4740B3-2530-452D-A825-F7AB246CA7DF}\setup.exe" -l0x9
muvee autoProducer unPlugged 2.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FDD0538-C67A-4F67-B3F8-09D1AAF04D99}\setup.exe" -l0x9
Napster --> C:\Program Files\InstallShield Installation Information\{BBBCAE4B-B416-4182-A6F2-438180894A81}\setup.exe -runfromtemp -l0x0009 -removeonly
Napster Burn Engine --> MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}
Napster Label Creator --> MsiExec.exe /X{16FD907B-FA72-4F3C-B959-E076C8238F80}
Navilog1 3.5.7 --> "C:\Program Files\Navilog1\unins000.exe"
Nero Suite --> C:\Program Files\Common Files\Nero\Uninstall\setupx.exe /uninstall ExtraUninstallID=""
NVIDIA Drivers --> C:\WINDOWS\system32\nvunrm.exe UninstallGUI
OMN --> MsiExec.exe /X{65150683-D155-485A-A037-690087DE2271}
OpenOffice.org 2.3 --> MsiExec.exe /I{83C03FBE-4492-4133-BBAB-421CD88ADA32}
OpenTalk v3.20 --> "C:\Program Files\OpenTalk\unins000.exe"
Otto --> "C:\Program Files\EnglishOtto\uninstallotto.exe"
PaltalkScene --> "C:\WINDOWS\Paltalk Messenger\uninstall.exe" "/U:C:\Program Files\Paltalk Messenger\irunin.xml"
PC-Doctor 5 for Windows --> C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
PortPeeker --> "C:\Program Files\PortPeeker\unins000.exe"
Python 2.2 pywin32 extensions (build 203) --> "C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickTime --> MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
REA's TESTware for CLEP Western Civilization I --> MsiExec.exe /I{1FCD61C5-E3A9-4B11-8651-ED29B35C1B9E}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
Registry Mechanic 6.0 --> "C:\Program Files\Registry Mechanic\unins000.exe"
RootsMagic 3.2.5.0 --> "C:\Program Files\RootsMagic\unins000.exe"
Samsung Digital Camera --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B79684C-6DAC-438C-8F30-10DF65C2068F}\Setup.exe"
Samsung Master --> C:\Program Files\InstallShield Installation Information\{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}\Setup.exe -runfromtemp -l0x0009 -removeonly
Sansa Media Converter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2A0F8F4-CE50-4857-A21C-3061682B2E87}\Setup.exe" -l0x9
Sansa Updater --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E2D7E05E-C8C7-45F4-8D89-D6696075E0B7}\setup.exe" -l0x9 -removeonly
SeaMonkey (1.1.9) --> C:\WINDOWS\SeaMonkeyUninstall.exe /ua "1.1.9 (en)"
Security Update for Windows Internet Explorer 7 (KB928090) --> "C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB929969) --> "C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB931768) --> "C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566) --> "C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143) --> "C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127) --> "C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653) --> "C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615) --> "C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533) --> "C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759) --> "C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
SelectSoft Championship Chess --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{871EFABF-ED09-42A0-8C4C-000000000027}\Setup.exe"
Sophos Anti-Rootkit 1.3.1 --> C:\Program Files\Sophos\Sophos Anti-Rootkit\helper.exe remove
SpeedFan (remove only) --> "C:\Program Files\SpeedFan\uninstall.exe"
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins001.exe"
Spybot - Search & Destroy 1.5.2.20 --> "C:\WINDOWS\unins000.exe"
SpywareBlaster 4.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
SpywareGuard v2.2 --> "C:\Program Files\SpywareGuard\unins000.exe"
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
SureThing CD Labeler --> C:\WINDOWS\MVUNINST\App1\unwise.exe C:\WINDOWS\MVUNINST\APP1\INSTALL.LOG "SureThing CD Labeler Uninstall"
The GIMP 2.2.17 --> "C:\Program Files\GIMP-2.0\unins000.exe"
The Sims Deluxe Edition --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10798AE3-DCBB-43C3-9C93-C23512427E25}\setup.exe" -l0009
TheSage --> "C:\Program Files\TheSage\uninstall.exe"
Time Zone Data Update Tool for Microsoft Office Outlook --> MsiExec.exe /X{95120000-0038-0409-0000-0000000FF1CE}
Traces Viewer --> "C:\Program Files\Traces Viewer\unins000.exe"
Unreal Streaming Media Player v 4.0 --> MsiExec.exe /I{ECB9FA96-3E03-411A-AFDB-1FC4686E5099}
Update Rollup 2 for Windows XP Media Center Edition 2005 -->
Updates from HP (remove only) --> C:\WINDOWS\HPCPCUninstall-9972322\HPBWSetup.exe -appid 9972322 -uninstall
WebFerret --> C:\WINDOWS\WebFerretUninstall.exe C:\Program Files\FerretSoft\WebFerret
Windows Genuine Advantage Notifications (KB905474) -->
Windows Genuine Advantage Validation Tool (KB892130) -->
Windows Genuine Advantage Validation Tool (KB892130) -->
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 7 --> "C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Media Format 11 runtime --> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11 --> "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11 --> "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Mobile Daylight Saving Time 2007 Updates --> MsiExec.exe /X{AB46C238-3554-4D79-AB06-C393F87FF202}
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
WinUpdatesList --> C:\WINDOWS\zipinst.exe /uninst "C:\Program Files\WinUpdatesList\uninst1~.nsu"
WordWeb --> C:\Program Files\WordWeb\uninst.exe
XML Paper Specification Shared Components Pack 1.0 -->
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe
ZENcast Organizer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C029DB0E-C59F-417A-90F8-88FD5B2C4AE7}\setup.exe" -l0x9 /remove
ZMatrix 1.5.2 --> "C:\Program Files\ZMatrix\unins000.exe"
ZoneAlarm Pro --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
Zoo Tycoon 2 --> "C:\Program Files\Microsoft Games\Zoo Tycoon 2\UNINSTAL.EXE" /runtemp /uninstall
ZVUE Portable MP3 Player --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{05698A5C-23A7-4EC2-945C-66F1F0DE4856}\setup.exe" -l0x9


-- End of Deckard's System Scanner: finished at 2008-06-17 07:51:55 ------------
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP