Thread: adware - Searchcolors
View Single Post
Old 02-27-2007, 08:16 AM   #3 (permalink)
steve2603
Registered User
 
Join Date: Feb 2007
Posts: 18
OS: xp pro


comboscab txt..
ComboScan v20070226.18 run by Steve Byars on 2007-02-27 at 10:10:52
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Successfully created restore point.
Performed disk cleanup.


-- HijackThis (run as Steve Byars.exe) ------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 10:11:55 AM, on 27-Feb-07
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Acronis\TrueImageWorkstation\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageWorkstation\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\PROGRA~1\McAfee\MSC\mctskshd.exe
C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe
C:\Program Files\ImagePrint\spool\mux\muxd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\EPSON\EPSON LFP Remote Panel\Printer Watcher\Printer Watcher.exe
C:\Program Files\X-Rite\PULSE ColorElite\PulseLaunch.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SiteAdvisor\6028\SAService.exe
C:\WINDOWS\system32\svchost.exe
c:\progra~1\common~1\instal~1\update~1\isuspm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\SiteAdvisor\6028\SiteAdv.exe
C:\Downloads\comboscan.exe
C:\PROGRA~1\HIJACK~1\Steve Byars.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: 62.189.6.78 _sip._tls.sip1.callserve.com
O1 - Hosts: 62.189.6.78 _sip._ssl.sip1.callserve.com
O1 - Hosts: 62.189.6.79 _sip._tls.sip2.callserve.com
O1 - Hosts: 62.189.6.79 _sip._ssl.sip2.callserve.com
O1 - Hosts: 62.189.6.85 _sip._tls.sip5.phoneserve.com
O1 - Hosts: 62.189.6.85 _sip._ssl.sip5.phoneserve.com
O1 - Hosts: 62.189.6.86 _sip._tls.sip6.phoneserve.com
O1 - Hosts: 62.189.6.86 _sip._ssl.sip6.phoneserve.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O2 - BHO: (no name) - {38605018-0D69-4458-842B-9185938459B4} - (no file)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll
O2 - BHO: (no name) - {4C9A6BF9-BCC2-461B-9C11-AA0F3983866A} - C:\WINDOWS\system32\pmkhi.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - c:\program files\mcafee\mps\mcpopup.dll
O2 - BHO: (no name) - {D7B374C3-8DED-4CB1-820B-413FF0C71FC6} - C:\WINDOWS\system32\qomkijk.dll
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - C:\WINDOWS\system32\mhtqxhhb.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Document Manager] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [EPSON Stylus Pro 9800 (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S5I0P2.EXE /P30 "EPSON Stylus Pro 9800 (Copy 1)" /O6 "USB002" /M "Stylus Pro 9800"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageWorkstation\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageWorkstation\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [HPWUTOOLBOX] C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe "-i"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CBSpoolDaemon] "C:\Program Files\ImagePrint\spool\mux\muxd.exe"
O4 - HKLM\..\Run: [Windows Systems16] C:\WINDOWS\system32\winjews16.exe
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\vebbamba.dll",setvm
O4 - HKLM\..\RunServices: [Windows Systems16] C:\WINDOWS\system32\winjews16.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: EMBASSY Trust Suite Secure Update.lnk = C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
O4 - Global Startup: MonacoGamma.lnk = C:\Program Files\X-Rite\Tools\MonacoGamma\MonacoGamma.exe
O4 - Global Startup: MonacoReminder.lnk = ?
O4 - Global Startup: Monitor Reminder.lnk = ?
O4 - Global Startup: Printer Watcher.lnk = C:\Program Files\EPSON\EPSON LFP Remote Panel\Printer Watcher\Printer Watcher.exe
O4 - Global Startup: PULSELaunch.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - https://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...66/mcfscan.cab
O18 - Protocol: bw+0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {5B6EB715-B221-4173-8E19-7955C059BC2C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O20 - AppInit_DLLs: wxvault.dll
O20 - Winlogon Notify: pmkhi - C:\WINDOWS\system32\pmkhi.dll
O20 - Winlogon Notify: qomkijk - C:\WINDOWS\SYSTEM32\qomkijk.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: McAfee Application Installer Cleanup (0082331172587804) (0082331172587804mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\008233~1.EXE (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Broadcom ASF IP Monitor (ASFIPmon) - Unknown owner - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe" -service (file missing)
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6028\SAService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe


-- File Associations ------------------------------------------------------------

.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ----------------------

4S agpCPQ (Compaq AGP Bus Filter) - C:\WINDOWS\system32\drivers\AGPCPQ.SYS
4S alim1541 (ALI AGP Bus Filter) - C:\WINDOWS\system32\drivers\ALIM1541.SYS
4S amdagp (AMD AGP Bus Filter Driver) - C:\WINDOWS\system32\drivers\AMDAGP.SYS
3R Arp1394 (1394 ARP Client Protocol) - C:\WINDOWS\system32\drivers\arp1394.sys
2R Aspi32 - C:\WINDOWS\system32\drivers\ASPI32.SYS
3R atmeltpm - C:\WINDOWS\system32\drivers\atmeltpm.sys
3R b57w2k (Broadcom NetXtreme Gigabit Ethernet) - C:\WINDOWS\system32\drivers\b57xp32.sys
2R BASFND - C:\Program Files\Broadcom\ASFIPMon\BASFND.sys
4S cbidf - C:\WINDOWS\system32\drivers\cbidf2k.sys
2R CBN - C:\WINDOWS\system32\drivers\CBN.SYS
3R CBUSB (MARX CryptoTech LP) - C:\WINDOWS\system32\drivers\CBUSB.sys
3S CCDECODE (Closed Caption Decoder) - C:\WINDOWS\system32\drivers\CCDECODE.sys
4S dac2w2k - C:\WINDOWS\system32\drivers\dac2w2k.sys
2R DLABOIOM - C:\WINDOWS\system32\DLA\DLABOIOM.SYS
1R DLACDBHM - C:\WINDOWS\system32\drivers\DLACDBHM.SYS
2R DLADResN - C:\WINDOWS\system32\DLA\DLADResN.SYS
2R DLAIFS_M - C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
2R DLAOPIOM - C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
2R DLAPoolM - C:\WINDOWS\system32\DLA\DLAPoolM.SYS
1R DLARTL_N - C:\WINDOWS\system32\drivers\DLARTL_N.SYS
2R DLAUDFAM - C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
2R DLAUDF_M - C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
0R DRVMCDB - C:\WINDOWS\system32\drivers\DRVMCDB.SYS
2R DRVNDDM - C:\WINDOWS\system32\drivers\DRVNDDM.SYS
3S E100B (Intel(R) PRO Adapter Driver) - C:\WINDOWS\system32\drivers\e100b325.sys
3R GEARAspiWDM - C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
3R HDAudBus (Microsoft UAA Bus Driver for High Definition Audio) - C:\WINDOWS\system32\drivers\Hdaudbus.sys
3S HidBatt (HID UPS Battery Driver) - C:\WINDOWS\system32\drivers\hidbatt.sys
3R HidUsb (Microsoft HID Class Driver) - C:\WINDOWS\system32\drivers\hidusb.sys
0R hotcore - C:\WINDOWS\system32\drivers\hotcore.sys
0R iaStor (Intel AHCI Controller) - C:\WINDOWS\system32\drivers\iaStor.sys
1R intelppm (Intel Processor Driver) - C:\WINDOWS\system32\drivers\intelppm.sys
1R kbdhid (Keyboard HID Driver) - C:\WINDOWS\system32\drivers\kbdhid.sys
3S L8042Kbd (Logitech SetPoint Keyboard Driver) - C:\WINDOWS\system32\drivers\L8042Kbd.sys
3S L8042mou (Logitech SetPoint PS/2 Mouse Filter Driver) - C:\WINDOWS\system32\drivers\L8042mou.Sys
3R LHidKe (Logitech SetPoint HID Mouse Filter Driver) - C:\WINDOWS\system32\drivers\LHidKE.Sys
3R LMouKE (Logitech SetPoint Mouse Filter Driver) - C:\WINDOWS\system32\drivers\LMouKE.Sys
3R mfeavfk (McAfee Inc.) - C:\WINDOWS\system32\drivers\mfeavfk.sys
3R mfebopk (McAfee Inc.) - C:\WINDOWS\system32\drivers\mfebopk.sys
3R mfehidk (McAfee Inc.) - C:\WINDOWS\system32\drivers\mfehidk.sys
3S mferkdk (McAfee Inc.) - C:\WINDOWS\system32\drivers\mferkdk.sys
3R mfesmfk (McAfee Inc.) - C:\WINDOWS\system32\drivers\mfesmfk.sys
3R mouhid (Mouse HID Driver) - C:\WINDOWS\system32\drivers\mouhid.sys
1R MPFP - C:\WINDOWS\system32\drivers\Mpfp.sys
3S MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter) - C:\WINDOWS\system32\drivers\MSTEE.sys
3S NABTSFEC (NABTS/FEC VBI Codec) - C:\WINDOWS\system32\drivers\NABTSFEC.sys
3S NaiAvFilter101 (NAI Anti Virus) - \Device\NaiAvFilter101.sys (not found)
3S NdisIP (Microsoft TV/Video Connection) - C:\WINDOWS\system32\drivers\NdisIP.sys
3R NIC1394 (1394 Net Driver) - C:\WINDOWS\system32\drivers\nic1394.sys
3R nv - C:\WINDOWS\system32\drivers\nv4_mini.sys
0R ohci1394 (OHCI Compliant IEEE 1394 Host Controller) - C:\WINDOWS\system32\drivers\ohci1394.sys
3R P1120VID (Creative WebCam NX Ultra) - C:\WINDOWS\system32\drivers\P1120Vid.sys
0R PBADRV - C:\WINDOWS\system32\drivers\PBADRV.sys
3R Pcouffin (Low level access layer for CD devices) - C:\WINDOWS\system32\drivers\Pcouffin.sys
3S PortTalk - C:\WINDOWS\system32\drivers\PortTalk.sys
0R PxHelp20 - C:\WINDOWS\system32\drivers\pxhelp20.sys
1R SCDEmu - C:\WINDOWS\system32\drivers\scdemu.sys
4S sisagp (SIS AGP Bus Filter) - C:\WINDOWS\system32\drivers\SISAGP.SYS
3S SLIP (BDA Slip De-Framer) - C:\WINDOWS\system32\drivers\SLIP.sys
0R snapman (Acronis Snapshots Manager) - C:\WINDOWS\system32\drivers\snapman.sys
0R SSFS0509 (Spy Sweeper File System Filer Driver: 0509) - C:\WINDOWS\system32\drivers\SSFS0509.sys
0R SSHRMD (Spy Sweeper Hookrack MiniDriver) - C:\WINDOWS\system32\drivers\sshrmd.sys
0R SSIDRV (Spy Sweeper Interdiction Driver) - C:\WINDOWS\system32\drivers\ssidrv.sys
3R SSKBFD (Webroot Spy Sweeper Keylogger Shield Keyboard Filter) - C:\WINDOWS\system32\drivers\sskbfd.sys
3R STHDA (SigmaTel High Definition Audio CODEC) - C:\WINDOWS\system32\drivers\sthda.sys
3S streamip (BDA IPSink) - C:\WINDOWS\system32\drivers\StreamIP.sys
2R tifsfilter (Acronis True Image FS Filter) - C:\WINDOWS\system32\drivers\tifsfilt.sys
0R timounter (Acronis True Image Backup Archive Explorer) - C:\WINDOWS\system32\drivers\timntr.sys
3R usbccgp (Microsoft USB Generic Parent Driver) - C:\WINDOWS\system32\drivers\usbccgp.sys
3R usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - C:\WINDOWS\system32\drivers\usbehci.sys
3S usbprint (Microsoft USB PRINTER Class) - C:\WINDOWS\system32\drivers\usbprint.sys
3R USBSTOR (USB Mass Storage Driver) - C:\WINDOWS\system32\drivers\USBSTOR.SYS
4S viaagp (VIA AGP Bus Filter) - C:\WINDOWS\system32\drivers\VIAAGP.SYS
3S WSTCODEC (World Standard Teletext Codec) - C:\WINDOWS\system32\drivers\WSTCODEC.SYS
3S X-Rite (%X-Rite.DTP20.Usb.Service%) - C:\WINDOWS\system32\drivers\XrUsb.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

2R AcrSch2Svc (Acronis Scheduler2 Service) - "C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe"
3S Adobe LM Service - "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
2R APC UPS Service - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
2R ASFIPmon (Broadcom ASF IP Monitor) - "C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe" -service
3S aspnet_state (ASP.NET State Service) - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
4S DataSvr2 - "C:\Program Files\Wave Systems Corp\Common\DataServer.exe"
3R Emproxy (McAfee E-mail Proxy) - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
2R EpsonBidirectionalService - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
2S Fax - C:\WINDOWS\system32\fxssvc.exe
2R IAANTMon (Intel(R) Matrix Storage Event Monitor) - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
3S IDriverT (InstallDriver Table Manager) - "C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"
3R iPod Service - "C:\Program Files\iPod\bin\iPodService.exe"
2R McAfee HackerWatch Service - "C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe"
2R McLogManagerService (McAfee Log Manager) - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
2R mcmispupdmgr (McAfee Update Manager) - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
2R McNASvc (McAfee Network Agent) - "c:\program files\common files\mcafee\mna\mcnasvc.exe"
2R McODS (McAfee Scanner) - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
2R mcpromgr (McAfee Protection Manager) - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
2R McProxy (McAfee Proxy Service) - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
2R McRedirector (McAfee Redirector Service) - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
2R McShield (McAfee Real-time Scanner) - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
2R McSysmon (McAfee SystemGuards) - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
2R McTskshd.exe (McAfee Task Scheduler) - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
2R mcusrmgr (McAfee User Manager) - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
2R MpfService (McAfee Personal Firewall Service) - "C:\Program Files\McAfee\MPF\MPFSrv.exe"
2R MPS9 (McAfee Privacy Service) - C:\PROGRA~1\McAfee\MPS\mps.exe
2R MSK80Service (McAfee SpamKiller Service) - "C:\Program Files\McAfee\MSK\MskSrver.exe"
3S NBService - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
2R NVSvc (NVIDIA Display Driver Service) - C:\WINDOWS\system32\nvsvc32.exe
3S ose (Office Source Engine) - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
2R SiteAdvisor Service - C:\Program Files\SiteAdvisor\6028\SAService.exe
4S tcsd_win32.exe (NTRU Hybrid TSS v2.0.25 TCS) - "C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe"
2R UMWdf (Windows User Mode Driver Framework) - C:\WINDOWS\system32\wdfmgr.exe
3S usnsvc (Messenger Sharing USN Journal Reader service) - C:\WINDOWS\system32\svchost.exe -k usnsvc
2R WebrootSpySweeperService (Webroot Spy Sweeper Engine) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
2S 0082331172587804mcinstcleanup (McAfee Application Installer Cleanup (0082331172587804)) - C:\WINDOWS\TEMP\008233~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service


-- Scheduled Tasks --------------------------------------------------------------

2007-02-24 14:02:59 1450 --a------ C:\WINDOWS\Tasks\wrSpySweeperTrialSweep.job<WRSPYS~1.JOB>
2007-02-13 07:17:04 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job<APPLES~1.JOB>
2007-02-01 01:00:07 364 --a------ C:\WINDOWS\Tasks\McQcTask.job
2007-01-18 10:12:28 362 --a------ C:\WINDOWS\Tasks\McDefragTask.job<MCDEFR~1.JOB>


-- Files created between 2007-01-27 and 2007-02-27 ------------------------------

2007-02-27 10:11:46 0 d-------- C:\Program Files\HijackThis<HIJACK~1>
2007-02-27 09:50:00 0 d-------- C:\Program Files\VSAdd-in
2007-02-27 09:49:59 88340 --a------ C:\WINDOWS\system32\lwiijwfn.exe
2007-02-27 09:49:59 0 d-------- C:\WINDOWS\LastGood
2007-02-24 14:40:22 88340 --a------ C:\WINDOWS\system32\eogqkewp.exe
2007-02-24 14:38:38 118804 --a------ C:\WINDOWS\system32\euumsfre.dll
2007-02-24 14:28:27 88340 --a------ C:\WINDOWS\system32\tirnwmcc.exe
2007-02-24 14:25:48 162 --a------ C:\install.dat
2007-02-24 14:04:55 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Webroot
2007-02-24 14:02:58 0 d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2007-02-24 14:02:52 21056 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys
2007-02-24 14:02:52 144448 --a------ C:\WINDOWS\system32\drivers\ssidrv.sys
2007-02-24 14:02:52 22080 --a------ C:\WINDOWS\system32\drivers\sshrmd.sys
2007-02-24 14:02:52 20544 --a------ C:\WINDOWS\system32\drivers\SSFS0509.sys
2007-02-24 14:02:30 0 d-------- C:\Program Files\Webroot
2007-02-24 14:02:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Webroot
2007-02-24 14:01:47 0 d-------- C:\Documents and Settings\Steve Byars\Application Data\Webroot
2007-02-24 09:57:18 88340 --a------ C:\WINDOWS\system32\bcwvfmsc.exe
2007-02-23 10:01:01 88340 --a------ C:\WINDOWS\system32\wmofanai.exe
2007-02-23 10:00:26 88340 --a------ C:\WINDOWS\system32\serqruwf.exe
2007-02-22 16:52:57 88340 --a------ C:\WINDOWS\system32\odfabywe.exe
2007-02-22 16:51:06 79360 --a------ C:\WINDOWS\system32\swxcacls.exe
2007-02-22 16:51:06 40960 --a------ C:\WINDOWS\system32\swsc.exe
2007-02-22 16:51:06 135168 --a------ C:\WINDOWS\system32\swreg.exe
2007-02-22 16:51:06 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-02-22 16:51:06 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-02-22 16:50:00 88340 --a------ C:\WINDOWS\system32\yadlwanh.exe
2007-02-22 10:53:50 88340 --a------ C:\WINDOWS\system32\rgmrdmqo.exe
2007-02-22 10:52:52 22749 ---hs---- C:\WINDOWS\system32\mljhggf.dll
2007-02-22 10:50:30 88340 --a------ C:\WINDOWS\system32\koqylpao.exe
2007-02-22 10:27:59 88340 --a------ C:\WINDOWS\system32\jgbxexai.exe
2007-02-22 09:56:44 88340 --a------ C:\WINDOWS\system32\fjxwogqd.exe
2007-02-22 09:56:43 22749 ---hs---- C:\WINDOWS\system32\byxxutr.dll
2007-02-21 12:44:20 971858 ---hs---- C:\WINDOWS\system32\ihkmp.ini2<IHKMP~1.INI>
2007-02-21 12:42:36 88340 --a------ C:\WINDOWS\system32\jtuwksjf.exe
2007-02-21 10:01:25 88340 --a------ C:\WINDOWS\system32\jglkubju.exe
2007-02-21 10:00:11 22749 ---hs---- C:\WINDOWS\system32\nnnomkh.dll
2007-02-21 09:51:05 88340 --a------ C:\WINDOWS\system32\ujjnmnsi.exe
2007-02-21 09:50:46 22749 ---hs---- C:\WINDOWS\system32\byxvwxw.dll
2007-02-20 14:50:12 88340 --a------ C:\WINDOWS\system32\fdgcokcf.exe
2007-02-20 14:15:07 88340 --a------ C:\WINDOWS\system32\geldhlle.exe
2007-02-20 14:14:14 88340 --a------ C:\WINDOWS\system32\ejvlhgjh.exe
2007-02-20 14:09:17 88340 --a------ C:\WINDOWS\system32\tgaunndr.exe
2007-02-20 14:05:48 88340 --a------ C:\WINDOWS\system32\ieytykou.exe
2007-02-20 14:03:47 88340 --a------ C:\WINDOWS\system32\uxtwassj.exe
2007-02-20 14:02:48 88340 --a------ C:\WINDOWS\system32\yboccwpi.exe
2007-02-20 14:00:09 88340 --a------ C:\WINDOWS\system32\gsltmnqu.exe
2007-02-20 13:58:39 88340 --a------ C:\WINDOWS\system32\wuaclekw.exe
2007-02-20 13:41:12 6206 --a------ C:\WINDOWS\system32\tmp.reg
2007-02-20 13:37:46 88340 --a------ C:\WINDOWS\system32\nbnfbupk.exe
2007-02-20 13:35:11 88340 --a------ C:\WINDOWS\system32\ebctsuej.exe
2007-02-20 13:33:56 88340 --a------ C:\WINDOWS\system32\qgtllddx.exe
2007-02-20 13:11:27 88340 --a------ C:\WINDOWS\system32\unvtqhtl.exe
2007-02-20 13:10:03 88340 --a------ C:\WINDOWS\system32\doghtpvg.exe
2007-02-20 12:37:11 0 d-------- C:\WINDOWS\McAfee.com
2007-02-20 12:18:11 0 d-------- C:\WINDOWS\system32\Dell
2007-02-20 11:53:04 88340 --a------ C:\WINDOWS\system32\qpcrnong.exe
2007-02-20 11:51:56 88340 --a------ C:\WINDOWS\system32\pmqhbesl.exe
2007-02-20 11:38:47 66048 --a------ C:\WINDOWS\ieResetIcons.exe<IERESE~1.EXE>
2007-02-20 10:14:38 88340 --a------ C:\WINDOWS\system32\erpayxld.exe
2007-02-20 10:11:24 77824 --a------ C:\WINDOWS\system32\IPPTAMon.dll
2007-02-20 10:09:35 0 d-------- C:\Program Files\ImagePrint<IMAGEP~1>
2007-02-20 09:09:55 88340 --a------ C:\WINDOWS\system32\iqjhcpgw.exe
2007-02-20 09:09:29 76412 --a------ C:\WINDOWS\system32\kqrlxkcy.dll
2007-02-17 14:25:28 88340 --a------ C:\WINDOWS\system32\udsroewm.exe
2007-02-17 14:25:09 22749 ---hs---- C:\WINDOWS\system32\ljjhiii.dll
2007-02-17 14:24:46 88340 --a------ C:\WINDOWS\system32\lknesecp.exe
2007-02-17 14:20:09 88340 --a------ C:\WINDOWS\system32\nkgxusjt.exe
2007-02-17 14:03:36 88340 --a------ C:\WINDOWS\system32\jdmcubbw.exe
2007-02-17 14:03:20 22749 ---hs---- C:\WINDOWS\system32\xxywusr.dll
2007-02-17 13:41:28 88340 --a------ C:\WINDOWS\system32\budiivek.exe
2007-02-17 13:41:12 22749 ---hs---- C:\WINDOWS\system32\ssqnnki.dll
2007-02-17 13:40:57 88340 --a------ C:\WINDOWS\system32\plohrpbm.exe
2007-02-17 13:23:06 88340 --a------ C:\WINDOWS\system32\avfjldto.exe
2007-02-17 13:22:52 22749 ---hs---- C:\WINDOWS\system32\ddcdbxy.dll
2007-02-17 13:22:23 88340 --a------ C:\WINDOWS\system32\kchoxdcs.exe
2007-02-16 16:59:02 88340 --a------ C:\WINDOWS\system32\rwegycov.exe
2007-02-16 16:48:03 88340 --a------ C:\WINDOWS\system32\cgeixbyk.exe
2007-02-16 16:47:48 88340 --a------ C:\WINDOWS\system32\ljjlkxoh.exe
2007-02-16 16:43:37 88340 --a------ C:\WINDOWS\system32\aeegtevb.exe
2007-02-16 13:51:08 88340 --a------ C:\WINDOWS\system32\nwoahhhd.exe
2007-02-16 12:57:57 88340 --a------ C:\WINDOWS\system32\myhmxlfb.exe
2007-02-16 10:03:05 88340 --a------ C:\WINDOWS\system32\llrlvohv.exe
2007-02-15 16:46:21 0 d-------- C:\epson
2007-02-15 15:24:07 88340 --a------ C:\WINDOWS\system32\mcaqkiem.exe
2007-02-15 15:23:58 22749 ---hs---- C:\WINDOWS\system32\opnmjgf.dll
2007-02-15 11:02:52 22749 ---hs---- C:\WINDOWS\system32\jkkhgda.dll
2007-02-15 10:55:55 22749 ---hs---- C:\WINDOWS\system32\jkkiife.dll
2007-02-15 10:55:40 88340 --a------ C:\WINDOWS\system32\pohxlntp.exe
2007-02-15 10:47:14 0 d-------- C:\WINDOWS\system32\appmgmt
2007-02-15 10:11:57 88340 --a------ C:\WINDOWS\system32\bgywirvp.exe
2007-02-15 10:11:26 22749 ---hs---- C:\WINDOWS\system32\qomkijk.dll
2007-02-14 16:20:37 88340 --a------ C:\WINDOWS\system32\famvttoa.exe
2007-02-14 15:23:54 44165 --a------ C:\WINDOWS\system32\nybdnxsi.dll
2007-02-14 13:59:41 88340 --a------ C:\WINDOWS\system32\jkwycosq.exe
2007-02-14 13:59:24 88340 --a------ C:\WINDOWS\system32\hxhqanet.exe
2007-02-14 09:53:47 44165 --a------ C:\WINDOWS\system32\pqcreysq.dll
2007-02-14 09:53:41 88340 --a------ C:\WINDOWS\system32\ncxglwve.exe
2007-02-14 09:53:03 44060 --a------ C:\WINDOWS\system32\ukjdpmmq.dll
2007-02-13 13:08:57 44165 --a------ C:\WINDOWS\system32\dkamlvtg.dll
2007-02-13 13:05:22 88340 --a------ C:\WINDOWS\system32\tmvhjrqi.exe
2007-02-13 13:05:14 22749 ---hs---- C:\WINDOWS\system32\cbxwvsq.dll
2007-02-13 11:43:30 88340 --a------ C:\WINDOWS\system32\jhdeqvhe.exe
2007-02-13 11:43:16 22749 ---hs---- C:\WINDOWS\system32\efcyxww.dll
2007-02-13 11:43:14 88340 --a------ C:\WINDOWS\system32\wtvnqbcy.exe
2007-02-13 11:07:48 88340 --a------ C:\WINDOWS\system32\ycoudqtl.exe
2007-02-13 11:07:34 22749 ---hs---- C:\WINDOWS\system32\gebcdec.dll
2007-02-13 10:38:59 88340 --a------ C:\WINDOWS\system32\inalppwv.exe
2007-02-13 10:38:42 22749 ---hs---- C:\WINDOWS\system32\nnnligf.dll
2007-02-13 10:38:35 88340 --a------ C:\WINDOWS\system32\abcafwmf.exe
2007-02-12 11:08:40 22749 ---hs---- C:\WINDOWS\system32\khfgday.dll
2007-02-12 10:59:10 88340 --a------ C:\WINDOWS\system32\vlgpjdlu.exe
2007-02-12 10:58:48 88340 --a------ C:\WINDOWS\system32\pestgjbk.exe
2007-02-12 10:58:13 76412 --a------ C:\WINDOWS\system32\emgrumpu.dll
2007-02-10 09:35:43 88340 --a------ C:\WINDOWS\system32\mcihydee.exe
2007-02-10 09:35:36 22749 ---hs---- C:\WINDOWS\system32\yayxxvt.dll
2007-02-09 10:59:50 1238 -----n--- C:\WINDOWS\hpwmdl03.dat
2007-02-09 10:59:50 60701 --a------ C:\WINDOWS\hpwins03.dat
2007-02-09 10:57:31 88340 --a------ C:\WINDOWS\system32\apgvndvf.exe
2007-02-09 09:55:02 88340 --a------ C:\WINDOWS\system32\jmhvswib.exe
2007-02-09 09:53:55 44060 --a------ C:\WINDOWS\system32\btyquldm.dll
2007-02-08 09:52:09 88340 --a------ C:\WINDOWS\system32\xitfjgfu.exe
2007-02-08 09:52:00 22691 ---hs---- C:\WINDOWS\system32\yayayaa.dll
2007-02-07 09:50:56 22691 ---hs---- C:\WINDOWS\system32\yayyyww.dll
2007-02-07 09:50:53 88340 --a------ C:\WINDOWS\system32\wjpfxpag.exe
2007-02-06 16:59:59 44165 --a------ C:\WINDOWS\system32\minglxkv.dll
2007-02-06 10:22:12 88340 --a------ C:\WINDOWS\system32\hkchdijs.exe
2007-02-06 10:22:00 22691 ---hs---- C:\WINDOWS\system32\urqpqrr.dll
2007-02-06 10:18:18 3567 --a------ C:\WINDOWS\system32\drivers\PortTalk.sys
2007-02-06 10:18:18 0 d-------- C:\Program Files\Olympus ES-10 Film Scanner<OLYMPU~1>
2007-02-06 10:04:39 88340 --a------ C:\WINDOWS\system32\qtlucluo.exe
2007-02-06 10:04:26 22691 ---hs---- C:\WINDOWS\system32\pmnnnom.dll
2007-02-03 13:40:54 88340 --a------ C:\WINDOWS\system32\mcanwthd.exe
2007-02-03 13:40:42 88340 --a------ C:\WINDOWS\system32\uujnmwns.exe
2007-02-03 12:51:00 0 --a------ C:\WINDOWS\system32\SBRC.dat
2007-02-03 12:51:00 0 --a------ C:\WINDOWS\system32\SBFC.dat
2007-02-03 12:38:20 0 d-------- C:\Program Files\Downloaded Installations<DOWNLO~1>
2007-02-03 10:02:52 88340 --a------ C:\WINDOWS\system32\ariiftpu.exe
2007-02-03 10:02:34 88340 --a------ C:\WINDOWS\system32\hwnfbsgv.exe
2007-02-02 12:26:24 88340 --a------ C:\WINDOWS\system32\dcdvtvem.exe
2007-02-02 09:53:02 88340 --a------ C:\WINDOWS\system32\jdexgisw.exe
2007-02-02 09:52:46 22029 ---hs---- C:\WINDOWS\system32\fccyvww.dll
2007-02-01 14:40:58 88340 --a------ C:\WINDOWS\system32\yypmbcgv.exe
2007-02-01 14:40:44 22029 ---hs---- C:\WINDOWS\system32\ssqqnnl.dll
2007-01-31 10:27:44 4142592 --a------ C:\WINDOWS\system32\qtintf.dll
2007-01-31 10:27:43 0 d-------- C:\Program Files\APC
2007-01-31 10:26:45 9344 --a------ C:\WINDOWS\system32\drivers\compbatt.sys
2007-01-31 10:26:43 19200 --a------ C:\WINDOWS\system32\drivers\hidbatt.sys
2007-01-31 10:26:42 14080 --a------ C:\WINDOWS\system32\drivers\battc.sys
2007-01-31 09:44:55 88340 --a------ C:\WINDOWS\system32\veffyefa.exe
2007-01-31 09:44:31 22029 ---hs---- C:\WINDOWS\system32\nnnnnol.dll
2007-01-31 09:44:28 44060 --a------ C:\WINDOWS\system32\vdktxdlr.dll
2007-01-30 08:45:03 88340 --a------ C:\WINDOWS\system32\vhmujloy.exe
2007-01-30 08:44:23 88340 --a------ C:\WINDOWS\system32\lxvsjkqa.exe
2007-01-30 08:44:19 76412 --a------ C:\WINDOWS\system32\byfdioow.dll
2007-01-30 08:44:03 22029 ---hs---- C:\WINDOWS\system32\iifebxw.dll
2007-01-29 11:29:55 88340 --a------ C:\WINDOWS\system32\flhrttuf.exe
2007-01-29 11:29:52 22029 ---hs---- C:\WINDOWS\system32\xxyyyvv.dll
2007-01-29 03:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe
2007-01-27 13:45:30 88340 --a------ C:\WINDOWS\system32\nyasptpe.exe


-- Find3M Report ----------------------------------------------------------------

2007-02-27 09:56:03 0 d-------- C:\Program Files\Java
2007-02-27 09:49:58 0 d-------- C:\Program Files\McAfee
2007-02-27 09:49:57 969958 ---hs---- C:\WINDOWS\system32\ihkmp.bak2<IHKMP~2.BAK>
2007-02-27 09:48:06 0 d-------- C:\Documents and Settings\Steve Byars\Application Data\Wave Systems Corp<WAVESY~1>
2007-02-24 14:28:26 970482 ---hs---- C:\WINDOWS\system32\ihkmp.bak1<IHKMP~1.BAK>
2007-02-23 12:39:33 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-02-23 11:23:12 0 d-------- C:\Program Files\Common Files\Adobe
2007-02-20 14:53:00 376832 --a------ C:\WINDOWS\system32\MPIWIN32.DLL
2007-02-20 14:53:00 43520 --a------ C:\WINDOWS\system32\CBNDLL.DLL
2007-02-20 14:52:55 44544 --a------ C:\WINDOWS\system32\ZEUS.DLL
2007-02-20 14:52:55 27136 --a------ C:\WINDOWS\system32\VNSERVER.DLL
2007-02-20 14:52:55 40960 --a------ C:\WINDOWS\system32\LMLIBEX.DLL
2007-02-20 13:11:23 0 d-------- C:\Documents and Settings\Steve Byars\Application Data\SiteAdvisor<SITEAD~1>
2007-02-16 11:01:34 2766 --a------ C:\Documents and Settings\Steve Byars\Application Data\com.icctools.ColorShop.plist<COMICC~1.PLI>
2007-02-16 10:59:19 8 --a------ C:\Documents and Settings\Steve Byars\Application Data\_.ini
2007-02-16 10:36:38 0 d-------- C:\Documents and Settings\Steve Byars\Application Data\U3
2007-02-15 13:31:25 0 d-------- C:\Program Files\BitComet
2007-02-15 11:29:55 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-02-14 14:25:32 2560 --a------ C:\WINDOWS\system32\BitCometRes.dll<BITCOM~1.DLL>
2007-02-13 10:37:21 0 d-------- C:\Program Files\SiteAdvisor<SITEAD~1>
2007-02-13 10:04:59 0 d-------- C:\Program Files\QuickTime<QUICKT~1>
2007-02-13 10:04:15 0 d-------- C:\Program Files\Apple Software Update<APPLES~1>
2007-02-09 11:10:52 0 d-------- C:\Program Files\HP
2007-01-26 16:41:52 88340 --a------ C:\WINDOWS\system32\rmdijxuq.exe
2007-01-26 15:19:00 0 d-------- C:\Program Files\Avery Wizard 3.0<AVERYW~1.0>
2007-01-26 15:17:09 88340 --a------ C:\WINDOWS\system32\pemyxbwg.exe
2007-01-26 14:43:14 0 d-------- C:\Program Files\Common Files\Avery
2007-01-26 12:08:16 88340 --a------ C:\WINDOWS\system32\wdihnnhw.exe
2007-01-26 09:37:03 88340 --a------ C:\WINDOWS\system32\auuteryf.exe
2007-01-24 12:21:32 88340 --a------ C:\WINDOWS\system32\rvtwnapd.exe
2007-01-24 10:54:49 0 d-------- C:\Documents and Settings\Steve Byars\Application Data\Adobe
2007-01-23 12:51:14 0 d-------- C:\Program Files\Registry Mechanic<REGIST~1>
2007-01-23 12:20:46 88340 --a------ C:\WINDOWS\system32\fftfvuun.exe
2007-01-23 12:19:59 277192 ---hs---- C:\WINDOWS\system32\pmkhi.dll
2007-01-19 15:02:42 0 d-------- C:\Program Files\X-Rite
2007-01-19 14:44:59 1350 --a------ C:\Documents and Settings\Steve Byars\Application Data\ColorPort.xml<COLORP~1.XML>
2007-01-18 10:13:59 0 d-------- C:\Program Files\McAfee.com
2007-01-18 10:11:24 0 d-------- C:\Program Files\Common Files\McAfee
2007-01-18 10:09:17 76412 --a------ C:\WINDOWS\system32\fogfpewe.dll
2007-01-18 10:09:15 88340 --a------ C:\WINDOWS\system32\kudpwdiy.exe
2007-01-18 10:09:11 44060 --a------ C:\WINDOWS\system32\oiurnexi.dll
2007-01-18 10:09:05 969851 ---hs---- C:\WINDOWS\system32\mlnmp.bak1<MLNMP~1.BAK>
2007-01-17 10:46:16 263963 --a------ C:\WINDOWS\system32\jkhhh.dll
2007-01-17 10:42:44 266883 --a------ C:\WINDOWS\system32\ddcya.dll
2007-01-16 15:23:57 0 d-------- C:\Documents and Settings\Steve Byars\Application Data\Lavasoft
2007-01-16 15:23:34 0 d-------- C:\Program Files\Lavasoft
2007-01-12 10:02:08 22541 ---hs---- C:\WINDOWS\system32\iifccby.dll
2007-01-11 12:53:03 22541 ---hs---- C:\WINDOWS\system32\nnnomml.dll
2007-01-10 18:12:51 22541 ---hs---- C:\WINDOWS\system32\awtqoop.dll
2007-01-10 15:31:57 0 d-------- C:\Documents and Settings\Steve Byars\Application Data\dvdcss
2007-01-10 14:23:18 0 d-------- C:\Program Files\Xilisoft
2007-01-10 12:02:18 0 d-------- C:\Program Files\CloneDVD
2007-01-10 10:43:07 14545 --a------ C:\WINDOWS\system32\exec1.exe
2007-01-08 18:08:10 13824 --a------ C:\WINDOWS\system32\ieudinit.exe
2007-01-04 15:41:04 0 d-------- C:\Documents and Settings\Steve Byars\Application Data\Help
2007-01-03 1346 164568 --a------ C:\WINDOWS\Video Cleaner Pro Uninstaller.exe<VIDEOC~1.EXE>
2007-01-03 1345 0 d-------- C:\Program Files\River Past<RIVERP~1>
2007-01-03 1345 0 d-------- C:\Program Files\Common Files\River Past<RIVERP~1>
2007-01-03 1345 0 d-------- C:\Documents and Settings\Steve Byars\Application Data\River Past G5<RIVERP~1>
2007-01-02 16:01:19 0 d-------- C:\Program Files\Common Files\Ahead
2006-12-19 16:52:18 134656 --a------ C:\WINDOWS\system32\shsvcs.dll
2006-12-19 13:16:47 333824 --a------ C:\WINDOWS\system32\wiaservc.dll
2006-12-07 01:40:49 2362184 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-11-27 09:54:06 433152 --a------ C:\WINDOWS\system32\riched20.dll
2006-11-27 09:54:06 539136 --a------ C:\WINDOWS\system32\msftedit.dll


-- Registry Dump ----------------------------------------------------------------


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
"AWMON"="\"C:\\Program Files\\Lavasoft\\Ad-Aware SE Professional\\Ad-Watch.exe\""
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
"SigmatelSysTrayApp"="stsystra.exe"
"Document Manager"="C:\\Program Files\\Wave Systems Corp\\Services Manager\\DocMgr\\bin\\docmgr.exe"
"IAAnotif"="C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe"
"DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\""
"DLA"="C:\\WINDOWS\\System32\\DLA\\DLACTRLW.EXE"
"ISUSPM Startup"="C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup"
"ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"Acrobat Assistant 7.0"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Distillr\\Acrotray.exe\""
"EPSON Stylus Pro 9800 (Copy 1)"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_S5I0P2.EXE /P30 \"EPSON Stylus Pro 9800 (Copy 1)\" /O6 \"USB002\" /M \"Stylus Pro 9800\""
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"TrueImageMonitor.exe"="C:\\Program Files\\Acronis\\TrueImageWorkstation\\TrueImageMonitor.exe"
"AcronisTimounterMonitor"="C:\\Program Files\\Acronis\\TrueImageWorkstation\\TimounterMonitor.exe"
"Acronis Scheduler2 Service"="\"C:\\Program Files\\Common Files\\Acronis\\Schedule2\\schedhlp.exe\""
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"UserFaultCheck"="%systemroot%\\system32\\dumprep 0 -u"
"MCUpdateExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcupdate.exe"
"MSKDetectorExe"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MSKDetct.exe /startup"
"MSKAGENTEXE"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MskAgent.exe"
"VirusScan Online"="C:\\Program Files\\McAfee.com\\VSO\\mcvsshld.exe"
"MPFExe"="C:\\PROGRA~1\\McAfee.com\\PERSON~1\\MpfTray.exe"
"HPWUTOOLBOX"="C:\\Program Files\\HP\\HP Officejet Pro K550 Series\\Toolbox\\HPWUTBX.exe \"-i\""
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
"RegistryMechanic"=""
"NWEReboot"=""
"CBSpoolDaemon"="\"C:\\Program Files\\ImagePrint\\spool\\mux\\muxd.exe\""
"Windows Systems16"="C:\\WINDOWS\\system32\\winjews16.exe"
"DllRunning"="rundll32.exe \"C:\\WINDOWS\\system32\\vebbamba.dll\",setvm"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"Windows Systems16"="C:\\WINDOWS\\system32\\winjews16.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NMBgMonitor"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CBSpoolDaemon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="muxd"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\ImagePrint\\spool\\mux\\muxd.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DllRunning]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"hkey"="HKLM"
"inimapping"="0"
"item"="vebbamba"
"command"="rundll32.exe \"C:\\WINDOWS\\system32\\vebbamba.dll\",setvm"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KHALMNPR"
"hkey"="HKLM"
"command"="KHALMNPR.EXE"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"tcsd_win32.exe"=dword:00000002
"DataSvr2"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"appinit_dlls"="wxvault.dll"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{D7B374C3-8DED-4CB1-820B-413FF0C71FC6}"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmkhi
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\qomkijk

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\MCODS
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WebrootSpySweeperService

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
Usnsvc REG_MULTI_SZ usnsvc\0\0



-- End of ComboScan: finished at 2007-02-27 at 10:12:35 -------------------------
Attached Files
File Type: txt Supplementary.txt (16.2 KB, 1 views)
steve2603 is offline