Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 




Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > HijackThis Log Help
Slow PC - Need HiJack Help Please! Slow PC - Need HiJack Help Please!
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read

HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help.

Reply
 
Thread Tools
Old 03-03-2007, 07:53 PM   #1 (permalink)
I helped the forums.
 
Michael77's Avatar
 
Join Date: Nov 2005
Location: chicagoland
Posts: 36
OS: XP (Media Center 2005)


Cry Slow PC - Need HiJack Help Please!
Dell PC w/XP Media Edition 2005 has slow start-up problems, then slow afterwords as well. May be a spyware problem? Sorry I can't be more help!

I made a donation after my last visit to this site and will again. Also have recommended others to the site since. Thank you in advance for your help.

ComboSCan results as follows:


ComboScan v20070226.18 run by Michael Shackelford on 2007-03-03 at 21:12:40
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Successfully created restore point.
Performed disk cleanup.


-- HijackThis (run as Michael Shackelford.exe) ----------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 9:14:59 PM, on 3/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
C:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\system32\dlbucoms.exe
C:\Documents and Settings\Michael Shackelford\Desktop\comboscan.exe
C:\PROGRA~1\HIJACK~1\Michael Shackelford.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe"
O4 - HKLM\..\Run: [IntelMeM] "C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe"
O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" /r
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [DIGStream] "C:\Program Files\DIGStream\digstream.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\GetFlash.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlmanager.akamaitools.com.edg...ex-2.0.5.0.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-36.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1129351655375
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/40...02/Coupons.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/pro...tor/WebAAS.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - http://www.symantec.com/techsupp/asa/SymAData.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/...sh/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15023/CTPID.cab
O18 - Protocol: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\puresp3.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: dlbu_device - Dell - C:\WINDOWS\system32\dlbucoms.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Unknown owner - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe" -k runservice (file missing)
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PowerPanel Personal Edition Service (ppped) - Unknown owner - C:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe


-- File Associations ------------------------------------------------------------

.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ----------------------

0R agpCPQ (Compaq AGP Bus Filter) - C:\WINDOWS\SYSTEM32\DRIVERS\AGPCPQ.SYS
0R alim1541 (ALI AGP Bus Filter) - C:\WINDOWS\SYSTEM32\DRIVERS\ALIM1541.SYS
0R amdagp (AMD AGP Bus Filter Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\AMDAGP.SYS
3R Arp1394 (1394 ARP Client Protocol) - C:\WINDOWS\SYSTEM32\DRIVERS\ARP1394.SYS
3R b57w2k (Broadcom NetXtreme 57xx Gigabit Controller) - C:\WINDOWS\SYSTEM32\DRIVERS\b57xp32.sys
1R BANTExt (Belarc SMBios Access) - C:\WINDOWS\SYSTEM32\DRIVERS\BANTExt.sys
2R BCMNTIO - C:\Program Files\CheckIt\Diagnostics\BCMNTIO.SYS
3S Bridge (MAC Bridge) - C:\WINDOWS\SYSTEM32\DRIVERS\BRIDGE.SYS
3S BridgeMP (MAC Bridge Miniport) - C:\WINDOWS\SYSTEM32\DRIVERS\BRIDGE.SYS
0R cbidf - C:\WINDOWS\SYSTEM32\DRIVERS\CBIDF2K.SYS
3S CCDECODE (Closed Caption Decoder) - C:\WINDOWS\SYSTEM32\DRIVERS\CCDECODE.sys
3R ctac32k (Creative AC3 Software Decoder) - C:\WINDOWS\SYSTEM32\DRIVERS\ctac32k.sys
3R ctaud2k (Creative Audio Driver (WDM)) - C:\WINDOWS\SYSTEM32\DRIVERS\ctaud2k.sys
3S ctdvda2k (Creative DVD-Audio Device Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\ctdvda2k.sys
3R ctprxy2k (Creative Proxy Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\ctprxy2k.sys
3R ctsfm2k (Creative SoundFont Management Device Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys
0R dac2w2k - C:\WINDOWS\SYSTEM32\DRIVERS\DAC2W2K.SYS
0R drvmcdb - C:\WINDOWS\SYSTEM32\DRIVERS\drvmcdb.sys
2R drvnddm - C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys
3S E100B (Intel(R) PRO Adapter Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\E100B325.SYS
1R eeCtrl (Symantec Eraser Control driver) - C:\Program Files\Common Files\Symantec Shared\eengine\eectrl.sys
3R emupia (E-mu Plug-in Architecture Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\emupia2k.sys
3R EraserUtilRebootDrv - C:\Program Files\Common Files\Symantec Shared\eengine\EraserUtilRebootDrv.sys
0R GBDevice - C:\WINDOWS\SYSTEM32\DRIVERS\GBDevice.sys
2S GBFSHook - C:\WINDOWS\SYSTEM32\DRIVERS\GBFSHook.sys
0R GoBack2K - C:\WINDOWS\SYSTEM32\DRIVERS\GoBack2k.sys
3R ha10kx2k (Creative Hardware Abstract Layer Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\ha10kx2k.sys
3R hap16v2k (Creative P16V HAL Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\haP16v2k.sys
3S hap17v2k (Creative P17V HAL Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\haP17v2k.sys
3R hcwPP2 (Hauppauge WinTV PVR PCI II ([23|25|26]xxx)) - C:\WINDOWS\SYSTEM32\DRIVERS\hcwPP2.sys
3S HidBatt (HID UPS Battery Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\hidbatt.sys
3R HidUsb (Microsoft HID Class Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\hidusb.sys
0R iaStor (Intel RAID Controller) - C:\WINDOWS\SYSTEM32\DRIVERS\IASTOR.SYS
4R InCDfs (InCD File System) - C:\WINDOWS\SYSTEM32\DRIVERS\InCDfs.sys
1R InCDPass - C:\WINDOWS\SYSTEM32\DRIVERS\InCDpass.sys
1R incdrm (InCD Reader) - C:\WINDOWS\SYSTEM32\DRIVERS\InCDrm.sys
3R IntelC51 - C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys
3R IntelC52 - C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys
3R IntelC53 - C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys
1R intelppm (Intel Processor Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS
1R kbdhid (Keyboard HID Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\kbdhid.sys
2R MAPMEM - C:\Program Files\CheckIt\Diagnostics\MAPMEM.SYS
2R MCSTRM - C:\WINDOWS\SYSTEM32\DRIVERS\mcstrm.sys
3S MHNDRV (MHN driver) - C:\WINDOWS\SYSTEM32\DRIVERS\MHNDRV.SYS
3R MODEMCSA (Unimodem Streaming Filter Device) - C:\WINDOWS\SYSTEM32\DRIVERS\MODEMCSA.sys
3R mohfilt - C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys
3R mouhid (Mouse HID Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\mouhid.sys
3S MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter) - C:\WINDOWS\SYSTEM32\DRIVERS\MSTEE.sys
3S NABTSFEC (NABTS/FEC VBI Codec) - C:\WINDOWS\SYSTEM32\DRIVERS\NABTSFEC.sys
3R NAVENG - C:\Program Files\Common Files\Symantec Shared\VirusDefs\20070303.006\NAVENG.SYS
3R NAVEX15 - C:\Program Files\Common Files\Symantec Shared\VirusDefs\20070303.006\NAVEX15.SYS
3S NdisIP (Microsoft TV/Video Connection) - C:\WINDOWS\SYSTEM32\DRIVERS\NdisIP.sys
3R NIC1394 (1394 Net Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\NIC1394.SYS
3R NPDriver (Norton UnErase Protection Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\NPDRIVER.SYS
0R ohci1394 (OHCI Compliant IEEE 1394 Host Controller) - C:\WINDOWS\SYSTEM32\DRIVERS\ohci1394.sys
1R omci (OMCI WDM Device Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys
3R ossrv (Creative OS Services Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys
3S P2k (Motorola USB Device) - C:\WINDOWS\SYSTEM32\DRIVERS\P2k.sys
2R pnarp (Network Magic Device Discovery Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\pnarp.sys
3R Point32 (Microsoft IntelliPoint Filter Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\point32.sys
2R purendis (Network Magic Wireless Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\purendis.sys
0R PxHelp20 - C:\WINDOWS\SYSTEM32\DRIVERS\pxhelp20.sys
3R ROOTMODEM (Microsoft Legacy Modem Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\ROOTMDM.SYS
3S SDdriver - C:\WINDOWS\SYSTEM32\DRIVERS\SdDriver.SYS
0R sisagp (SIS AGP Bus Filter) - C:\WINDOWS\SYSTEM32\DRIVERS\SISAGP.SYS
3S SLIP (BDA Slip De-Framer) - C:\WINDOWS\SYSTEM32\DRIVERS\SLIP.sys
3S SONYPVU1 (Sony USB Filter Driver (SONYPVU1)) - C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS
1R SPBBCDrv - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
3R SRTSP - C:\WINDOWS\SYSTEM32\DRIVERS\srtsp.sys
3S SRTSPL - C:\WINDOWS\SYSTEM32\DRIVERS\srtspl.sys
1R SRTSPX - C:\WINDOWS\SYSTEM32\DRIVERS\srtspx.sys
1R sscdbhk5 - C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys
1R ssrtln - C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys
3S streamip (BDA IPSink) - C:\WINDOWS\SYSTEM32\DRIVERS\StreamIP.sys
3R SYMDNS - C:\WINDOWS\SYSTEM32\DRIVERS\symdns.sys
3R SymEvent - C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS
3R SYMFW - C:\WINDOWS\SYSTEM32\DRIVERS\symfw.sys
3R SYMIDS - C:\WINDOWS\SYSTEM32\DRIVERS\symids.sys
3R SYMIDSCO - C:\Program Files\Common Files\Symantec Shared\SymcData\idsdefs\20070302.001\SymIDSCo.sys
2R symlcbrd - C:\WINDOWS\SYSTEM32\DRIVERS\symlcbrd.sys
3R SYMNDIS - C:\WINDOWS\SYSTEM32\DRIVERS\symndis.sys
3R SYMREDRV - C:\WINDOWS\SYSTEM32\DRIVERS\symredrv.sys
1R SYMTDI - C:\WINDOWS\SYSTEM32\DRIVERS\symtdi.sys
2R tfsnboio - C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys
2R tfsncofs - C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys
2R tfsndrct - C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys
2R tfsndres - C:\WINDOWS\SYSTEM32\dla\tfsndres.sys
2R tfsnifs - C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys
2R tfsnopio - C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys
2R tfsnpool - C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys
2R tfsnudf - C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys
2R tfsnudfa - C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys
3R usbccgp (Microsoft USB Generic Parent Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\usbccgp.sys
3R usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS
3R usbprint (Microsoft USB PRINTER Class) - C:\WINDOWS\SYSTEM32\DRIVERS\usbprint.sys
3R usbscan (USB Scanner Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\usbscan.sys
3S usbsermpt (Motorola USB Modem Driver for MPT) - C:\WINDOWS\SYSTEM32\DRIVERS\usbsermpt.sys
3R USBSTOR (USB Mass Storage Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS
0R viaagp (VIA AGP Bus Filter) - C:\WINDOWS\SYSTEM32\DRIVERS\VIAAGP.SYS
3S wanatw (WAN Miniport (ATW)) - C:\WINDOWS\system32\DRIVERS\wanatw4.sys (not found)
2R WIBUKEY (WIBU-KEY Kernel Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\Wibukey.sys
3S WpdUsb - C:\WINDOWS\SYSTEM32\DRIVERS\wpdusb.sys
4S WS2IFSL (Windows Socket 2.0 Non-IFS Service Provider Support Environment) - C:\WINDOWS\SYSTEM32\DRIVERS\WS2IFSL.SYS
3S WSTCODEC (World Standard Teletext Codec) - C:\WINDOWS\SYSTEM32\DRIVERS\WSTCODEC.SYS
0R WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\WudfPf.sys
3S WudfRd (Windows Driver Foundation - User-mode Driver Framework Reflector) - C:\WINDOWS\SYSTEM32\DRIVERS\WudfRd.sys
3R nv - C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

3S Adobe LM Service - "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
3S aspnet_state (ASP.NET State Service) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
2R Automatic LiveUpdate Scheduler - "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
2R ccEvtMgr (Symantec Event Manager) - "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
2R ccSetMgr (Symantec Settings Manager) - "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
3S clr_optimization_v2.0.50727_32 (.NET Runtime Optimization Service v2.0.50727_X86) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
2R CLTNetCnService (Symantec Lic NetConnect service) - "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
3S comHost (COM Host) - "C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe"
2R Creative Service for CDROM Access - C:\WINDOWS\system32\CTsvcCDA.EXE
3R dlbu_device - C:\WINDOWS\system32\dlbucoms.exe -service
2R ehRecvr (Media Center Receiver Service) - C:\WINDOWS\eHome\ehRecvr.exe
2R ehSched (Media Center Scheduler Service) - C:\WINDOWS\eHome\ehSched.exe
2S Fax - C:\WINDOWS\system32\fxssvc.exe
3S FontCache3.0.0.0 (Windows Presentation Foundation Font Cache 3.0.0.0) - c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
2R GBPoll (GoBack Polling Service) - "C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe"
2R IAANTMon (IAA Event Monitor) - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
3S idsvc (Windows CardSpace) - "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
2R IISADMIN (IIS Admin) - C:\WINDOWS\system32\inetsrv\inetinfo.exe
4S InCDsrvR (InCD Helper (read only)) - C:\Program Files\Ahead\InCD\InCDsrv.exe -r
3S ISPwdSvc (Symantec IS Password Validation) - "C:\Program Files\Norton Internet Security\isPwdSvc.exe"
3S LiveUpdate - "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"
3S LPDSVC (TCP/IP Print Server) - C:\WINDOWS\system32\tcpsvcs.exe
2R McrdSvc (Media Center Extender Service) - C:\WINDOWS\ehome\mcrdsvc.exe
3S MHN - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R MSFtpsvc (FTP Publishing) - C:\WINDOWS\system32\inetsrv\inetinfo.exe
4S NetTcpPortSharing (Net.Tcp Port Sharing Service) - "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
3S nmraapache (Pure Networks Net2Go Service) - "C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe" -k runservice
2R nmservice (Pure Networks Network Magic Service) - "C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe"
2R NProtectService (Norton UnErase Protection) - C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
4S NSCService (Norton Protection Center Service) - "C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE"
3S ose (Office Source Engine) - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
2R ppped (PowerPanel Personal Edition Service) - "C:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe"
2R SMTPSVC (Simple Mail Transfer Protocol (SMTP)) - C:\WINDOWS\system32\inetsrv\inetinfo.exe
2R SNMP (SNMP Service) - C:\WINDOWS\System32\snmp.exe
3S SNMPTRAP (SNMP Trap Service) - C:\WINDOWS\System32\snmptrap.exe
2R Speed Disk service - C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
2R Symantec Core LC - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
2R SymAppCore (Symantec AppCore Service) - "C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe"
4S UleadBurningHelper (Ulead Burning Helper) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
2R W3SVC (World Wide Web Publishing) - C:\WINDOWS\system32\inetsrv\inetinfo.exe
2S NVSvc (NVIDIA Display Driver Service) - C:\WINDOWS\system32\nvsvc32.exe


-- Scheduled Tasks --------------------------------------------------------------

2007-03-02 20:00:06 592 --a------ C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Michael Shackelford.job<NORTON~1.JOB>


-- Files created between 2007-02-03 and 2007-03-03 ------------------------------

2007-03-03 21:14:28 0 d-------- C:\Program Files\HijackThis<HIJACK~1>
2007-03-03 20:41:39 21312 --a------ C:\WINDOWS\choice.exe
2007-03-03 20:34:44 0 d-------- C:\ie-spyad2<IE-SPY~1>
2007-03-03 20:31:27 0 d-------- C:\Program Files\SpywareGuard<SPYWAR~2>
2007-03-03 20:23:39 0 d-------- C:\Program Files\SpywareBlaster<SPYWAR~1>
2007-03-03 17:24:55 0 d-------- C:\Program Files\Lavasoft
2007-03-03 17:20:15 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard<WISEIN~1>
2007-03-03 16:47:06 172032 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-03-03 16:47:06 0 d-------- C:\WINDOWS\NV8321272.TMP<NV8321~1.TMP>
2007-03-03 16:46:28 0 d-------- C:\WINDOWS\LastGood
2007-02-25 21:34:00 0 d-------- C:\Program Files\MSECache
2007-02-25 19:39:26 25792 --a------ C:\WINDOWS\system32\drivers\pnarp.sys
2007-02-25 19:39:21 26944 --a------ C:\WINDOWS\system32\drivers\purendis.sys
2007-02-25 17:34:39 0 d-------- C:\Program Files\Norton Internet Security<NORTON~2>
2007-02-25 16:54:42 0 d-------- C:\WINDOWS\IIS Temporary Compressed Files<IISTEM~1>
2007-02-25 16:54:20 0 d-------- C:\WINDOWS\system32\Cache
2007-02-25 16:54:01 1742336 --a------ C:\WINDOWS\system32\mypixdx.scr
2007-02-25 16:54:00 4396544 --a------ C:\WINDOWS\system32\wpgldfsh.scr
2007-02-25 16:54:00 7093760 --a------ C:\WINDOWS\system32\space.scr
2007-02-25 16:54:00 3343360 --a------ C:\WINDOWS\system32\nature.scr
2007-02-25 16:53:59 5068800 --a------ C:\WINDOWS\system32\davinci.scr
2007-02-25 16:50:37 23040 --a------ C:\WINDOWS\system32\regtrace.exe
2007-02-25 16:50:37 43520 --a------ C:\WINDOWS\system32\fcachdll.dll
2007-02-25 16:50:37 5632 --a------ C:\WINDOWS\system32\adsiisex.dll
2007-02-25 16:49:28 7680 --a------ C:\WINDOWS\system32\ftpctrs2.dll
2007-02-25 16:49:26 7168 --a------ C:\WINDOWS\system32\wamregps.dll
2007-02-25 16:49:26 5632 --a------ C:\WINDOWS\system32\w3svapi.dll
2007-02-25 16:49:26 4608 --a------ C:\WINDOWS\system32\w3ctrs.dll
2007-02-25 16:49:26 8704 --a------ C:\WINDOWS\system32\infoctrs.dll
2007-02-25 16:49:26 19968 --a------ C:\WINDOWS\system32\inetsloc.dll
2007-02-25 16:49:26 3584 --a------ C:\WINDOWS\system32\iismui.dll
2007-02-25 16:49:26 10240 --a------ C:\WINDOWS\system32\aspperf.dll
2007-02-25 16:49:25 56320 --a------ C:\WINDOWS\system32\convlog.exe
2007-02-25 16:49:25 6144 --a------ C:\WINDOWS\system32\admxprox.dll
2007-02-25 16:49:23 10752 --a------ C:\WINDOWS\system32\smtpapi.dll
2007-02-25 16:49:23 9728 --a------ C:\WINDOWS\system32\rwnh.dll
2007-02-25 16:49:23 13312 --a------ C:\WINDOWS\system32\infoadmn.dll
2007-02-25 16:49:23 133632 --a------ C:\WINDOWS\system32\iisRtl.dll
2007-02-25 16:49:23 64512 --a------ C:\WINDOWS\system32\iismap.dll
2007-02-25 16:49:23 68608 --a------ C:\WINDOWS\system32\iisext.dll
2007-02-25 16:49:23 14336 --a------ C:\WINDOWS\system32\exstrace.dll
2007-02-25 16:49:23 290816 --a------ C:\WINDOWS\system32\adsiis.dll
2007-02-25 16:49:23 43520 --a------ C:\WINDOWS\system32\admwprox.dll
2007-02-25 16:49:21 8192 --a------ C:\WINDOWS\system32\staxmem.dll
2007-02-24 10:48:15 0 d-------- C:\Dell942
2007-02-18 17:15:29 0 d--h----- C:\Documents and Settings\Michael Shackelford\InstallAnywhere<INSTAL~1>
2007-02-18 17:11:30 90112 --a------ C:\WINDOWS\unvise32.exe
2007-02-18 17:11:18 0 d-------- C:\Program Files\Quicken WillMaker Plus 2007<QUICKE~1>
2007-02-18 14:21:03 1933312 --a------ C:\WINDOWS\system32\cdintf250.dll<CDINTF~1.DLL>
2007-02-18 14:20:39 0 d-------- C:\Program Files\Common Files\Palo Alto Software<PALOAL~1>
2007-02-10 14:14:08 0 d-------- C:\Program Files\WILLPower<WILLPO~1>
2007-02-10 12:57:15 0 d-------- C:\Program Files\Quicken
2007-02-10 12:22:23 0 d-------- C:\Program Files\DeductionPro 2006<DEDUCT~1>
2007-02-10 12:17:56 0 d-------- C:\Documents and Settings\All Users\Application Data\pdf995
2007-02-10 12:17:55 118784 --a------ C:\WINDOWS\system32\pdfmona.dll
2007-02-10 12:17:55 51716 --a------ C:\WINDOWS\system32\pdf995mon.dll<PDF995~1.DLL>
2007-02-10 12:15:57 0 d-------- C:\Program Files\TaxCut06
2007-02-10 10:55:43 164 --a------ C:\install.dat
2007-02-06 08:27:30 0 d-------- C:\Program Files\DIFX
2007-02-06 08:27:27 0 d------c- C:\WINDOWS\system32\DRVSTORE
2007-02-04 17:09:30 0 d-------- C:\Program Files\MSBuild
2007-02-04 1718 0 d-------- C:\WINDOWS\system32\XPSViewer<XPSVIE~1>
2007-02-04 17:05:47 0 d-------- C:\Program Files\Reference Assemblies<REFERE~1>
2007-02-04 17:05:01 14048 -----n--- C:\WINDOWS\system32\spmsg2.dll
2007-02-04 17:04:42 0 d-------- C:\65b44eda97eb20b9c295f515be48<65B44E~1>
2007-02-03 23:40:44 0 d-------- C:\Program Files\Common Files\Pure Networks Shared<PURENE~1>
2007-02-03 23:40:27 0 d-------- C:\Program Files\Pure Networks<PURENE~1>
2007-02-03 21:42:08 0 d-------- C:\Documents and Settings\All Users\Application Data\Pure Networks<PURENE~1>
2007-02-03 13:34:45 0 d-------- C:\WINDOWS\Performance<PERFOR~1>
2007-02-03 13:34:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Corporation<MICROS~2>


-- Find3M Report ----------------------------------------------------------------

2007-03-03 21:14:27 0 d-------- C:\Program Files\Common Files\Symantec Shared<SYMANT~1>
2007-03-03 19:40:29 0 d-------- C:\Program Files\Google
2007-03-03 19:40:05 0 d-------- C:\Program Files\DVD Region+CSS Free<DVDREG~1>
2007-03-03 19:40:04 0 d-------- C:\Program Files\DIGStream<DIGSTR~1>
2007-03-03 19:40:03 0 d-------- C:\Program Files\Dell Photo AIO Printer 942<DELLPH~1>
2007-03-03 19:39:30 0 d-------- C:\Program Files\CyberPower PowerPanel Personal Edition<CYBERP~1>
2007-03-03 19:37:46 0 d-------- C:\Program Files\Copernic Desktop Search 2<COPERN~2>
2007-03-03 17:25:05 0 d-------- C:\Documents and Settings\Michael Shackelford\Application Data\Lavasoft
2007-03-03 16:24:29 0 dr-h----- C:\Documents and Settings\Michael Shackelford\Application Data\yahoo!
2007-03-03 14:56:44 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-03-03 13:24:27 0 d-------- C:\Program Files\Intel
2007-03-03 13:23:17 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-02-25 17:41:26 0 d-------- C:\Program Files\Symantec
2007-02-25 17:41:25 48776 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2007-02-25 17:31:05 0 d-------- C:\Program Files\Norton SystemWorks<NORTON~1>
2007-02-25 17:30:06 0 d-------- C:\Documents and Settings\Michael Shackelford\Application Data\Symantec
2007-02-25 17:07:58 0 d-------- C:\Program Files\The Weather Channel FW<THEWEA~1>
2007-02-25 15:17:49 0 d-------- C:\Program Files\Java
2007-02-18 13:33:49 28335 --a------ C:\Documents and Settings\Michael Shackelford\Application Data\Comma Separated Values (Windows).ADR<COMMAS~1.ADR>
2007-02-17 08:35:20 0 d---s---- C:\Documents and Settings\Michael Shackelford\Application Data\Microsoft<MICROS~1>
2007-02-10 12:57:15 0 d-------- C:\Documents and Settings\Michael Shackelford\Application Data\Intuit
2007-02-09 19:31:22 0 d-------- C:\Documents and Settings\Michael Shackelford\Application Data\AdobeUM
2007-01-29 02:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe
2007-01-19 15:23:54 1721976 --a------ C:\WINDOWS\system32\inetclnt.dll
2007-01-16 15:33:36 0 d-------- C:\Documents and Settings\Michael Shackelford\Application Data\Adobe
2007-01-12 09:27:42 232960 --a------ C:\WINDOWS\system32\webcheck.dll
2007-01-12 09:27:42 51712 -----n--- C:\WINDOWS\system32\msfeedsbs.dll<MSFEED~1.DLL>
2007-01-12 09:27:42 458752 -----n--- C:\WINDOWS\system32\msfeeds.dll
2007-01-12 09:27:42 6054400 --a------ C:\WINDOWS\system32\ieframe.dll
2007-01-08 19:04:54 105984 --a------ C:\WINDOWS\system32\url.dll
2007-01-08 19:04:08 102400 --a------ C:\WINDOWS\system32\occache.dll
2007-01-08 19:02:04 266752 --a------ C:\WINDOWS\system32\iertutil.dll
2007-01-08 19:02:04 44544 --a------ C:\WINDOWS\system32\iernonce.dll
2007-01-08 19:02:02 384000 --a------ C:\WINDOWS\system32\iedkcs32.dll
2007-01-08 19:02:02 383488 -----n--- C:\WINDOWS\system32\ieapfltr.dll
2007-01-08 19:02:02 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2007-01-08 19:02:02 230400 --a------ C:\WINDOWS\system32\ieaksie.dll
2007-01-08 19:02:02 153088 --a------ C:\WINDOWS\system32\ieakeng.dll
2007-01-08 19:01:14 17408 --a------ C:\WINDOWS\system32\corpol.dll
2007-01-08 19:00:48 124928 --a------ C:\WINDOWS\system32\advpack.dll
2007-01-08 18:08:14 56832 --a------ C:\WINDOWS\system32\ie4uinit.exe
2007-01-08 18:08:10 13824 --a------ C:\WINDOWS\system32\ieudinit.exe
2007-01-07 08:05:05 0 d-------- C:\Program Files\Windows Media Connect 2<WI4DF6~1>
2006-12-19 15:52:18 134656 --a------ C:\WINDOWS\system32\shsvcs.dll
2006-12-19 12:16:47 333824 --a------ C:\WINDOWS\system32\wiaservc.dll


-- Registry Dump ----------------------------------------------------------------


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Creative Detector"="\"C:\\Program Files\\Creative\\MediaSource\\Detector\\CTDetect.exe\" /R"
"swg"="\"C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe\""
"WMPNSCFG"="\"C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe\""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"FlashPlayerUpdate"="C:\\WINDOWS\\system32\\Macromed\\Flash\\GetFlash.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
"IAAnotif"="\"C:\\Program Files\\Intel\\Intel Application Accelerator\\iaanotif.exe\""
"IntelMeM"="\"C:\\Program Files\\Intel\\Modem Event Monitor\\IntelMEM.exe\""
"CTSysVol"="\"C:\\Program Files\\Creative\\SBAudigy2ZS\\Surround Mixer\\CTSysVol.exe\" /r"
"CTDVDDET"="\"C:\\Program Files\\Creative\\SBAudigy2ZS\\DVDAudio\\CTDVDDET.EXE\""
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"DIGStream"="\"C:\\Program Files\\DIGStream\\digstream.exe\""
"ISUSPM Startup"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\isuspm.exe\" -startup"
"ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"CTHelper"="CTHELPER.EXE"
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe"
"osCheck"="\"C:\\Program Files\\Norton Internet Security\\osCheck.exe\""
"nmapp"="\"C:\\Program Files\\Pure Networks\\Network Magic\\nmapp.exe\" -autorun -nosplash"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Acrobat Assistant.lnk"
"backup"="C:\\WINDOWS\\pss\\Acrobat Assistant.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Distillr\\acrotray.exe "
"item"="Acrobat Assistant"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~2.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader Speed Launch"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoStart IR.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\AutoStart IR.lnk"
"backup"="C:\\WINDOWS\\pss\\AutoStart IR.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\WinTV\\Ir.exe /QUIET"
"item"="AutoStart IR"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\QuickBooks Update Agent.lnk"
"backup"="C:\\WINDOWS\\pss\\QuickBooks Update Agent.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\COMMON~1\\Intuit\\QUICKB~1\\QBUpdate\\qbupdate.exe "
"item"="QuickBooks Update Agent"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Venturi 2.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Venturi 2.lnk"
"backup"="C:\\WINDOWS\\pss\\Venturi 2.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Venturi2\\CONFIG~1\\ventcfg.exe "
"item"="Venturi 2"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Michael Shackelford^Start Menu^Programs^Startup^Motorola Share.lnk]
"path"="C:\\Documents and Settings\\Michael Shackelford\\Start Menu\\Programs\\Startup\\Motorola Share.lnk"
"backup"="C:\\WINDOWS\\pss\\Motorola Share.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\MOTORO~1\\agent.exe "
"item"="Motorola Share"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="apdproxy"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Photo AIO Printer 942]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="dlbubmgr"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Dell Photo AIO Printer 942\\dlbubmgr.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellMCM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="memcard"
"hkey"="HKLM"
"command"="C:\\Program Files\\Dell Photo AIO Printer 942\\memcard.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DVDLauncher"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mimboot"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\MUSICM~1\\MUSICM~3\\mimboot.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mnyexpr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Microsoft Money\\System\\mnyexpr.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="nbj"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Ahead\\Nero BackItUp\\nbj.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhotoShow Deluxe Media Manager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mssysmgr"
"hkey"="HKCU"
"command"="C:\\PROGRA~1\\Nero\\data\\xtras\\mssysmgr.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerPanel Personal Edition User Interaction]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="pppeuser"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\CyberPower PowerPanel Personal Edition\\pppeuser.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RealPlay"
"hkey"="HKLM"
"command"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="realsched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="sgtray"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeUpdateManager"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_7 -reboot 1"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MSASCui"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UleadBurningHelper"=dword:00000002
"svcWRSSSDK"=dword:00000002
"SAVScan"=dword:00000003
"ose"=dword:00000003
"InCDsrvR"=dword:00000002
"Adobe LM Service"=dword:00000003


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=""
"{81559C35-8464-49F7-BB0E-07A383BEF910}"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"=dword:00000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0

*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_COMHOST
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_NVSVC


-- End of ComboScan: finished at 2007-03-03 at 21:15:34 -------------------------
Attached Files
File Type: txt Supplementary.txt (37.8 KB, 0 views)
Michael77 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 03:13 AM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2008, Tech Support Forum

Search Engine Friendly URLs by vBSEO

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82