Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 




Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > HijackThis Log Help
Unable to load updates, virus and spywares Unable to load updates, virus and spywares
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read

HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help.

Closed Thread
 
Thread Tools
Old 03-04-2007, 10:03 AM   #1 (permalink)
I helped the forums.
 
Join Date: Jan 2006
Posts: 54
OS: xp


Unable to load updates, virus and spywares
It all started with my Microsoft updates, download them, but couldn't install them.
So I turned all my virus protection off along with my spyware. Still cant install, but now something is not letting me get my virus protection back on.

Home PC, Windows XP, runs fine, for right now, but I'm sure I will be getting in trouble down the road if I can't update.

I also am unable to run any thing with active X controls, as far as the spywares that you recommend running before we post. All users are administrators on my PC. Sometimes get an error saying that I am not an administrator.

I do however get a pop up at welcome screen saying something about my window installer that I have to cancel out of. Something like: the program that you are choosing to run is not available, It might be on disk or cd, please insert cd and click OK. I get this on every users desktop and also everytime the cursor hits a program in my "All programs", the window installer error comes up again.

I've tried to reinstall Windows Installer 3.1, but each screen that I hit "next" on just flicks by, you can never see it working. It says it is installed, however it never asks me to restart.

I'm really thinking this is the culprit to everything.

I also am unable to remove any programs from add/remove. The same window installer error comes out until I have to quit the remove process.

Below is my hijack list, let me know if there is anything out of the ordinairy:
Thanks!

ComboScan v20070226.18 run by Ronald Clevenger on 2007-03-04 at 12:41:02
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Successfully created restore point.
Performed disk cleanup.


-- HijackThis (run as Ronald Clevenger.exe) -------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 12:41:17 PM, on 3/4/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\LxrSII1s.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\eFax Messenger 4.2\J2GDllCmd.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\eFax Messenger 4.2\J2GTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AIM Spyware Remover\AIM Spyware Remover.exe
C:\Program Files\AIM Spyware Remover\AIM Spyware Remover.exe
C:\Documents and Settings\Ronald Clevenger\Desktop\comboscan.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\HJT\Ronald Clevenger.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...suk&channel=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...suk&channel=us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [eFax 4.2] "C:\Program Files\eFax Messenger 4.2\J2GDllCmd.exe" /R
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: eFax 4.2.lnk = C:\Program Files\eFax Messenger 4.2\J2GTray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Snip to my eSnips account - C:\Program Files\eSnips\res\SnipIt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} -
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Lexar Secure II (LxrSII1s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrSII1s.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe


-- File Associations ------------------------------------------------------------

.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - AutoCADLTScriptFile - "C:\WINDOWS\notepad.exe" "%1"
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ----------------------

4S agpCPQ (Compaq AGP Bus Filter) - C:\WINDOWS\system32\drivers\AGPCPQ.SYS
4S alim1541 (ALI AGP Bus Filter) - C:\WINDOWS\system32\drivers\ALIM1541.SYS
4S amdagp (AMD AGP Bus Filter Driver) - C:\WINDOWS\system32\drivers\AMDAGP.SYS
2R ASCTRM - C:\WINDOWS\system32\drivers\asctrm.sys
3R ati2mtag - C:\WINDOWS\system32\drivers\ati2mtag.sys
1R AVG Anti-Spyware Driver - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
1R Avg7Core (AVG7 Kernel) - C:\WINDOWS\system32\drivers\avg7core.sys
1R Avg7RsW (AVG7 Wrap Driver) - C:\WINDOWS\system32\drivers\avg7rsw.sys
1R Avg7RsXP (AVG7 Resident Driver XP) - C:\WINDOWS\system32\drivers\avg7rsxp.sys
1R AvgAsCln (AVG Anti-Spyware Clean Driver) - C:\WINDOWS\system32\drivers\AvgAsCln.sys
1R AvgClean (AVG7 Clean Driver) - C:\WINDOWS\system32\drivers\avgclean.sys
2R AvgTdi (AVG Network Redirector) - C:\WINDOWS\system32\drivers\avgtdi.sys
4S cbidf - C:\WINDOWS\system32\drivers\cbidf2k.sys
0S cercsr6 - C:\WINDOWS\system32\drivers\cercsr6.sys
4S dac2w2k - C:\WINDOWS\system32\drivers\dac2w2k.sys
2R DLABOIOM - C:\WINDOWS\system32\DLA\DLABOIOM.SYS
1R DLACDBHM - C:\WINDOWS\system32\drivers\DLACDBHM.SYS
2R DLADResN - C:\WINDOWS\system32\DLA\DLADResN.SYS
2R DLAIFS_M - C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
2R DLAOPIOM - C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
2R DLAPoolM - C:\WINDOWS\system32\DLA\DLAPoolM.SYS
1R DLARTL_N - C:\WINDOWS\system32\drivers\DLARTL_N.SYS
2R DLAUDFAM - C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
2R DLAUDF_M - C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
0R DRVMCDB - C:\WINDOWS\system32\drivers\DRVMCDB.SYS
2R DRVNDDM - C:\WINDOWS\system32\drivers\DRVNDDM.SYS
3R E100B (Intel(R) PRO Network Connection Driver) - C:\WINDOWS\system32\drivers\e100b325.sys
3R HDAudBus (Microsoft UAA Bus Driver for High Definition Audio) - C:\WINDOWS\system32\drivers\Hdaudbus.sys
3R HidUsb (Microsoft HID Class Driver) - C:\WINDOWS\system32\drivers\hidusb.sys
3R HPZid412 (IEEE-1284.4 Driver HPZid412) - C:\WINDOWS\system32\drivers\HPZid412.sys
3R HPZipr12 (Print Class Driver for IEEE-1284.4 HPZipr12) - C:\WINDOWS\system32\drivers\HPZipr12.sys
3R HPZius12 (USB to IEEE-1284.4 Translation Driver HPZius12) - C:\WINDOWS\system32\drivers\HPZius12.sys
3R HSFHWBS2 - C:\WINDOWS\system32\drivers\HSFHWBS2.sys
3R HSF_DP - C:\WINDOWS\system32\drivers\HSF_DP.sys
1R intelppm (Intel Processor Driver) - C:\WINDOWS\system32\drivers\intelppm.sys
1R kbdhid (Keyboard HID Driver) - C:\WINDOWS\system32\drivers\kbdhid.sys
3R LHidFlt2 (Logitech HID/USB Mouse Filter Driver) - C:\WINDOWS\system32\drivers\LHidFlt2.Sys
3R LHidUsb (Logitech USB Receiver device driver) - C:\WINDOWS\system32\drivers\LHidUsb.sys
3R LMouFlt2 (Logitech Mouse Class Filter Driver) - C:\WINDOWS\system32\drivers\LMouFlt2.Sys
2R LxrSII1d (Secure II Driver) - C:\WINDOWS\system32\drivers\LxrSII1d.sys
2R mdmxsdk - C:\WINDOWS\system32\drivers\mdmxsdk.sys
3R MODEMCSA (Unimodem Streaming Filter Device) - C:\WINDOWS\system32\drivers\MODEMCSA.sys
3R mouhid (Mouse HID Driver) - C:\WINDOWS\system32\drivers\mouhid.sys
3S nv - C:\WINDOWS\system32\drivers\nv4_mini.sys
0R PxHelp20 - C:\WINDOWS\system32\drivers\pxhelp20.sys
2R rspndr (Link-Layer Topology Discovery Responder) - C:\WINDOWS\system32\drivers\rspndr.sys
0R sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - C:\WINDOWS\system32\drivers\sfdrv01.sys
0R sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - C:\WINDOWS\system32\drivers\sfhlp02.sys
0R sfvfs02 (StarForce Protection VFS Driver (version 2.x)) - C:\WINDOWS\system32\drivers\sfvfs02.sys
4S sisagp (SIS AGP Bus Filter) - C:\WINDOWS\system32\drivers\SISAGP.SYS
3S sp_rsdrv2 (Spyware Terminator Driver 2) - C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
3R STHDA (SigmaTel High Definition Audio CODEC) - C:\WINDOWS\system32\drivers\sthda.sys
1R STYLEXPHELPER - C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe
0R Teefer (Teefer for NT) - C:\WINDOWS\system32\drivers\Teefer.sys
3R usbccgp (Microsoft USB Generic Parent Driver) - C:\WINDOWS\system32\drivers\usbccgp.sys
3R usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - C:\WINDOWS\system32\drivers\usbehci.sys
3R usbprint (Microsoft USB PRINTER Class) - C:\WINDOWS\system32\drivers\usbprint.sys
3R USBSTOR (USB Mass Storage Driver) - C:\WINDOWS\system32\drivers\usbstor.sys
4S viaagp (VIA AGP Bus Filter) - C:\WINDOWS\system32\drivers\VIAAGP.SYS
3S wanatw (WAN Miniport (ATW)) - C:\WINDOWS\system32\DRIVERS\wanatw4.sys (not found)
2R wg3n (SyGate for NT, wg3n) - C:\WINDOWS\system32\drivers\wg3n.sys
2R wg4n (SyGate for NT, wg4n) - C:\WINDOWS\system32\drivers\wg4n.sys
2R wg5n (SyGate for NT, wg5n) - C:\WINDOWS\system32\drivers\wg5n.sys
2R wg6n (SyGate for NT, wg6n) - C:\WINDOWS\system32\drivers\wg6n.sys
3R winachsf - C:\WINDOWS\system32\drivers\HSF_CNXT.sys
1R wpsdrvnt - C:\WINDOWS\system32\drivers\wpsdrvnt.sys
3S WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - C:\WINDOWS\system32\drivers\WudfPf.sys
3S WudfRd (Windows Driver Foundation - User-mode Driver Framework Reflector) - C:\WINDOWS\system32\drivers\WudfRd.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

3S aspnet_state (ASP.NET State Service) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
2R Ati HotKey Poller - C:\WINDOWS\system32\Ati2evxx.exe
2R AVG Anti-Spyware Guard - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
2R Avg7Alrt (AVG7 Alert Manager Server) - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
2R Avg7UpdSvc (AVG7 Update Service) - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
2R AVGEMS (AVG E-mail Scanner) - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
4S bdss (BitDefender Scan Server) - "C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service
3S clr_optimization_v2.0.50727_32 (.NET Runtime Optimization Service v2.0.50727_X86) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
2S Fax - C:\WINDOWS\system32\fxssvc.exe
3S FontCache3.0.0.0 (Windows Presentation Foundation Font Cache 3.0.0.0) - c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
3S gusvc (Google Updater Service) - "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
3S idsvc (Windows CardSpace) - "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
2R LxrSII1s (Lexar Secure II) - LxrSII1s.exe
3S NetSvc (Intel NCS NetService) - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
3S NetTcpPortSharing (Net.Tcp Port Sharing Service) - "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
3S ose (Office Source Engine) - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
2R Pml Driver HPZ12 - C:\WINDOWS\system32\HPZipm12.exe
2R SmcService (Sygate Personal Firewall) - C:\Program Files\Sygate\SPF\smc.exe
4S sp_rssrv (Spyware Terminator Realtime Shield Service) - C:\Program Files\Spyware Terminator\sp_rsser.exe
4S StyleXPService - "C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe"
3S UMWdf (Windows User Mode Driver Framework) - C:\WINDOWS\system32\wdfmgr.exe
4S UPHClean (User Profile Hive Cleanup) - C:\Program Files\UPHClean\uphclean.exe
2R WinDefend (Windows Defender) - "C:\Program Files\Windows Defender\MsMpEng.exe"
4S WSearch (Windows Search) - C:\WINDOWS\system32\SearchIndexer.exe /Embedding
4S XCOMM (BitDefender Communicator) - "C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service
3S LiveUpdate - "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"


-- Scheduled Tasks --------------------------------------------------------------

2007-03-04 12:02:04 338 --a----c- C:\WINDOWS\Tasks\HP Usg Daily FY04.job<HPUSGD~1.JOB>
2007-03-04 02:16:00 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job<MPSCHE~1.JOB>


-- Files created between 2007-02-04 and 2007-03-04 ------------------------------

2007-03-04 03:00:31 0 d-------- C:\7e2585bb36e2a71b27a33bf4bcd8d9<7E2585~1>
2007-03-03 15:21:30 0 d-------- C:\Program Files\Symantec
2007-03-03 15:21:30 0 d-------- C:\Program Files\Common Files\Symantec Shared<SYMANT~1>
2007-03-03 15:21:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2007-03-03 10:37:08 0 d-------- C:\46bb40cc573a65174a8383c4567d1a<46BB40~1>
2007-03-03 03:00:37 0 d-------- C:\31a383410183ab978f35<31A383~1>
2007-03-02 16:07:32 0 d-------- C:\6b6a470d573d8ed96ef942e7<6B6A47~1>
2007-03-02 15:55:59 0 d-------- C:\ad8aa5c97cd8178acdd47e86bc67<AD8AA5~1>
2007-03-02 07:53:18 0 d--h---c- C:\WINDOWS\ie7
2007-03-02 07:08:54 0 d-------- C:\80830f55e1c0195a09<80830F~1>
2007-03-02 03:00:20 0 d-------- C:\3e5f58688242437385936f9eb86cc9<3E5F58~1>
2007-03-02 00:38:04 0 d-------- C:\5fca2cc7366db9c75ded42e35cf5a81a<5FCA2C~1>
2007-03-02 00:21:41 0 d-------- C:\fbc9ab46536fb75b03d547fe<FBC9AB~1>
2007-03-02 00:13:33 0 d-------- C:\5d9061a6bacc25d81c9b01fe4daa<5D9061~1>
2007-03-02 00:03:15 0 d-------- C:\90b8f21968630ae462<90B8F2~1>
2007-03-01 22:45:09 0 d-------- C:\WINDOWS\Prefetch
2007-03-01 22:34:46 0 dr------- C:\WINDOWS\Offline Web Pages<OFFLIN~1>
2007-03-01 22:34:32 0 d--h----- C:\Program Files\WindowsUpdate<WI508F~1>
2007-03-01 22:32:53 0 d-------- C:\WINDOWS\system32\FxsTmp
2007-03-01 22:25:45 24661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-03-01 22:25:45 13312 --a------ C:\WINDOWS\system32\irclass.dll
2007-03-01 22:11:20 0 d-------- C:\WINDOWS\setup.pss
2007-03-01 21:12:11 0 d-------- C:\cc8aabc83791ac3cb714132d75<CC8AAB~1>
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\system32\wins
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\system32\ShellExt
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\system32\export
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\system32\dhcp
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\system32\3076
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\system32\2052
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\system32\1054
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\system32\1042
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\system32\1041
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\system32\1037
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\system32\1031
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\system32\1028
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\system32\1025
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\repair
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\mui
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\msapps
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\java
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\dell
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\Connection Wizard<CONNEC~1>
2007-03-01 17:13:39 0 d-------- C:\WINDOWS\Config
2007-03-01 05:43:48 0 d-------- C:\c89ee0cd7126ea76ca<C89EE0~1>
2007-03-01 03:00:34 0 d-------- C:\e7163fbfc56b84fc148eb7755b916996<E7163F~1>
2007-02-28 06:41:00 0 d-------- C:\76a61dfd8b08f69d0779d1b16bd571<76A61D~1>
2007-02-28 06:37:07 0 d-------- C:\04280178c57cd33053a34fcbbe<042801~1>
2007-02-28 06:29:02 0 d-------- C:\6c4fd3a5959b782cecc3db3dcd<6C4FD3~1>
2007-02-28 06:25:31 0 d-------- C:\83a7c0ecade3b7a980b2e079<83A7C0~1>
2007-02-28 06:22:31 0 d-------- C:\c3869dea1ad26a47e13cd8b2<C3869D~1>
2007-02-28 06:21:34 0 d---s---- C:\Documents and Settings\Camille\UserData
2007-02-28 03:00:31 0 d-------- C:\597ab5b1c881e2eaba71<597AB5~1>
2007-02-27 07:42:17 0 d-------- C:\0a531389bca8be8a91ff69<0A5313~1>
2007-02-27 03:00:29 0 d-------- C:\0a4b1ee315c49c8a4b9bc6<0A4B1E~1>
2007-02-26 21:19:25 0 d-------- C:\af4fe5a0dd1e547ce68f9f28e6f4aef2<AF4FE5~1>
2007-02-26 21:11:09 0 d-------- C:\Program Files\PCPitstop<PCPITS~1>
2007-02-26 07:25:45 0 d-------- C:\89c2e87f7e0fec20c920<89C2E8~1>
2007-02-26 07:21:29 0 d-------- C:\38c8c6498783cab81e<38C8C6~1>
2007-02-26 07:02:49 0 d-------- C:\fcfdb40fdf09891639dbe3d8a0<FCFDB4~1>
2007-02-26 06:44:05 0 d-------- C:\722dfadff1ddb3fbfea644<722DFA~1>
2007-02-26 06:42:47 0 d-------- C:\cfe1d17d983a936ac7afc126ba327e14<CFE1D1~1>
2007-02-26 06:41:53 0 d---s---- C:\Documents and Settings\Exact measure\UserData
2007-02-25 23:03:45 0 d-------- C:\7abff3bef630598a11be13<7ABFF3~1>
2007-02-25 20:59:37 0 d-------- C:\Program Files\The Weather Channel FW<THEWEA~1>
2007-02-25 20:59:18 0 d-------- C:\Desktop Weather<DESKTO~1>
2007-02-25 20:52:53 0 d-------- C:\cdbe6a24a0e7bdc08b0151d7979f<CDBE6A~1>
2007-02-25 10:36:14 0 d-------- C:\Documents and Settings\Exact measure\Application Data\Spyware Terminator<SPYWAR~1>
2007-02-25 10:36:11 0 d-------- C:\Documents and Settings\Exact measure\Application Data\Adobe
2007-02-25 10:36:07 0 d-------- C:\Documents and Settings\Exact measure\Application Data\WinPatrol<WINPAT~1>
2007-02-25 10:36:07 0 d-------- C:\Documents and Settings\Exact measure\Application Data\AVG7
2007-02-25 10:36:01 0 d-------- C:\Documents and Settings\Exact measure\Application Data\Google
2007-02-25 10:35:44 0 d-------- C:\Documents and Settings\Exact measure\Application Data\Gtek
2007-02-25 10:35:43 1835008 --ah----- C:\Documents and Settings\Exact measure\NTUSER.DAT
2007-02-25 10:35:43 0 d-------- C:\Documents and Settings\Exact measure\Application Data\Sun
2007-02-25 10:22:21 66048 --a------ C:\WINDOWS\ieResetIcons.exe<IERESE~1.EXE>
2007-02-25 09:58:49 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2007-02-25 09:58:07 0 d-------- C:\c61909f3b058bfe0db25c1abfc0441<C61909~1>
2007-02-25 08:37:25 0 d-------- C:\dbd91e0b2586cc1f06ce36ab<DBD91E~1>
2007-02-25 08:10:46 0 d-------- C:\a77850c5b41ef45fc31ca1a7be5b1709<A77850~1>
2007-02-25 03:00:40 0 d-------- C:\6d6b2a679daa54fc8d3c9ab33968<6D6B2A~1>
2007-02-24 20:55:11 0 d-------- C:\5058de09c5464844b2<5058DE~1>
2007-02-24 20:49:20 0 d-------- C:\a3045907511fd5b12d8ea66e<A30459~1>
2007-02-24 20:17:41 0 d-------- C:\3e3cbda259c6f4cd591ad104f8076e<3E3CBD~1>
2007-02-24 20:15:24 0 d-------- C:\e3b680a86c1598bec751ab1c<E3B680~1>
2007-02-24 06:38:51 0 d-------- C:\d3af2ed64dc7bd0f7bb56f23<D3AF2E~1>
2007-02-24 03:00:44 0 d-------- C:\40e3bddb346ed37d60<40E3BD~1>
2007-02-23 03:00:43 0 d-------- C:\95cab86a2d88513088265c5c442c<95CAB8~1>
2007-02-22 03:01:01 0 d-------- C:\6daf06ed2924baed583514b3be20<6DAF06~1>
2007-02-21 03:00:44 0 d-------- C:\7a00abc440577699a33fbd<7A00AB~1>
2007-02-20 03:01:08 0 d-------- C:\a0c633b4b62c3a53dd<A0C633~1>
2007-02-19 20:46:18 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-02-19 03:00:40 0 d-------- C:\ff284762abc6108442a8abcb59bec7ce<FF2847~1>
2007-02-18 18:05:00 0 d-------- C:\71230cee41333caa2ff8<71230C~1>
2007-02-18 14:22:42 0 d-------- C:\Program Files\Playlogic<PLAYLO~1>
2007-02-18 08:53:20 0 d-------- C:\Documents and Settings\Teresa\Application Data\Windows Desktop Search<WINDOW~1>
2007-02-18 08:52:57 0 d-------- C:\Documents and Settings\Teresa\Application Data\WinPatrol<WINPAT~1>
2007-02-18 03:00:42 0 d-------- C:\d38f55b049018435ce5fda5d<D38F55~1>
2007-02-17 14:02:40 0 d-------- C:\WINDOWS\pss
2007-02-17 10:53:31 0 d-------- C:\Documents and Settings\Camille\Application Data\Windows Desktop Search<WINDOW~1>
2007-02-17 07:57:04 0 d-------- C:\f79c2b86028db9901b78802911a4f80c<F79C2B~1>
2007-02-17 03:01:49 0 d-------- C:\b3abbd331a7b02f149d4da29<B3ABBD~1>
2007-02-16 23:12:29 208896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-02-16 23:11:33 0 d-------- C:\NVIDIA
2007-02-16 22:55:19 0 d-------- C:\Program Files\UPHClean
2007-02-16 22:50:01 0 d-------- C:\Documents and Settings\Ronald Clevenger\Application Data\Windows Desktop Search<WINDOW~1>
2007-02-16 22:49:18 0 d-------- C:\Program Files\Windows Desktop Search<WINDOW~3>
2007-02-15 15:32:14 0 d-------- C:\Documents and Settings\Camille\Application Data\WinPatrol<WINPAT~1>
2007-02-14 22:27:59 0 d-------- C:\Documents and Settings\NetworkService\Application Data\AVG7
2007-02-14 22:24:04 0 d-------- C:\Program Files\Paint.NET
2007-02-14 03:00:35 0 d-------- C:\74bf285129d64dc22597a30a38<74BF28~1>
2007-02-13 03:00:32 0 d-------- C:\457c77a3ee81cb88765b71d06f5b<457C77~1>
2007-02-12 03:00:34 0 d-------- C:\8fad3aa895a61e99521b6233922a54e4<8FAD3A~1>
2007-02-11 07:47:14 0 d-------- C:\01c5de58622cf536e1f0<01C5DE~1>
2007-02-11 07:46:17 0 d-------- C:\583e228106ff911932<583E22~1>
2007-02-11 03:00:32 0 d-------- C:\a917fb792bb4819300b7<A917FB~1>
2007-02-10 07:51:00 0 d-------- C:\Program Files\Pro Imaging Powertoys<PROIMA~1>
2007-02-10 03:00:57 0 d-------- C:\a612d10e4485b4e2efb80a4ad70762<A612D1~1>
2007-02-09 03:00:35 0 d-------- C:\2f1222134dc1d80f4dc3d44c06cbe81c<2F1222~1>
2007-02-08 03:00:46 0 d-------- C:\d864e3011968acfc6c<D864E3~1>
2007-02-07 03:00:28 0 d-------- C:\98106b772b535424af<98106B~1>
2007-02-06 03:00:32 0 d-------- C:\60e7346469ecae516d<60E734~1>
2007-02-05 03:00:27 0 d-------- C:\4d9d0eb1aba5b00f161c47459c2c<4D9D0E~1>
2007-02-04 03:00:30 0 d-------- C:\8a678210ca918763ffcdee<8A6782~1>


-- Find3M Report ----------------------------------------------------------------

2007-03-04 10:47:12 0 d-------- C:\Program Files\SpywareBlaster<SPYWAR~1>
2007-03-04 10:43:23 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-03-04 10:33:46 0 d-------- C:\Program Files\Hitman Pro<HITMAN~1>
2007-03-03 15:16:17 0 d-------- C:\Program Files\a-squared Free<A-SQUA~2>
2007-03-03 14:31:40 0 d-------- C:\Program Files\SpywareGuard<SPYWAR~2>
2007-03-03 13:38:29 0 d---s---- C:\Documents and Settings\Ronald Clevenger\Application Data\Microsoft<MICROS~1>
2007-03-01 22:33:46 23444 --a----c- C:\WINDOWS\system32\emptyregdb.dat<EMPTYR~1.DAT>
2007-03-01 21:38:41 5018 --ahs--c- C:\WINDOWS\system32\KGyGaAvL.sys
2007-03-01 21:38:41 56 -rahs--c- C:\WINDOWS\system32\381DA62147.sys<381DA6~1.SYS>
2007-03-01 2108 0 d-------- C:\Documents and Settings\Ronald Clevenger\Application Data\AVG7
2007-03-01 07:37:31 0 d-------- C:\Program Files\HomeTech42<HOMETE~1>
2007-02-27 22:01:42 88 -rahs--c- C:\WINDOWS\system32\4721A61D38.sys<4721A6~1.SYS>
2007-02-26 20:10:16 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard<WISEIN~1>
2007-02-26 07:41:56 0 d-------- C:\Program Files\Google
2007-02-26 07:21:03 0 d-------- C:\Program Files\RegScrubXP<REGSCR~1>
2007-02-25 20:46:39 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-02-25 20:26:57 0 d-------- C:\Program Files\Broderbund<BRODER~1>
2007-02-25 16:36:58 0 d-------- C:\Program Files\Advanced Spyware Remover<ADVANC~1>
2007-02-25 16:35:31 0 d-------- C:\Program Files\eSnips
2007-02-25 16:35:22 0 d-------- C:\Program Files\Spyware Terminator<SPYWAR~3>
2007-02-18 14:01:25 0 d-------- C:\Program Files\Amazing Photo Editor<AMAZIN~1>
2007-02-16 20:09:08 0 d-------- C:\Program Files\AutoCAD LT 2004<AUTOCA~1>
2007-02-15 21:11:10 0 d-------- C:\Program Files\Common Files\ODBC
2007-02-15 08:32:17 0 d-------- C:\Documents and Settings\Ronald Clevenger\Application Data\WinPatrol<WINPAT~1>
2007-02-14 22:27:57 0 d-------- C:\Program Files\WordPerfect Office 12<WORDPE~1>
2007-02-14 22:27:56 0 d-------- C:\Program Files\Web Publish<WEBPUB~1>
2007-02-14 22:27:52 0 d-------- C:\Program Files\Modem Helper<MODEMH~1>
2007-02-14 22:27:50 0 d-------- C:\Program Files\Maxthon
2007-02-14 22:27:47 0 d-------- C:\Program Files\DivX
2007-02-14 22:27:47 0 d-------- C:\Program Files\Dell
2007-02-14 22:27:46 0 d-------- C:\Program Files\Corel Corporation<CORELC~1>
2007-02-14 22:27:45 0 d-------- C:\Program Files\Common Files\AOL
2007-02-14 22:27:44 0 d-------- C:\Program Files\Avant Browser<AVANTB~1>
2007-02-14 22:27:42 0 d-------- C:\Program Files\a-squared HiJackFree<A-SQUA~1>
2007-02-14 22:27:35 0 d-------- C:\Documents and Settings\Ronald Clevenger\Application Data\Identities<IDENTI~1>
2007-02-14 22:27:34 0 d-------- C:\Documents and Settings\Ronald Clevenger\Application Data\Adobe
2007-01-31 23:13:44 0 d-------- C:\Program Files\Common Files\Adobe
2007-01-31 23:01:39 0 d-------- C:\Program Files\Softland
2007-01-31 06:50:35 0 d-------- C:\Program Files\Outlook on the Desktop<OUTLOO~2>
2007-01-30 06:51:04 0 d-------- C:\Documents and Settings\Ronald Clevenger\Application Data\Help
2007-01-29 03:58:06 60416 --a------ C:\WINDOWS\system32\tzchange.exe
2007-01-28 08:58:12 0 d-------- C:\Program Files\Cobian Backup 8<COBIAN~1>
2007-01-27 07:22:06 0 d-------- C:\Documents and Settings\Ronald Clevenger\Application Data\Uniblue
2007-01-27 07:07:37 0 d-------- C:\Program Files\Java
2007-01-26 16:12:36 520192 --a------ C:\WINDOWS\system32\novamnl4.dll
2007-01-26 16:03:56 9728 --a------ C:\WINDOWS\system32\novamil4.dll
2007-01-21 23:37:43 0 d-------- C:\Program Files\MSECache
2007-01-21 21:13:25 0 d-------- C:\Documents and Settings\Ronald Clevenger\Application Data\Avant Profiles<AVANTP~1>
2007-01-21 20:59:20 0 d-------- C:\Documents and Settings\Ronald Clevenger\Application Data\Opera
2007-01-21 20:59:11 0 d-------- C:\Program Files\Opera
2007-01-21 01:31:26 0 d-------- C:\Documents and Settings\Ronald Clevenger\Application Data\Spyware Terminator<SPYWAR~1>
2007-01-21 00:29:36 0 d-------- C:\Program Files\Overland
2007-01-21 00:29:36 0 d-------- C:\Program Files\NetWaiting<NETWAI~1>
2007-01-21 00:29:36 0 d-------- C:\Program Files\Microsoft Plus! Photo Story 2 LE<MICROS~3>
2007-01-21 00:29:36 0 d-------- C:\Program Files\Microsoft Bootvis<MIEE63~1>
2007-01-21 00:29:35 0 d-------- C:\Program Files\EarthLink Setup<EARTHL~1>
2007-01-21 00:29:35 0 d-------- C:\Program Files\DupKiller<DUPKIL~1>
2007-01-21 00:29:35 0 d-------- C:\Program Files\Digital Line Detect<DIGITA~1>
2007-01-21 00:29:26 0 d-------- C:\Program Files\QuickTime<QUICKT~1>
2007-01-21 00:18:57 0 d-------- C:\Program Files\DustBuster<DUSTBU~1>
2007-01-20 23:52:16 0 d-------- C:\Program Files\HDCleaner<HDCLEA~1>
2007-01-19 23:50:43 0 d-------- C:\Program Files\AIM Spyware Remover<AIMSPY~1>
2007-01-14 10:14:23 3072 -----n--- C:\Documents and Settings\Ronald Clevenger\Application Data\dvd.bmk
2007-01-12 09:27:42 232960 --a------ C:\WINDOWS\system32\webcheck.dll
2007-01-12 09:27:42 51712 -------c- C:\WINDOWS\system32\msfeedsbs.dll<MSFEED~1.DLL>
2007-01-12 09:27:42 458752 -------c- C:\WINDOWS\system32\msfeeds.dll
2007-01-12 09:27:42 6054400 --a------ C:\WINDOWS\system32\ieframe.dll
2007-01-10 07:39:45 0 d-------- C:\Documents and Settings\Ronald Clevenger\Application Data\Ipswitch
2007-01-10 07:39:33 0 d-------- C:\Program Files\Ipswitch
2007-01-09 21:39:04 0 d-------- C:\Documents and Settings\Ronald Clevenger\Application Data\AdobeUM
2007-01-08 19:04:54 105984 --a------ C:\WINDOWS\system32\url.dll
2007-01-08 19:04:08 102400 --a------ C:\WINDOWS\system32\occache.dll
2007-01-08 19:02:04 266752 --a------ C:\WINDOWS\system32\iertutil.dll
2007-01-08 19:02:04 44544 --a----c- C:\WINDOWS\system32\iernonce.dll
2007-01-08 19:02:02 384000 --a----c- C:\WINDOWS\system32\iedkcs32.dll
2007-01-08 19:02:02 383488 --a----c- C:\WINDOWS\system32\ieapfltr.dll
2007-01-08 19:02:02 161792 --a----c- C:\WINDOWS\system32\ieakui.dll
2007-01-08 19:02:02 230400 --a----c- C:\WINDOWS\system32\ieaksie.dll
2007-01-08 19:02:02 153088 --a----c- C:\WINDOWS\system32\ieakeng.dll
2007-01-08 19:00:48 124928 --a------ C:\WINDOWS\system32\advpack.dll
2007-01-08 18:08:14 56832 --a----c- C:\WINDOWS\system32\ie4uinit.exe
2007-01-08 18:08:10 13824 --a----c- C:\WINDOWS\system32\ieudinit.exe
2007-01-06 19:43:38 0 d-------- C:\Program Files\Picasa2
2007-01-04 17:53:29 114688 --a----c- C:\WINDOWS\SeaMonkeyUninstall.exe<SEAMON~1.EXE>
2007-01-04 17:53:29 8734 --a----c- C:\WINDOWS\mozver.dat
2006-12-24 16:18:35 4608 --a----c- C:\WINDOWS\system32\w95inf32.dll
2006-12-24 16:18:35 2272 --a----c- C:\WINDOWS\system32\w95inf16.dll
2006-12-20 16:55:04 290816 --a----c- C:\WINDOWS\system32\MpegVideo.dll<MPEGVI~1.DLL>
2006-12-20 16:55:04 438272 --a----c- C:\WINDOWS\system32\MpegAudio.dll<MPEGAU~1.DLL>
2006-12-20 08:24:24 114688 --a----c- C:\WINDOWS\GREUninstall.exe<GREUNI~1.EXE>
2006-12-19 16:52:18 134656 --a------ C:\WINDOWS\system32\shsvcs.dll
2006-12-19 13:16:47 333824 --a----c- C:\WINDOWS\system32\wiaservc.dll
2006-12-12 11:30:29 520192 --a----c- C:\WINDOWS\system32\DivXsm.exe
2006-12-12 11:30:26 3596288 --a----c- C:\WINDOWS\system32\qt-dx331.dll
2006-12-12 11:30:18 200704 --a----c- C:\WINDOWS\system32\ssldivx.dll
2006-12-12 11:30:18 1044480 --a----c- C:\WINDOWS\system32\libdivx.dll
2006-12-12 11:25:25 196608 --a----c- C:\WINDOWS\system32\dtu100.dll
2006-12-12 11:25:25 73728 --a----c- C:\WINDOWS\system32\dpl100.dll
2006-12-12 11:25:24 53248 --a----c- C:\WINDOWS\system32\dpuGUI10.dll
2006-12-12 11:25:22 57344 --a----c- C:\WINDOWS\system32\dpv11.dll
2006-12-12 11:25:22 344064 --a----c- C:\WINDOWS\system32\dpus11.dll
2006-12-12 11:25:22 593920 --a----c- C:\WINDOWS\system32\dpuGUI11.dll
2006-12-12 11:25:22 294912 --a----c- C:\WINDOWS\system32\dpu11.dll
2006-12-12 11:25:22 294912 --a----c- C:\WINDOWS\system32\dpu10.dll
2006-12-12 11:25:20 806912 --a----c- C:\WINDOWS\system32\divx_xx0c.dll<DIVX_X~1.DLL>
2006-12-12 11:25:20 806912 --a----c- C:\WINDOWS\system32\divx_xx07.dll<DIVX_X~2.DLL>
2006-12-12 11:25:19 790528 --a----c- C:\WINDOWS\system32\divx_xx11.dll<DIVX_X~3.DLL>
2006-12-12 11:25:19 635486 --a----c- C:\WINDOWS\system32\DivX.dll
2006-12-12 11:24:42 12288 --a----c- C:\WINDOWS\system32\DivXWMPExtType.dll<DIVXWM~1.DLL>
2006-12-12 11:24:42 118784 --a----c- C:\WINDOWS\system32\DivXCodecUpdateChecker.exe<DIVXCO~1.EXE>
2006-12-07 00:29:34 2374472 --a------ C:\WINDOWS\system32\wmvcore.dll


-- Registry Dump ----------------------------------------------------------------


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"DellSupport"="\"C:\\Program Files\\Dell Support\\DSAgnt.exe\" /startup"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
"RoboForm"="\"C:\\Program Files\\Siber Systems\\AI RoboForm\\RoboTaskBarIcon.exe\""
"DW4"="\"C:\\Program Files\\The Weather Channel FW\\Desktop Weather\\DesktopWeather.exe\""
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"DMXLauncher"="C:\\Program Files\\Dell\\Media Experience\\DMXLauncher.exe"
"HPHUPD06"="C:\\Program Files\\HP\\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\\hphupd06.exe"
"HP Component Manager"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"HPHmon06"="C:\\WINDOWS\\system32\\hphmon06.exe"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"SmcService"="C:\\PROGRA~1\\Sygate\\SPF\\smc.exe -startgui"
"eFax 4.2"="\"C:\\Program Files\\eFax Messenger 4.2\\J2GDllCmd.exe\" /R"
"Logitech Utility"="Logi_MwX.Exe"
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\\Program Files\\Google\\Gmail Notifier\\gnotify.exe"
"SigmatelSysTrayApp"="stsystra.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Ronald Clevenger^Start Menu^Programs^Startup^SpywareGuard.lnk]
"path"="C:\\Documents and Settings\\Ronald Clevenger\\Start Menu\\Programs\\Startup\\SpywareGuard.lnk"
"backup"="C:\\WINDOWS\\pss\\SpywareGuard.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\SPYWAR~2\\sgmain.exe "
"item"="SpywareGuard"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="atiptaxx"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DLACTRLW"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\System32\\DLA\\DLACTRLW.EXE"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="isuspm"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\isuspm.exe\" -startup"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="issch"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mimboot"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\MUSICM~1\\MUSICM~3\\mimboot.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PicasaMediaDetector"
"hkey"="HKLM"
"command"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TeaTimer"
"hkey"="HKCU"
"command"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinPatrol]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="winpatrol"
"hkey"="HKLM"
"command"="C:\\Program Files\\BillP Studios\\WinPatrol\\winpatrol.exe"
"inimapping"="0"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{81559C35-8464-49F7-BB0E-07A383BEF910}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=dword:00000000
"DisableRegedit"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system\Shell]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000000
"LinkResolveIgnoreLinkInfo"=dword:00000000
"NoResolveSearch"=dword:00000001
"ClearRecentDocsOnExit"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"=dword:00000001
"NoSaveSettings"=dword:00000000
"NoSMConfigurePrograms"=dword:00000001
"NoRecentDocsMenu"=dword:00000001
"LinkResolveIgnoreLinkInfo"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoLowDiskSpaceChecks"=dword:00000001
"ClearRecentDocsOnExit"=hex:01

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoLowDiskSpaceChecks"=dword:00000001
"ClearRecentDocsOnExit"=hex:01

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0

*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_LIVEUPDATE


-- End of ComboScan: finished at 2007-03-04 at 12:41:44 -------------------------
rclarkc is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Closed Thread

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 02:28 AM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2008, Tech Support Forum

Search Engine Friendly URLs by vBSEO

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81