Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 


Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads
Reload this Page Help Please!
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read


Resolved HJT Threads Resolved spyware and popup issues.

 
 
LinkBack Thread Tools
Old 01-17-2007, 08:11 AM   #1 (permalink)
Registered User
 
Join Date: Jan 2007
Posts: 4
OS: XP


Mistake Help Please!
Hello,
I have been a member here for about a year now. However, today I had to change my name because for some reason I could not log in under my old name which was simply 'techallenged'--anyway...
I posted here on January 8 originally and received no response--even after bumping up my post (after the 48 hour rule). I have yet to receive a response--not exactly sure why because I've looked and I've noticed that there were people who posted after me and they received responses. I thought you went in order...well, I guess that doesn't matter now.
Okay, I guess mine was just overlooked....
I'm trying again...
I've done ALL of the scans that you have listed and nothing comes up---nothing major just a few negligent items.

My computer is lagging when logging on. Also if it is idle for a few minutes or more the internet connection goes off. There is nothing wrong with my home internet connection because our other computers are fine even when mine is acting up. I have to restart my computer in order to get the internet to work again after an idle period.
Also when I log out I sometimes get a message reading End Program followed by a lot of squares and a couple of symbols. I've never seen that before so I have no idea what it is. I also sometimes get a message saying End Program-O and I don't know what 'O' is.

Please help me. Thanks so much!
Here is my HJT Log from today.

Logfile of HijackThis v1.99.1
Scan saved at 10:02:13 AM, on 1/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTserv.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Lexmark 5400 Series\lxctmon.exe
C:\Program Files\Lexmark 5400 Series\ezprint.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.symantec.com/techsupp/activation/activate-redirect.jsp?LG=ENG&IVR=3004107512983456157227888455510243628301811962619&SO={257BBC47-1B26-432e-9F84-188603799DD3}
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1126483614609
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/v...fo/webscan.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LXCTCustomerConnect - Lexmark International Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\LXCTserv.exe
O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
*techallenged* is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here

Old 01-17-2007, 08:48 AM   #2 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 27,043
OS: WinXP and Vista


Hello *techallenged*,

Our apologies for the oversight of your original thread.

Unfortunately, not much is manifesting itself in this log. We'll run a few tools and see if the malware is revealed.

Please copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.

******************************************************

You currently have 2 Anti Virus programs installed. While it may seem to be added protection for you, more than 1 Anti Virus can cause conflicts and confusion between the AV programs as well as system instability. Please choose and run only 1 and uninstall the other via the Add/Remove Programs in the Control Panel.

******************************************************

Disable WinPatrol as it may interfere with the fix:
  • Right-click the running icon of Winpatrol in the system tray and choose exit. It will automatically restart at next boot.
******************************************************

Download AVG Anti Spyware

Use the link at the bottom of the page under "AVG Anti-Spyware Free for Windows"

  • Install AVG Anti Spyware
  • Double-click the icon on Desktop to launch AVG
  • On the top of the main screen click Shield
  • Click the word active to change it to inactive
  • On the top of the main screen click Update.
  • Then click on Start Update. The update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
When you have finished updating, EXIT AVG Anti Spyware. Do Not run a scan just yet, we will shortly.

--------------------------------------------------------------------

Download and install CleanUp! but do not run it yet. (Not Recommended for XP64).

--------------------------------------------------------------------

Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Use the up arrow key to highlight Safe Mode and press Enter.
5) Login with your usual account. Make sure to close any open browsers.

--------------------------------------------------------------------


Open HijackThis and click on 'Do a System Scan Only'. 'Check' the following entries:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =


Click 'Fix Checked' and close HijackThis.

--------------------------------------------------------------------

*WARNING* Cleanup deletes EVERYTHING out of temp/temporary folders and does not make backups. If you have any documents or programs that are saved in any Temporary Folders, please make a backup of these before running CleanUp! or move them to a permanent location.

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:
*Click "Options..."
*Move the arrow down to "Custom CleanUp!"
*Put a check next to the following:
  • Empty Recycle Bins
  • Delete Cookies
  • Delete Prefetch files
  • Cleanup! All Users
  • Click on the "Temporary Files" and uncheck the box for "Scan drives for file matching" if it's checked.
Click OK
Press the CleanUp! button to start the program. Do NOT reboot/logoff when prompted.

--------------------------------------------------------------------

IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
Run AVG Anti-Spyware with it's updated definitions:(...it's important that all windows must be closed)
  • Click Scanner
  • Click on the Scan tab
  • Click Complete System Scan to begin scanning.
    Once the scan is complete do the following:
  • If you have any infections you will prompted, **Please ensure it is set to Quarantine then select "Apply all actions"
  • Once finished, click the Save report button, then click Save Report As and save it to your desktop. (make sure to remember where you saved that file, this is important).
**AVG Anti-Spyware is compatible with most AV and anti-spyware products, and the free version will continue to be useful as a second anti-malware scanner.

--------------------------------------------------------------------

Reboot into Normal Mode.

--------------------------------------------------------------------

Please run this online scan to search for any remnants. It can take some time, so please be patient and allow it to run it's full course:

Perform an online scan with Internet Explorer with Panda ActiveScan
  1. Click on located at the bottom of the page.
  2. A "pop up" window will appear. * Please ensure that your pop up blocker doesn't block it *
  3. Enter your e-mail address, country, and state & click "Free Online Scan" *The download of the 8 MB Panda's ActiveX control will take place*
Begin the scan by selecting
  • If it finds any malware, it will offer you a report.
  • Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later.
  • Click on then click
* You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
* Turn off the real time scanner of any existing antivirus program while performing the online scan

--------------------------------------------------------------------

Download Combofix and save it to your desktop.

**Note: It is important that it is saved directly to your desktop**

-------------------------------------

Close any open browsers.

-------------------------------------

Double click on combofix.exe & follow the prompts.
When finished, it shall produce a log for you.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall

Post the ComboFix.txt in your next reply.

--------------------------------------------------------------------

Run a new scan with HijackThis and save the log.

--------------------------------------------------------------------

Please include the following in your next reply:

AVG Anti-Spyware results
Panda results
ComboFix.txt
New HijackThis log
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-17-2007, 12:06 PM   #3 (permalink)
Registered User
 
Join Date: Jan 2007
Posts: 4
OS: XP


Hi Ried,

Thanks so much for your help! I've been busy running the scans. A couple of them took quite a bit of time to complete but I am finished (YEAH!).

Okay, I'm posting all of my logs:

AVG Log:
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 135 PM 1/17/2007

+ Scan result:



:mozilla.112:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.113:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.114:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.251:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.173:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.174:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.176:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.177:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.178:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.89:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Co : Cleaned.
:mozilla.156:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.164:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.217:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.234:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.180:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.182:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.183:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.184:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.196:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.245:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
:mozilla.246:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
:mozilla.64:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.65:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.66:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.67:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.69:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.78:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.152:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.153:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.154:C:\Documents and Settings\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.155:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.156:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.157:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.158:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.137:C:\Documents and Setting\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.138:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.139:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.140:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.55:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.56:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.57:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.58:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.59:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.60:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.64:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.108:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.109:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.110:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.111:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.112:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.113:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.114:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.115:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.15:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.16:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.17:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.18:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.19:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookiesnew.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.101:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.102:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.103:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.104:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.105:C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned.


::Report end

I'm sorry but my 4 year old needs me right now. I'm going to come right back to post the other logs ASAP (few minutes). Thanks.
*techallenged* is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-17-2007, 12:38 PM   #4 (permalink)
Registered User
 
Join Date: Jan 2007
Posts: 4
OS: XP


Continued Scans
I can't believe I finished pasting all of my scans here and then I lost it!! http://www.techsupportforum.com/imag...es/1-upset.gif


Okay, here I go again... so sorry for the delay (S)---

PandaScan

Incident Status Location

Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\0xhshg7g.default\cookies-1.txt[.realmedia.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\\Cookies\@realmedia[1].txt
-----------------------------------
ComboFix

"" - 07-01-17 13:43:05 Service Pack 2
ComboFix 07-01-16.2 - Running from: "C:\Documents and Settings\\Desktop"

((((((((((((((((((((((((((((((( Files Created from 2006-12-17 to 2007-01-17 ))))))))))))))))))))))))))))))))))


2007-01-17 11:36 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-01-13 11:30 <DIR> d-------- C:\WINDOWS\ie7updates
2007-01-10 19:49 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-01-09 18:18 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2007-01-09 14:42 <DIR> d-------- C:\DOCUME~1\~1\.housecall6.6
2006-12-28 16:21 <DIR> d-------- C:\Program Files\QuickTime


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-01-17 13:28 -------- d-------- C:\Program Files\lexmark toolbar
2007-01-17 13:28 -------- d-------- C:\Program Files\lexmark 5400 series
2007-01-17 13:26 -------- d-------- C:\Program Files\google
2007-01-17 13:26 -------- d-------- C:\Program Files\digital line detect
2007-01-17 13:26 -------- d-------- C:\Program Files\dell support
2007-01-17 13:25 -------- d-------- C:\Program Files\apoint
2007-01-17 11:36 -------- d-------- C:\Program Files\grisoft
2007-01-17 11:28 -------- d-------- C:\Program Files\mozilla firefox
2007-01-14 13:02 -------- d-------- C:\Program Files\spywareblaster
2007-01-11 21:32 -------- d-------- C:\Program Files\lx_cats
2007-01-10 20:10 -------- d-------- C:\Program Files\itunes
2006-12-20 20:21 -------- d-------- C:\DOCUME~1\~1\Application Data\jasc software inc
2006-12-20 18:03 -------- d-------- C:\DOCUME~1\~1\Application Data\adobe
2006-12-13 18:40 -------- d-------- C:\DOCUME~1\~1\Application Data\5400 series
2006-12-13 18:36 -------- d-------- C:\Program Files\abbyy finereader 6.0 sprint
2006-12-07 01:40 2362184 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-12-04 23:19 875 --a------ C:\DOCUME~1\~1\Application Data\adobedlm.log
2006-12-04 23:19 0 --a------ C:\DOCUME~1\~1\Application Data\dm.ini
2006-12-04 23:18 -------- d-------- C:\Program Files\Common Files\adobe
2006-12-02 17:15 -------- d-------- C:\Program Files\java
2006-12-02 17:13 -------- d-------- C:\Program Files\Common Files\java
2006-11-28 10:15 -------- d-------- C:\Program Files\symantec
2006-11-28 10:15 -------- d-------- C:\Program Files\Common Files\symantec shared
2006-11-27 22:29 -------- d-------- C:\Program Files\musicmatch
2006-11-27 22:27 -------- d--h----- C:\Program Files\installshield installation information
2006-11-25 18:33 -------- d-------- C:\Program Files\ipod
2006-11-25 18:26 -------- d-------- C:\Program Files\apple software update
2006-11-08 00:06 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-11-07 21:03 6049280 --------- C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-11-07 21:03 180736 --------- C:\WINDOWS\system32\ieui.dll
2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-10-19 08:56 713216 --a------ C:\WINDOWS\system32\sxs.dll
2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\winfxdocobj.exe
2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll
2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll
2006-10-17 12:03 17408 --a------ C:\WINDOWS\system32\corpol.dll
2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"DellSupport"="\"C:\\Program Files\\Dell Support\\DSAgnt.exe\" /startup"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Zone Labs Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
"WinPatrol"="C:\\PROGRA~1\\BILLPS~1\\WINPAT~1\\winpatrol.exe"
"UpdateManager"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r"
"PCMService"="\"C:\\Program Files\\Dell\\Media Experience\\PCMService.exe\""
"IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
"DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\""
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"Dell Wireless Manager UI"="C:\\WINDOWS\\system32\\WLTRAY"
"Dell QuickSet"="C:\\Program Files\\Dell\\QuickSet\\quickset.exe"
"Apoint"="C:\\Program Files\\Apoint\\Apoint.exe"
"lxctmon.exe"="\"C:\\Program Files\\Lexmark 5400 Series\\lxctmon.exe\""
"Lexmark 5400 Series Fax Server"="\"C:\\Program Files\\Lexmark 5400 Series\\fm3032.exe\" /s"
"EzPrint"="\"C:\\Program Files\\Lexmark 5400 Series\\ezprint.exe\""
"LXCTCATS"="rundll32 C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\LXCTtime.dll,_RunDLLEntry@16"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0




~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

backup-20070117-115929-413
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
backup-20070117-115929-434
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
backup-20060609-202615-960
O20 - Winlogon Notify: CONMI2 - C:\WINDOWS\SYSTEM32\CONMI2.dll
backup-20060609-202615-200
O2 - BHO: (no name) - {22127805-6066-47f6-8e32-5f2e29d8f1ad} - C:\WINDOWS\system32\CONMI2.dll
backup-20060609-202008-969
O20 - Winlogon Notify: CONMI2 - C:\WINDOWS\SYSTEM32\CONMI2.dll
backup-20060609-202008-686
O2 - BHO: (no name) - {22127805-6066-47f6-8e32-5f2e29d8f1ad} - C:\WINDOWS\system32\CONMI2.dll
backup-20060609-201859-859
O20 - Winlogon Notify: CONMI2 - C:\WINDOWS\SYSTEM32\CONMI2.dll
backup-20060609-201859-224
O2 - BHO: (no name) - {22127805-6066-47f6-8e32-5f2e29d8f1ad} - C:\WINDOWS\system32\CONMI2.dll

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Symantec NetDetect.job

Completion time: 07-01-17 13:45:06
--------------------------------
Current HJT Log
Logfile of HijackThis v1.99.1
Scan saved at 1:53:43 PM, on 1/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTserv.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymSCUI.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Lexmark 5400 Series\lxctmon.exe
C:\Program Files\Lexmark 5400 Series\ezprint.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.symantec.com/techsupp/activation/activate-redirect.jsp?LG=ENG&IVR=3004107512983456157227888455510243628301811962619&SO={257BBC47-1B26-432e-9F84-188603799DD3}
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1126483614609
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/v...fo/webscan.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LXCTCustomerConnect - Lexmark International Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\LXCTserv.exe
O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

Thanks so much! I hope this info aids you in assisting me! Thanks Thanks Thanks! I don't know how you guys do it. This is all so frustrating for me.

TC
*techallenged* is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-17-2007, 06:58 PM   #5 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 27,043
OS: WinXP and Vista


Hiya,

I'm not finding anything in those logs either. We'll use another tool and see if it can shed some light.

Please download this tool > http://www.kztechs.com/sreng/sreng2.zip

1. Extract it to Desktop & double click SREng.exe to run it

2. Select 'Smart Scan' & tick "Verify Digital Signatures"

3. Click on the [Scan] button

4. When finished, click on the [Save Reports] button & save the log to Desktop

5. Attach the log in your next reply. Dont post it.
You may have to rename SREngLOG.log to SREngLOG.txt to upload it.

---------------------------------------------------------

I'd also like to see an Uninstall List:

Create an Uninstall List:
Open HijackThis
*Click on the "Configure" button on the bottom right
*Click on the tab "Misc Tools"
*Click on the Box that says "Open Uninstall Manager"
*Click on the button "Save list"
The list will automatically be saved in your HijackThis folder.

Please copy and paste the uninstall_list.txt here.
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-18-2007, 09:58 AM   #6 (permalink)
Registered User
 
Join Date: Jan 2007
Posts: 4
OS: XP


Good Morning Ried,

Here are my logs. Sorry for the delay.

SRE Log



2007-01-18,11:40:11

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 2 (Build 2600)
- Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<DellSupport><"C:\Program Files\Dell Support\DSAgnt.exe" /startup> [Gteko Ltd.]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Zone Labs Client><"C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"> [(Verified)Zone Labs, LLC]
<WinPatrol><C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe> [(Verified)BillP Studios]
<UpdateManager><"C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r> [Sonic Solutions]
<PCMService><"C:\Program Files\Dell\Media Experience\PCMService.exe"> [CyberLink Corp.]
<IgfxTray><C:\WINDOWS\system32\igfxtray.exe> [(Verified)Intel Corporation]
<HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe> [(Verified)Intel Corporation]
<DVDLauncher><"C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"> [CyberLink Corp.]
<dla><C:\WINDOWS\system32\dla\tfswctrl.exe> [Sonic Solutions]
<Dell Wireless Manager UI><C:\WINDOWS\system32\WLTRAY> [N/A]
<Dell QuickSet><C:\Program Files\Dell\QuickSet\quickset.exe> [N/A]
<Apoint><C:\Program Files\Apoint\Apoint.exe> [(Verified)Alps Electric Co., Ltd.]
<lxctmon.exe><"C:\Program Files\Lexmark 5400 Series\lxctmon.exe"> [N/A]
<Lexmark 5400 Series Fax Server><"C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s> [N/A]
<EzPrint><"C:\Program Files\Lexmark 5400 Series\ezprint.exe"> [Lexmark International Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll> [Anti-Malware Development a.s.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
<WinlogonNotify: WgaLogon><WgaLogon.dll> [(Verified)Microsoft Corporation]

==================================
Startup Folders
[Adobe Reader Speed Launch]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>
[Digital Line Detect]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk --> C:\PROGRA~1\DIGITA~1\DLG.exe [BVRP Software]><N>
[Microsoft Office]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk --> C:\PROGRA~1\MI1933~1\Office10\OSA.EXE [Microsoft Corporation]><N>
[ERUNT AutoBackup]
<C:\Documents and Settings\ *******\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk --> C:\PROGRA~1\ERUNT\AUTOBACK.EXE [N/A]><N>

==================================
Services
[Application Management / AppMgmt][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
<C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start]
<C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe><Anti-Malware Development a.s.>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[iPod Service / iPod Service][Running/Manual Start]
<"C:\Program Files\iPod\bin\iPodService.exe"><Apple Computer, Inc.>
[LXCTCustomerConnect / LXCTCustomerConnect][Running/Auto Start]
<C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\LXCTserv.exe><Lexmark International Inc.>
[lxct_device / lxct_device][Running/Auto Start]
<C:\WINDOWS\system32\lxctcoms.exe -service><>
[NICCONFIGSVC / NICCONFIGSVC][Running/Auto Start]
<C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe><Dell Inc.>
[SymWMI Service / SymWSC][Running/Auto Start]
<"C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe"><Symantec Corporation>
[TrueVector Internet Monitor / vsmon][Running/Auto Start]
<C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service><Zone Labs, LLC>
[Dell Wireless WLAN Tray Service / wltrysvc][Running/Auto Start]
<C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe><N/A>
[Security Center / wscsvc][Stopped/Boot Start]
<\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SYSTEMROOT%\system32\wscsvc.dll><>

==================================
Drivers
[abp480n5 / abp480n5][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ABP480N5.SYS><Microsoft Corporation>
[adpu160m / adpu160m][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[AEGIS Protocol (IEEE 802.1x) v3.2.0.3 / AegisP][Running/Auto Start]
<system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[Aha154x / Aha154x][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[AliIde / AliIde][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[Alps Touch Pad Filter Driver for Windows 2000/XP / ApfiltrService][Running/Manual Start]
<system32\DRIVERS\Apfiltr.sys><Alps Electric Co., Ltd.>
[APPDRV / APPDRV][Running/System Start]
<\SystemRoot\SYSTEM32\DRIVERS\APPDRV.SYS><Dell Inc>
[asc / asc][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3350p / asc3350p][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\asc3350p.sys><Microsoft Corporation>
[asc3550 / asc3550][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start]
<\??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys><N/A>
[AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
<System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
[Dell Wireless WLAN Card Driver / BCM43XX][Running/Manual Start]
<system32\DRIVERS\bcmwl5.sys><Broadcom Corporation>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Stopped/Manual Start]
<system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[bdfdll / bdfdll][Stopped/Manual Start]
<\??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys><N/A>
[cd20xrnt / cd20xrnt][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\cd20xrnt.sys><Microsoft Corporation>
[CmdIde / CmdIde][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[CO_Mon / CO_Mon][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\Drivers\CO_Mon.sys><N/A>
[dac2w2k / dac2w2k][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dpti2o / dpti2o][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[drvmcdb / drvmcdb][Running/Boot Start]
<\SystemRoot\system32\drivers\drvmcdb.sys><Sonic Solutions>
[drvnddm / drvnddm][Running/Auto Start]
<system32\drivers\drvnddm.sys><Sonic Solutions>
[Intel(R) PRO Adapter Driver / E100B][Stopped/Manual Start]
<system32\DRIVERS\e100b325.sys><Intel Corporation>
[GEAR CDRom Filter / GEARAspiWDM][Running/Manual Start]
<SYSTEM32\DRIVERS\GEARAspiWDM.sys><GEAR Software Inc.>
[HSFHWICH / HSFHWICH][Running/Manual Start]
<system32\DRIVERS\HSFHWICH.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP][Running/Manual Start]
<system32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.>
[ialm / ialm][Running/Manual Start]
<system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[ini910u / ini910u][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ini910u.sys><Microsoft Corporation>
[mdmxsdk / mdmxsdk][Running/Auto Start]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[mraid35x / mraid35x][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[nv / nv][Stopped/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[OMCI WDM Device Driver / omci][Running/System Start]
<system32\DRIVERS\omci.sys><Dell Inc>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[ql1080 / ql1080][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ql1280.sys><QLogic Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[SIS AGP Bus Filter / sisagp][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[Sparrow / Sparrow][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[srescan / srescan][Running/Boot Start]
<\SystemRoot\system32\ZoneLabs\srescan.sys><Zone Labs, LLC>
[sscdbhk5 / sscdbhk5][Running/System Start]
<system32\drivers\sscdbhk5.sys><Sonic Solutions>
[ssrtln / ssrtln][Running/System Start]
<system32\drivers\ssrtln.sys><Sonic Solutions>
[SigmaTel C-Major Audio / STAC97][Running/Manual Start]
<system32\drivers\STAC97.sys><SigmaTel, Inc.>
[symc810 / symc810][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\symc8xx.sys><LSI Logic>
[sym_hi / sym_hi][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\sym_u3.sys><LSI Logic>
[tfsnboio / tfsnboio][Running/Auto Start]
<system32\dla\tfsnboio.sys><Sonic Solutions>
[tfsncofs / tfsncofs][Running/Auto Start]
<system32\dla\tfsncofs.sys><Sonic Solutions>
[tfsndrct / tfsndrct][Running/Auto Start]
<system32\dla\tfsndrct.sys><Sonic Solutions>
[tfsndres / tfsndres][Running/Auto Start]
<system32\dla\tfsndres.sys><Sonic Solutions>
[tfsnifs / tfsnifs][Running/Auto Start]
<system32\dla\tfsnifs.sys><Sonic Solutions>
[tfsnopio / tfsnopio][Running/Auto Start]
<system32\dla\tfsnopio.sys><Sonic Solutions>
[tfsnpool / tfsnpool][Running/Auto Start]
<system32\dla\tfsnpool.sys><Sonic Solutions>
[tfsnudf / tfsnudf][Running/Auto Start]
<system32\dla\tfsnudf.sys><Sonic Solutions>
[tfsnudfa / tfsnudfa][Running/Auto Start]
<system32\dla\tfsnudfa.sys><Sonic Solutions>
[TosIde / TosIde][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\toside.sys><Microsoft Corporation>
[ultra / ultra][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[ViaIde / ViaIde][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[vsdatant / vsdatant][Running/System Start]
<System32\vsdatant.sys><Zone Labs, LLC>
[WAN Miniport (ATW) / wanatw][Stopped/Manual Start]
<system32\DRIVERS\wanatw4.sys><N/A>
[winachsf / winachsf][Running/Manual Start]
<system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>

==================================
Browser Add-ons
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Lexmark Toolbar]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} <C:\Program Files\Lexmark Toolbar\toolband.dll, N/A>
[]
{53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll, Sun Microsystems, Inc.>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Java Plug-in 1.5.0_09]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll, Sun Microsystems, Inc.>
[]
{85d1f590-48f4-11d9-9669-0800200c9a66} <%windir%\bdoscandel.exe, N/A>
[Yahoo! Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, Yahoo! Inc.>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Lexmark Toolbar]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} <C:\Program Files\Lexmark Toolbar\toolband.dll, N/A>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[Symantec AntiVirus scanner]
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} <C:\WINDOWS\Downloaded Program Files\avsniff.dll, Symantec Corporation>
[BDSCANONLINE Control]
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} <C:\WINDOWS\DOWNLO~1\oscan8.ocx, SOFTWIN>
[Symantec RuFSI Utility Class]
{644E432F-49D3-41A1-8DD5-E099162EEEC5} <C:\WINDOWS\Downloaded Program Files\rufsi.dll, Symantec Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[WScanCtl Class]
{7B297BFD-85E4-4092-B2AF-16A91B2EA103} <C:\WINDOWS\Downloaded Program Files\webscan.dll, CA>
[Java Plug-in 1.5.0_09]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll, Sun Microsystems, Inc.>
[ActiveScan Installer Class]
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} <C:\WINDOWS\Downloaded Program Files\asinst.dll, Panda Software>
[Java Plug-in 1.5.0_09]
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_09]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Google Script Object]
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Yahoo! Toolbar Helper]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, Yahoo! Inc.>
[ActiveMovieControl Object]
{05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Lexmark Toolbar]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} <C:\Program Files\Lexmark Toolbar\toolband.dll, N/A>
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\Macromed\Director\SwDir.dll, Macromedia, Inc.>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, N/A>
[Symantec AntiVirus scanner]
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} <C:\WINDOWS\Downloaded Program Files\avsniff.dll, Symantec Corporation>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[Reporte Class]
{4A2A4430-3967-4461-94C7-BD95C419F3CF} <C:\WINDOWS\system32\ActiveScan\ascontrol.dll, Panda Software>
[]
{53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[InstallShield Update Service Agent]
{5B7524C8-2446-40E9-9474-94A779DBA224} <C:\WINDOWS\Downloaded Program Files\isusweb.dll, InstallShield Software Corporation>
[BDSCANONLINE Control]
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} <C:\WINDOWS\DOWNLO~1\oscan8.ocx, SOFTWIN>
[Symantec RuFSI Utility Class]
{644E432F-49D3-41A1-8DD5-E099162EEEC5} <C:\WINDOWS\Downloaded Program Files\rufsi.dll, Symantec Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Seleccion Class]
{6CEC0297-FAFB-41FB-97EA-77E3081B1DFE} <C:\WINDOWS\system32\ActiveScan\ascontrol.dll, Panda Software>
[ControlConexion Class]
{6FDCDD41-6C97-4A3B-9E6D-0144B66A1CE4} <C:\WINDOWS\system32\ActiveScan\ascontrol.dll, Panda Software>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll, Sun Microsystems, Inc.>
[WScanCtl Class]
{7B297BFD-85E4-4092-B2AF-16A91B2EA103} <C:\WINDOWS\Downloaded Program Files\webscan.dll, CA>
[Java Plug-in 1.5.0_09]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll, Sun Microsystems, Inc.>
[Panda ActiveScan]
{96567F65-E04C-4611-AF29-7CDEA6FA6A84} <C:\WINDOWS\system32\ACTIVE~1\as.dll, Panda Software>
[ActiveScan Installer Class]
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} <C:\WINDOWS\Downloaded Program Files\asinst.dll, Panda Software>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Adobe PDF Reader]
{CA8A9780-280D-11CF-A24D-444553540000} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroPDF.dll, Adobe Systems, Inc.>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[QuickTimeCheck Class]
{DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx, Apple Computer, Inc.>
[InstallShield Update Service Agent]
{E9880553-B8A7-4960-A668-95C68BED571E} <C:\WINDOWS\Downloaded Program Files\isusweb.dll, InstallShield Software Corporation>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, N/A>
[Yahoo! Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, Yahoo! Inc.>
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[XML DOM Document]
{F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, N/A>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, N/A>

==================================
Running Processes
[PID: 572][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 640][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 664][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\BCMLogon.dll] [Broadcom Corporation, 3.100.41.0]
[PID: 708][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 720][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 880][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 964][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1004][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1048][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1144][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1356][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll] [Anti-Malware Development a.s., 7, 5, 0, 47]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.7.2006011200]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\PROGRA~1\SPYBOT~1\SDHelper.dll] [Safer Networking Limited, 1, 3, 0, 12]
[PID: 1680][C:\WINDOWS\System32\wltrysvc.exe] [N/A, N/A]
[PID: 1696][C:\WINDOWS\System32\bcmwltry.exe] [Dell Inc, 3.100.41.0]
[C:\WINDOWS\System32\AegisE5.dll] [Meetinghouse Data Communications, 3, 0, 2, 29]
[C:\WINDOWS\System32\wltrynt.dll] [Broadcom Corporation, 3.100.41.0]
[PID: 1796][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\lxctlmpm.DLL] [ , 6.3.22.0]
[C:\WINDOWS\system32\lxctpmon.dll] [, 0.1.35.8]
[C:\WINDOWS\system32\IMGMAN32.dll] [Data Techniques, Inc., 7.20 ]
[C:\WINDOWS\system32\IM31IMG.DIL] [Data Techniques, Inc., 7.20 ]
[C:\Program Files\Lexmark 5400 Series\FxCtrStr.dll] [Lexmark India Development Labs, 0.1.35.8]
[C:\Program Files\Lexmark 5400 Series\ipcmt.dll] [, 0.1.35.8]
[C:\WINDOWS\system32\lxctpmrc.dll] [Lexmark International, Inc., 0.1.35.8]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\lxctdrpp.dll] [, 3.117.0.0]
[PID: 2000][C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTserv.exe] [Lexmark International Inc., 1.20.0.0]
[PID: 2040][C:\WINDOWS\system32\lxctcoms.exe] [ , 6.3.22.0]
[C:\WINDOWS\system32\lxctserv.dll] [ , 6.3.22.0]
[C:\WINDOWS\system32\lxctinpa.dll] [ , 6.3.22.0]
[C:\WINDOWS\system32\lxctiesc.dll] [ , 6.3.22.0]
[C:\WINDOWS\system32\lxctusb1.dll] [ , 6.3.22.0]
[PID: 152][C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe] [Dell Inc., 1, 0, 0, 1]
[PID: 288][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 112][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
[PID: 472][C:\WINDOWS\system32\fxssvc.exe] [Microsoft Corporation, 5.2.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 496][C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe] [Symantec Corporation, 2005.1.2.20]
[C:\Program Files\Common Files\Symantec Shared\Security Center\WSCHlpr.dll] [Symantec Corporation, 2005.1.2.20]
[C:\Program Files\Common Files\Symantec Shared\Security Center\Plug-in\pccln-fw.dll] [Symantec Corporation, 2005.1.00.111]
[C:\Program Files\Common Files\Symantec Shared\Security Center\Plug-in\sscwmiAV.dll] [Symantec Corporation, 2005.1.00.111]
[C:\Program Files\Common Files\Symantec Shared\Security Center\Plug-in\sscwmiFW.dll] [Symantec Corporation, 2005.1.00.111]
[C:\Program Files\Common Files\Symantec Shared\Security Center\Plug-in\McAfeeAV.dll] [Symantec Corporation, 2005.1.00.111]
[C:\Program Files\Common Files\Symantec Shared\Security Center\Plug-in\McAfeeFW.dll] [Symantec Corporation, 2005.1.00.111]
[C:\Program Files\Common Files\Symantec Shared\Security Center\Plug-in\etrst-av.dll] [Symantec Corporation, 2005.1.00.111]
[C:\Program Files\Common Files\Symantec Shared\Security Center\Plug-in\etrst-fw.dll] [Symantec Corporation, 2005.1.00.111]
[C:\Program Files\Common Files\Symantec Shared\Security Center\Plug-in\pccln-av.dll] [Symantec Corporation, 2005.1.00.111]
[C:\Program Files\Common Files\Symantec Shared\Security Center\Plug-in\zone-fw.dll] [Symantec Corporation, 2005.1.00.111]
[C:\Program Files\Common Files\Symantec Shared\Security Center\Plug-in\ssciwp.dll] [Symantec Corporation, 2005.1.00.111]
[C:\Program Files\Common Files\Symantec Shared\Security Center\sscnis56.dll] [Symantec Corporation, 2005.1.2.20]
[C:\Program Files\Common Files\Symantec Shared\Security Center\sscnis7.dll] [Symantec Corporation, 2005.1.2.20]
[C:\Program Files\Common Files\Symantec Shared\Security Center\sscnav.dll] [Symantec Corporation, 2005.1.2.20]
[C:\Program Files\Common Files\Symantec Shared\Security Center\Plug-in\ssc-icf.dll] [Symantec Corporation, 2005.1.00.111]
[C:\Program Files\Common Files\Symantec Shared\Security Center\Plug-in\ssc-wu.dll] [Symantec Corporation, 2005.1.00.111]
[PID: 628][C:\WINDOWS\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2744][C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe] [BillP Studios, 9, 8, 1, 0]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[PID: 2812][C:\Program Files\Dell\Media Experience\PCMService.exe] [CyberLink Corp., 1.0.1611 ]
[C:\Program Files\Dell\Media Experience\DirWatcher.dll] [, 1, 0, 0, 1]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[C:\Program Files\Dell\Media Experience\CLMixerWrapper.dll] [CyberLink Corp., 1.0.1611 ]
[C:\Program Files\Dell\Media Experience\Music\MMLibraryObj.dll] [Musicmatch, 1.0.0.2]
[C:\Program Files\Dell\Media Experience\Music\WMPEngine.dll] [CyberLink Corp., 1.0.1611 ]
[PID: 2848][C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation, 3.0.0.3929]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.3929]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.3929]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.3929]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.3929]
[C:\WINDOWS\system32\igfxhk.dll] [Intel Corporation, 3.0.0.3929]
[PID: 2864][C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe] [CyberLink Corp., 3.00.0000]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[PID: 2872][C:\WINDOWS\system32\dla\tfswctrl.exe] [Sonic Solutions, 1.04.08a]
[C:\WINDOWS\system32\tfswapi.dll] [Sonic Solutions, 1.04.08a]
[C:\WINDOWS\system32\dla\tfswcres.dll] [Sonic Solutions, 1.04.08a]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[PID: 2880][C:\WINDOWS\system32\WLTRAY.exe] [Dell Inc, 3.100.41.0]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[PID: 2932][C:\Program Files\Dell\QuickSet\quickset.exe] [, 1, 0, 0, 1]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[C:\Program Files\Dell\QuickSet\dadkeyb.dll] [N/A, N/A]
[PID: 2944][C:\Program Files\Apoint\Apoint.exe] [Alps Electric Co., Ltd., 5.5.101.141]
[C:\WINDOWS\system32\VXDIF.DLL] [Alps Electric Co., Ltd., 6.0.3.4]
[C:\Program Files\Apoint\Apoint.DLL] [Alps Electric Co., Ltd., 5.5.104.252]
[C:\Program Files\Apoint\EzAuto.dll] [Alps Electric Co., Ltd., 5.5.1.85]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[C:\Program Files\Apoint\EzLaunch.DLL] [Alps Electric Co., Ltd., 5.5.1.64]
[PID: 2956][C:\Program Files\Lexmark 5400 Series\lxctmon.exe] [N/A, 0.1.25.0]
[C:\Program Files\Lexmark 5400 Series\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Lexmark 5400 Series\lxctscw.dll] [N/A, N/A]
[C:\Program Files\Lexmark 5400 Series\lxctcfg.dll] [Lexmark International, 1, 0, 0, 1]
[C:\Program Files\Lexmark 5400 Series\lxcttsfw.dll] [Lexmark International Inc., 3.17.0.0]
[C:\Program Files\Lexmark 5400 Series\lxctdrec.dll] [, 3.20.0.0]
[C:\Program Files\Lexmark 5400 Series\lxctmonr.dll] [Lexmark R&D Corp., 0.1.25.0]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[PID: 2976][C:\Program Files\Lexmark 5400 Series\ezprint.exe] [Lexmark International Inc., 2.0.40.0]
[C:\Program Files\Lexmark 5400 Series\Epwizard.DLL] [Lexmark International Inc., 2.0.40.0]
[C:\Program Files\Lexmark 5400 Series\customui.dll] [Lexmark International Inc., 2.0.40.0]
[C:\Program Files\Lexmark 5400 Series\Eputil.DLL] [Lexmark International Inc., 2.0.40.0]
[C:\Program Files\Lexmark 5400 Series\Imagutil.DLL] [Lexmark International Inc., 2.0.40.0]
[C:\Program Files\Lexmark 5400 Series\LTWVC13n.dll] [LEAD Technologies, Inc., 13.0.0.105]
[C:\Program Files\Lexmark 5400 Series\LTDIS13N.dll] [LEAD Technologies, Inc., 13.0.0.105]
[C:\Program Files\Lexmark 5400 Series\LTKRN13N.dll] [LEAD Technologies, Inc., 13.0.0.105]
[C:\Program Files\Lexmark 5400 Series\ltfil13n.DLL] [LEAD Technologies, Inc., 13.0.0.105]
[C:\Program Files\Lexmark 5400 Series\LTIMG13N.dll] [LEAD Technologies, Inc., 13.0.0.105]
[C:\Program Files\Lexmark 5400 Series\LTEFX13N.dll] [LEAD Technologies, Inc., 13.0.0.105]
[C:\Program Files\Lexmark 5400 Series\Epfunct.DLL] [Lexmark International Inc., 2.0.40.0]
[C:\Program Files\Lexmark 5400 Series\EPWizRes.dll] [Lexmark International Inc., 2.0.40.0]
[C:\Program Files\Lexmark 5400 Series\epstring.dll] [Lexmark International Inc., 2.0.40.0]
[C:\Program Files\Lexmark 5400 Series\EPOEMDll.dll] [Lexmark International Inc., 2.0.40.0]
[C:\Program Files\Lexmark 5400 Series\iptk.dll] [, 3.15.0.0]
[C:\Program Files\Lexmark 5400 Series\PdfLib.dll] [PDFlib GmbH, 4.0.0]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[PID: 2996][C:\Program Files\QuickTime\qttask.exe] [Apple Computer, Inc., 7.1.3]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[PID: 3004][C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe] [Anti-Malware Development a.s., 7, 5, 0, 50]
[C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll] [Anti-Malware Development a.s., 4, 2, 0, 15]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[PID: 3012][C:\Program Files\Dell Support\DSAgnt.exe] [Gteko Ltd., 1, 1, 0, 73]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[C:\Program Files\Dell Support\AUPNP.dll] [Gteko Ltd., 1, 0, 0, 11]
[C:\Program Files\Dell Support\AUReg.dll] [Gteko Ltd., 1, 1, 0, 9]
[PID: 3020][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[PID: 3352][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3412][C:\Program Files\Apoint\Apntex.exe] [Alps Electric Co., Ltd., 5.5.1.19]
[C:\WINDOWS\system32\VXDIF.DLL] [Alps Electric Co., Ltd., 6.0.3.4]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[PID: 3664][C:\Program Files\Common Files\Symantec Shared\Security Center\SymSCUI.exe] [Symantec Corporation, 2005.1.00.111]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[C:\Program Files\Common Files\Symantec Shared\Security Center\SymSCWb.dll] [Symantec Corporation, 2005.1.2.20]
[C:\Program Files\Common Files\Symantec Shared\Security Center\WSCHlpr.dll] [Symantec Corporation, 2005.1.2.20]
[PID: 3928][C:\Program Files\Digital Line Detect\DLG.exe] [BVRP Software, 1, 0, 0, 1]
[C:\Program Files\Digital Line Detect\BVRPDIAG.dll] [BVRP Software, 1.0]
[C:\WINDOWS\system32\MdmXSdk.dll] [Conexant, 1.0.2.006]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[PID: 3216][C:\Program Files\iTunes\iTunes.exe] [Apple Computer, Inc., 7.0.2.16]
[C:\Program Files\QuickTime\QTSystem\QuickTime.qts] [Apple Computer, Inc., 7.1.3]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[C:\Program Files\iTunes\iTunes.Resources\iTunesRegistry.DLL] [Apple Computer, Inc., 7.0.2.14]
[C:\Program Files\iTunes\iTunes.Resources\en.lproj\iTunesLocalized.DLL] [Apple Computer, Inc., 7.0.2.16]
[C:\Program Files\iTunes\iTunes.Resources\iTunes.DLL] [Apple Computer, Inc., 7.0.2.16]
[C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx] [Apple Computer, Inc., 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx] [Apple Computer, Inc., 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx] [Apple Computer, Inc., 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx] [Apple Computer, Inc., 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx] [Apple Computer, Inc., 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx] [Apple Computer, Inc., 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx] [Apple Computer, Inc., 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx] [Apple Computer, Inc., 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx] [Apple Computer, Inc., 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx] [Apple Computer, Inc., 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx] [Apple Computer, Inc., 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx] [Apple Computer, Inc, 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx] [Apple Computer, Inc., 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.qtx] [Apple Computer, Inc., 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx] [Apple Computer, Inc., 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.qtx] [Apple Computer, Inc., 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx] [Apple Computer, Inc., 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx] [Apple Computer, Inc., 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx] [Apple Computer, Inc., 7.1.3]
[C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx] [Apple Computer, Inc, 7.1.3]
[C:\Program Files\iTunes\CDDBControlApple.dll] [Gracenote (formerly CDDB, Inc.), 2, 0, 1, 25]
[PID: 3360][C:\Program Files\iPod\bin\iPodService.exe] [Apple Computer, Inc., 7.0.2.16]
[C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.DLL] [Apple Computer, Inc., 7.0.2.16]
[C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL] [Apple Computer, Inc., 7.0.2.16]
[PID: 1620][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.8.1.1: 2006120418]
[C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0]
[C:\Program Files\Mozilla Firefox\nspr4.dll] [Netscape Communications Corporation, 4.6.4]
[C:\Program Files\Mozilla Firefox\xpcom_core.dll] [Mozilla Foundation, 1.8.1.1: 2006120418]
[C:\Program Files\Mozilla Firefox\plc4.dll] [Netscape Communications Corporation, 4.6.4]
[C:\Program Files\Mozilla Firefox\plds4.dll] [Netscape Communications Corporation, 4.6.4]
[C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\nss3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\xpcom_compat.dll] [Mozilla Foundation, 1.8.1.1: 2006120418]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[C:\Program Files\Mozilla Firefox\components\myspell.dll] [Mozilla Foundation, 1.8.1.1: 2006120418]
[C:\Program Files\Mozilla Firefox\components\jar50.dll] [Mozilla Foundation, 1.8.1.1: 2006120418]
[C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssckbi.dll] [Mozilla Foundation, 1.62]
[C:\Program Files\Mozilla Firefox\components\spellchk.dll] [Mozilla Foundation, 1.8.1.1: 2006120418]
[C:\Program Files\Mozilla Firefox\plugins\npnul32.dll] [mozilla.org, 1, 0, 0, 15]
[C:\Program Files\Dell\QuickSet\dadkeyb.dll] [N/A, N/A]
[C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll] [Anti-Malware Development a.s., 7, 5, 0, 47]
[PID: 260][C:\Program Files\Google\Google Video Player\GoogleVideoPlayer.exe] [N/A, 1, 0, 3, 3]
[C:\Program Files\Google\Google Video Player\SSLEAY32.dll] [The OpenSSL Project, http://www.openssl.org/, 0.9.8]
[C:\Program Files\Google\Google Video Player\LIBEAY32.dll] [The OpenSSL Project, http://www.openssl.org/, 0.9.8]
[C:\Program Files\Google\Google Video Player\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Google\Google Video Player\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[C:\Program Files\Dell\QuickSet\dadkeyb.dll] [N/A, N/A]
[C:\Program Files\Google\Google Video Player\libddmodule-c3c484e45b0dcfb0-1-5-1.dll] [N/A, N/A]
[PID: 2248][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1020, 2544]
[C:\Program Files\Lexmark Toolbar\toolband.dll] [N/A, N/A]
[C:\Program Files\Lexmark Toolbar\resource.dll] [N/A, N/A]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.7.2006011200]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\PROGRA~1\SPYBOT~1\SDHelper.dll] [Safer Networking Limited, 1, 3, 0, 12]
[C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll] [Sun Microsystems, Inc., 5.0.90.3]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\Program Files\Dell\QuickSet\dadkeyb.dll] [N/A, N/A]
[C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 1.1.4322.2032]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll] [Microsoft Corporation, 1.1.4322.573]
[C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll] [Anti-Malware Development a.s., 7, 5, 0, 47]
[C:\WINDOWS\system32\Macromed\Common\SwSupport.dll] [Macromedia, Inc., 8.5.1r102]
[PID: 4016][C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe] [Google Inc., 1, 2, 908, 5008]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\res_en.dll] [Google Inc., 1, 2, 908, 5008]
[C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\swg.dll] [Google Inc., 1, 2, 908, 5008]
[PID: 1688][C:\Program Files\Outlook Express\msimn.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll] [Anti-Malware Development a.s., 7, 5, 0, 47]
[PID: 3260][C:\Program Files\Messenger\msmsgs.exe] [Microsoft Corporation, 4.7.3001]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]
[PID: 4000][C:\DOCUME~1\ ******\LOCALS~1\Temp\Temporary Directory 1 for sreng2.zip\SREng.EXE] [Smallfrogs Studio, 2.3.13.690]
[C:\PROGRA~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL] [BillP Studios, 1.2.0.0]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A
---------------------------------

Uninstall List

ABBYY FineReader 6.0 Sprint
Ad-Aware SE Personal
Adobe Download Manager 2.0 (Remove Only)
Adobe Flash Player 9 ActiveX
Adobe Reader 7.0.8
ALPS Touch Pad Driver
Apple Software Update
AVG Anti-Spyware 7.5
Broadcom Management Programs 2
CleanUp!
Conexant D110 MDC V.9x Modem
Dell Driver Reset Tool
Dell Media Experience
Dell Picture Studio v3.0
Dell Support 5.0.0 (630)
Dell Wireless WLAN Card
Digital Line Detect
ERUNT 1.1j
Google Toolbar for Internet Explorer
Google Video Player
HijackThis 1.99.1
Hooked on Phonics Learn to Read
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Intel(R) Graphics Media Accelerator Driver for Mobile
Internal Network Card Power Management
Internet Explorer Default Page
iPod for Windows 2005-03-23
iTunes
J2SE Runtime Environment 5.0 Update 9
Jasc Paint Shop Photo Album 5
Jasc Paint Shop Pro Studio, Dell Editon
Lavasoft VX2 Cleaner
Learn2 Player (Uninstall Only)
Lexmark 5400 Series
Lexmark Toolbar
Macromedia Shockwave Player
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Encarta Encyclopedia Standard 2005
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2005
Microsoft National Language Support Downlevel APIs
Microsoft Picture It! Premium 10
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Streets and Trips 2005
Microsoft Word 2002
Microsoft Works 2005 Setup Launcher
Modem Helper
Mozilla Firefox (2.0.0.1)
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
NetWaiting
Norton Security Center
Panda ActiveScan
PowerDVD 5.3
Qualxserve Service Agreement
QuickSet
QuickTime
Security Task Manager 1.6f
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB926255)
Shockwave
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
Spybot - Search & Destroy 1.3
SpywareBlaster v3.5.1
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Viewpoint Media Player
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
WinPatrol
Yahoo! Toolbar
ZoneAlarm

My computer has been behaving much better today. I'm not sure why since we didn't find anything significant in the logs. Could it be possible that my problems were caused by my allowing the computers battery to run down several times without recharge over the past couple of weeks. I've been doing a lot of work lately and sometimes I take the laptop off the charger and before I realize it it just shuts down and then I have to recharge it. This probably caused some instability in my system. I've been keeping it charged for the past few days. Thanks for your help.
*techallenged* is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-18-2007, 10:02 AM   #7 (permalink)
Registered User
 
Join Date: Jan 2007
Posts: 4
OS: XP


Error
Last edited by *techallenged*; 01-18-2007 at 10:09 AM. Reason: Multiple Post
*techallenged* is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-18-2007, 10:12 AM   #8 (permalink)
Registered User
 
Join Date: Jan 2007
Posts: 4
OS: XP


bump for some reason this post did not move up when I replied. It's also not showing that I was the last poster. I think there is a glich on TSF. My postings have been showing in multiples for some reason today. Sorry.

*I see that it did move up after I posted this.
Last edited by *techallenged*; 01-18-2007 at 10:14 AM.
*techallenged* is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-19-2007, 06:41 AM   #9 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 27,043
OS: WinXP and Vista


Hi,

This log appears clean as well. It is possible that the battery was too low--is your system still behaving as expected?

I do see 2 outdated programs as well as a recommended removal.

Please print out or copy this page to Notepad and save to your desktop for reference.


***************************************************

Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs)

Viewpoint Media Player This process monitors your browsing habits and distributes the data back to the authors.

---------------------------------------

Delete it's folder:

C:\Program Files\ Viewpoint

**Note--if either of the above resists removal, boot into Safe Mode to perform those steps.

---------------------------------------

Spybot is now at version 1.4:

Spybot - Search & Destroy 1.4
Run Spybot and click on the 'Search for Updates' button. Install any updates that are available.
  • Now click Mode menu and choose 'Advanced Mode'.
  • Click on Immunize to your left.
  • Next, click the Immunize button on top to Immunize your computer - you need to do this each time there is an update.
  • Click 'Check for Problems' and fix all the entries, which are indicated in RED.
---------------------------------------

Your Java is out of date. Please follow these steps to remove older version Java components and update.

Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 6.
  • Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6-windowsi586-p.exe to install the newest version.

How is your system behaving?
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-19-2007, 12:10 PM   #10 (permalink)
Registered User
 
Join Date: Jan 2007
Posts: 4
OS: XP


Thank you very much Ried!

It seems that my system has improved greatly. There is no lagging and my internet connection stays connected even if I leave the computer for a few moments. I'm not sure what was causing the internet to misbehave..as I stated before we have two other computers in the house and those never had the connection problem Well, at least it appears to be fine now.

Thanks again! Have wonderful day/evening! I can't say thanks enough.....
*techallenged* is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-19-2007, 06:42 PM   #11 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 27,043
OS: WinXP and Vista


Hi,

You're welcome.

You already have a good multi-layered set up of protection going on this system. (Good for you! ) The only program I would add is IESpyAd. Even if you mainly use Firefox as your browser, Internet Explorer is still necessary for many websites that use ActiveX--inlcuding Microsoft Updates. IESpyAd is a simple tool--once it's installed, that's it. It requires no scanning on your part, just remember to check for updates every month or so.

Download IE-SPYAD.EXE to block access to malicious websites so you cannot be redirected to them from an infected site or email. IE/Spyad places more than 4000 dubious websites and domains in the IE Restricted list. This severely impairs attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites. This is a self-extracting .ZIP file, save it to your desktop. Once downloaded, double-click on it to extract the files inside (default dir is C:\IE-SPYAD)
  • Now navigate to C:\ie-spyad. Double click to open it.
  • From within the folder, double-click install.bat
  • Select Option #2 - Install the new IE-SPYAD list, by typing 2
  • Then return to the main menu.
  • Select option #4 - Add the old porn sites domain, by typing 4

Also, you may want to take a look at these well written articles to help expand your knowledge of protecting your system:

PC Safety and Security--What Do I Need?

HOW DID I GET INFECTED IN THE FIRST PLACE? by Tony Klein
THE ANTI-SPYWARE TUTORIAL
MAKING INTERNET EXPLORER SAFER
Understanding and Using Firewalls

Take care.
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-19-2007, 08:06 PM   #12 (permalink)
Registered User
 
Join Date: Jan 2007
Posts: 4
OS: XP


Thanks so much again. I have saved all of the information you provided. Have a wonderful weekend!
Last edited by *techallenged*; 01-19-2007 at 08:13 PM.
*techallenged* is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
 

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 06:12 AM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2009, Tech Support Forum
Home Tips Plus | Outdoor Basecamp | Automotive Support Forum

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85