Logs
Here are the logs from the scan you told me to run...
2007-01-22,10:08:04
System Repair Engineer 2.3.13.690
Smallfrogs (
http://www.KZTechs.com)
Windows XP Home Edition Service Pack 2 (Build 2600)
- Administrative User - Completed Functions Allowed
Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
<MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IntelliPoint><"C:\Program Files\Microsoft IntelliPoint\point32.exe"> [Microsoft Corporation]
<USB Storage Toolbox><C:\Program Files\USB Disk Win98 Driver\Res.EXE> [ali]
<SunJavaUpdateSched><"C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"> [Sun Microsystems, Inc.]
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> [N/A]
<F-Secure Manager><"C:\Program Files\Shaw Secure\Common\FSM32.EXE" /splash> [F-Secure Corporation]
<F-Secure TNB><"C:\Program Files\Shaw Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW> [F-Secure Corporation]
<F-Secure Startup Wizard><"C:\Program Files\Shaw Secure\FSGUI\FSSW.EXE" /reboot> [F-Secure Corporation]
<News Service><"C:\Program Files\Shaw Secure\FSGUI\ispnews.exe"> [F-Secure Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<NeroFilterCheck><; C:\WINDOWS\system32\NeroCheck.exe> [N/A]
<SoundMan><; SOUNDMAN.EXE> [(Verified)Realtek Semiconductor Corp.]
==================================
Startup Folders
[CleanUp]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\CleanUp.lnk --> C:\CLEANUP.EXE [user]><N>
[Shaw Secure]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Shaw Secure.lnk --> C:\PROGRA~1\SHAWSE~1\backweb\3875767\Program\fspex.exe [BackWeb Technologies Inc. ]><N>
==================================
Services
[Application Management / AppMgmt][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
<C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Shaw Secure / BackWeb Plug-in - 3875767][Running/Auto Start]
<C:\PROGRA~1\SHAWSE~1\backweb\3875767\Program\SERVIC~1.EXE><BackWeb Technologies Inc.>
[FSGKHS / F-Secure Gatekeeper Handler Starter][Running/Auto Start]
<"C:\Program Files\Shaw Secure\Anti-Virus\fsgk32st.exe"><F-Secure Corporation>
[FSBWSYS / FSBWSYS][Running/Auto Start]
<"C:\Program Files\Shaw Secure\backweb\3875767\program\fsbwsys.exe"><F-Secure Corp.>
[F-Secure Anti-Virus Firewall Daemon / FSDFWD][Running/Manual Start]
<"C:\Program Files\Shaw Secure\FWES\Program\fsdfwd.exe"><F-Secure Corporation>
[F-Secure Management Agent / FSMA][Running/Auto Start]
<"C:\Program Files\Shaw Secure\Common\FSMA32.EXE"><F-Secure Corporation>
[LexBce Server / LexBceS][Running/Auto Start]
<C:\WINDOWS\system32\LEXBCES.EXE><Lexmark International, Inc.>
==================================
Drivers
[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]
<system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[F-Secure File System Filter / F-Secure Filter][Running/Auto Start]
<\??\C:\Program Files\Shaw Secure\Anti-Virus\Win2K\FSfilter.sys><N/A>
[F-Secure Gatekeeper / F-Secure Gatekeeper][Running/Auto Start]
<\??\C:\Program Files\Shaw Secure\Anti-Virus\Win2K\FSgk.sys><N/A>
[F-Secure File System Recognizer / F-Secure Recognizer][Running/Auto Start]
<\??\C:\Program Files\Shaw Secure\Anti-Virus\Win2K\FSrec.sys><N/A>
[F-Secure Firewall Driver / FSFW][Running/Boot Start]
<\SystemRoot\System32\drivers\fsdfw.sys><F-Secure Corporation>
[HCF_MSFT / HCF_MSFT][Stopped/Manual Start]
<system32\DRIVERS\HCF_MSFT.sys><Conexant>
[iMSPCLOj / iMSPCLOj][Stopped/Manual Start]
<\??\C:\DOCUME~1\Name\LOCALS~1\Temp\iMSPCLOj.sys><N/A>
[mdmxsdk / mdmxsdk][Running/Auto Start]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[nv / nv][Running/Manual Start]
<System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv][Running/Auto Start]
<System32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SiS PCI Fast Ethernet Adapter Driver / SISNIC][Running/Manual Start]
<System32\DRIVERS\sisnic.sys><SiS Corporation>
[tmcomm / tmcomm][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\tmcomm.sys><N/A>
[Winachcf / Winachcf][Running/Manual Start]
<system32\DRIVERS\winachcf.sys><Conexant>
==================================
Browser Add-ons
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[]
{53707962-6F74-2D53-2644-206D7942484F} <C:\Program Files\Spybot - Search & Destroy\SDHelper.dll, Safer Networking Limited>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll, Sun Microsystems, Inc.>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Java Plug-in 1.5.0_10]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll, Sun Microsystems, Inc.>
[F-Secure IE Shield COM button]
{300DB664-75B5-47c0-8B45-A44ACCF73C00} <C:\Program Files\Shaw Secure\Anti-Spyware\ieshield.dll, F-Secure Corporation>
[]
{85d1f590-48f4-11d9-9669-0800200c9a66} <%windir%\bdoscandel.exe, N/A>
[&Research]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[BDSCANONLINE Control]
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} <C:\WINDOWS\DOWNLO~1\oscan8.ocx, SOFTWIN>
[Symantec RuFSI Utility Class]
{644E432F-49D3-41A1-8DD5-E099162EEEC5} <C:\WINDOWS\Downloaded Program Files\rufsi.dll, Symantec Corporation>
[Java Plug-in 1.5.0_10]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll, Sun Microsystems, Inc.>
[ActiveScan Installer Class]
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} <C:\WINDOWS\Downloaded Program Files\asinst.dll, Panda Software>
[Java Plug-in 1.5.0_10]
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_10]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Photo Upload Plugin Class]
{F127B9BA-89EA-4B04-9C67-2074A9DF61FD} <C:\WINDOWS\Downloaded Program Files\Photochannel.dll, PhotoChannel Networks>
[Yahoo! Toolbar Helper]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} <, N/A>
[Microsoft Office Template and Media Control]
{02BCC737-B171-4746-94C9-0D8A0B2C0089} <C:\PROGRA~1\MICROS~3\OFFICE11\IEAWSDC.DLL, N/A>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\System32\mshtml.dll, N/A>
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\System32\tdc.ocx, Microsoft Corporation>
[Microsoft Office Control]
{4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} <C:\PROGRA~1\MICROS~3\OFFICE11\AUTHZAX.DLL, Microsoft Corporation>
[Reporte Class]
{4A2A4430-3967-4461-94C7-BD95C419F3CF} <C:\WINDOWS\system32\ActiveScan\ascontrol.dll, Panda Software>
[]
{53707962-6F74-2D53-2644-206D7942484F} <C:\Program Files\Spybot - Search & Destroy\SDHelper.dll, Safer Networking Limited>
[BDSCANONLINE Control]
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} <C:\WINDOWS\DOWNLO~1\oscan8.ocx, SOFTWIN>
[Symantec RuFSI Utility Class]
{644E432F-49D3-41A1-8DD5-E099162EEEC5} <C:\WINDOWS\Downloaded Program Files\rufsi.dll, Symantec Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Seleccion Class]
{6CEC0297-FAFB-41FB-97EA-77E3081B1DFE} <C:\WINDOWS\system32\ActiveScan\ascontrol.dll, Panda Software>
[ControlConexion Class]
{6FDCDD41-6C97-4A3B-9E6D-0144B66A1CE4} <C:\WINDOWS\system32\ActiveScan\ascontrol.dll, Panda Software>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_10]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll, Sun Microsystems, Inc.>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Panda ActiveScan]
{96567F65-E04C-4611-AF29-7CDEA6FA6A84} <C:\WINDOWS\system32\ACTIVE~1\as.dll, Panda Software>
[ActiveScan Installer Class]
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} <C:\WINDOWS\Downloaded Program Files\asinst.dll, Panda Software>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
[OWSClientMiscApis Class]
{BDEADE3F-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~3\OFFICE11\OWSCLT.DLL, Microsoft Corporation>
[OWSBrowserUI Class]
{BDEADE43-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~3\OFFICE11\OWSCLT.DLL, Microsoft Corporation>
[Symantec RuFSI File information Class]
{C2FCEF4E-ACE9-11D3-BEBD-00105AA9B6AE} <C:\WINDOWS\Downloaded Program Files\rufsi.dll, Symantec Corporation>
[Symantec RuFSI Registry Information Class]
{C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} <C:\WINDOWS\Downloaded Program Files\rufsi.dll, Symantec Corporation>
[Adobe Acrobat Control for ActiveX]
{CA8A9780-280D-11CF-A24D-444553540000} <C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\pdf.ocx, Adobe Systems Incorporated>
[AUDIO__MID Moniker Class]
{CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Windows Live Sign-in Control]
{D2517915-48CE-4286-970F-921E881B8C5C} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[&Yahoo! Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} <, N/A>
[Photo Upload Plugin Class]
{F127B9BA-89EA-4B04-9C67-2074A9DF61FD} <C:\WINDOWS\Downloaded Program Files\Photochannel.dll, PhotoChannel Networks>
[&Block this popup]
<C:\Program Files\Shaw Secure\Anti-Spyware\blockpopups.htm, N/A>
[E&xport to Microsoft Excel]
<res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000, N/A>
==================================
Running Processes
[PID: 412][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 468][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 492][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 536][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 548][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 704][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 756][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 820][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 876][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 920][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 1204][C:\WINDOWS\system32\LEXBCES.EXE] [Lexmark International, Inc., 9.35]
[C:\WINDOWS\system32\lexp2p32.dll] [Lexmark International, Inc., 9.35]
[C:\WINDOWS\system32\lex2kusb.dll] [Lexmark International, Inc., 9.35]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 1228][C:\WINDOWS\system32\LEXPPS.EXE] [Lexmark International, Inc., 9.35]
[C:\WINDOWS\system32\LEXBCE.DLL] [Lexmark International, Inc., 9.35]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 1236][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\LEXLMPM.DLL] [Lexmark International, Inc., 9.35]
[C:\WINDOWS\system32\LexBce.dll] [Lexmark International, Inc., 9.35]
[C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.1897.0]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\LXBLPP5C.dll] [, 1.0.0.0]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.1897.0]
[C:\WINDOWS\system32\LXBLpwr.dll] [Lexmark International, Inc., 0, 1, 61, 1]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBLUI5C.DLL] [Lexmark International, 0,3,0,0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBLSTRN.DLL] [Lexmark International, 1.0.11.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBLDR5C.DLL] [Lexmark International, 0,3,0,0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBLICUR.DLL] [Lexmark International Inc., 1.0.43.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxblfc5c.dll] [, 1.0.43.0]
[PID: 1392][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[C:\Program Files\Shaw Secure\Common\fpshx.dll] [F-Secure Corporation, 5.50.9200]
[C:\Program Files\Shaw Secure\Common\FSMA32.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\FSPMAPI.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\DOCUME~1\Name\LOCALS~1\Temp\CmdLineExt02.dll] [N/A, N/A]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBLUI5C.DLL] [Lexmark International, 0,3,0,0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBLSTRN.DLL] [Lexmark International, 1.0.11.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBLDR5C.DLL] [Lexmark International, 0,3,0,0]
[C:\Program Files\Spybot - Search & Destroy\SDHelper.dll] [Safer Networking Limited, 1, 4, 0, 0]
[PID: 1492][C:\Program Files\Microsoft IntelliPoint\point32.exe] [Microsoft Corporation, 5.40.633.0]
[C:\Program Files\Microsoft IntelliPoint\point32.dll] [Microsoft Corporation, 5.40.633.0]
[C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll] [Microsoft Corporation, 5.40.633.0]
[C:\Program Files\Microsoft IntelliPoint\dpgcmd.dll] [Microsoft Corporation, 5.40.633.0]
[C:\Program Files\Microsoft IntelliPoint\srres.dll] [Microsoft Corporation, 5.40.633.0]
[C:\Program Files\Microsoft IntelliPoint\ipres.dll] [Microsoft Corporation, 5.40.633.0]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 1500][C:\Program Files\USB Disk Win98 Driver\Res.EXE] [ali, 1, 0, 0, 1]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 1508][C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe] [Sun Microsystems, Inc., 5.0.100.3]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 1660][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 1756][C:\PROGRA~1\SHAWSE~1\backweb\3875767\Program\SERVIC~1.EXE] [BackWeb Technologies Inc. , Version 6.3.2 (Build 123R)]
[C:\Program Files\Shaw Secure\backweb\3875767\6.3.2.123-3875767L\Program\ServiceWrapper.dll] [, Version 6.3.2 (Build 123R)]
[C:\Program Files\Shaw Secure\backweb\3875767\6.3.2.123-3875767L\Program\clntutil.dll] [N/A, N/A]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 1824][C:\Program Files\Shaw Secure\backweb\3875767\program\fsbwsys.exe] [F-Secure Corp., 6.90.881]
[C:\Program Files\Shaw Secure\Common\fsexc.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\backweb\3875767\program\fsbwupst.dll] [F-Secure Corporation, 6.90.891]
[c:\program files\shaw secure\common\fspmapi.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\common\fsma32.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\tnb\fstnb.dll] [F-Secure Corporation, 1.0.126 ]
[PID: 1844][C:\Program Files\Shaw Secure\backweb\3875767\Program\fspex.exe] [BackWeb Technologies Inc. , Version 6.3.2 (Build 123R)]
[C:\Program Files\Shaw Secure\backweb\3875767\6.3.2.123-3875767L\Program\backWeb.dll] [BackWeb Technologies Inc., Version 6.3.2 (Build 123R)]
[C:\Program Files\Shaw Secure\backweb\3875767\6.3.2.123-3875767L\Program\bwsec.dll] [BackWeb, Version 6.3.2 (Build 123R)]
[C:\Program Files\Shaw Secure\backweb\3875767\6.3.2.123-3875767L\Program\clntutil.dll] [N/A, N/A]
[C:\PROGRA~1\SHAWSE~1\backweb\3875767\632~1.123\program\EN\ClientRC.dll] [BackWeb Technologies Inc., Version 6.3.2 (Build 123R)]
[C:\Program Files\Shaw Secure\backweb\3875767\Program\BWfiles-3875767.dll] [BackWeb Technologies Inc. , Version 6.3.2 (Build 123R)]
[C:\Program Files\Shaw Secure\backweb\3875767\6.3.2.123-3875767L\Program\BWfiles.dll] [, Version 6.3.2 (Build 123R)]
[C:\Program Files\Shaw Secure\backweb\3875767\program\fsbwce.dll] [F-Secure Corporation, 6.90.891]
[C:\Program Files\Shaw Secure\backweb\3875767\program\FSLD32.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\fsexc.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\tnb\fstnb.dll] [F-Secure Corporation, 1.0.126 ]
[C:\Program Files\Shaw Secure\backweb\3875767\program\fsbwres.ENG] [F-Secure Corporation, 6.90.871]
[C:\Program Files\Shaw Secure\backweb\3875767\program\fsbwres.dll] [F-Secure Corporation, 6.70.707]
[c:\program files\shaw secure\common\fspmapi.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\common\fsma32.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 1896][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 2008][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 2040][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 2748][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 4088][C:\Program Files\Shaw Secure\Common\FSMA32.EXE] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\FSPMAPI.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\FSMA32.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\fsexc.dll] [F-Secure Corporation, 6.05.8452 ]
[PID: 132][C:\Program Files\Shaw Secure\Common\FSMB32.EXE] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\fsexc.dll] [F-Secure Corporation, 6.05.8452 ]
[PID: 752][C:\Program Files\Shaw Secure\Common\FCH32.EXE] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\FSPMAPI.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\FSMA32.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\fsexc.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\FSPMENG.DLL] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\daas\fsclm.dll] [F-Secure Corporation, 2.2.5 ]
[PID: 1348][C:\Program Files\Shaw Secure\Anti-Virus\fsgk32st.exe] [F-Secure Corporation, 1.00.11280]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 1568][C:\Program Files\Shaw Secure\Anti-Virus\FSGK32.EXE] [F-Secure Corp., 6.10.12200]
[c:\program files\shaw secure\common\fspmapi.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\common\fsma32s.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Anti-Virus\FSGKIAPI.dll] [F-Secure Corp., 6.00.11230]
[PID: 1088][C:\Program Files\Shaw Secure\Common\FAMEH32.EXE] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\FSPMAPI.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\FSLD32.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\FSMA32.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\fsexc.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\AMEHEVN.DLL] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\AMEHLOG.DLL] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\AMEHSMT.DLL] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\AMEHTVL.DLL] [F-Secure Corporation, 6.05.8452 ]
[PID: 1668][C:\Program Files\Shaw Secure\Anti-Virus\fsqh.exe] [F-Secure Corporation, 6.00.11240 ]
[c:\program files\shaw secure\common\fsma32.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\common\fspmapi.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Anti-Virus\Qrt.dll] [F-Secure Corporation, 1.01.11104]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 1984][C:\Program Files\Shaw Secure\Anti-Virus\fsrw.exe] [F-Secure Corporation, 1.1.222 ]
[C:\Program Files\Shaw Secure\Common\fsexc.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\common\fsma32.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\common\fspmapi.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\tnb\fstnb.dll] [F-Secure Corporation, 1.0.126 ]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 2244][C:\Program Files\Shaw Secure\FWES\Program\fsdfwd.exe] [F-Secure Corporation, 5.91.210]
[C:\Program Files\Shaw Secure\Common\fsexc.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\common\fsma32.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\common\fspmapi.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\tnb\fstnb.dll] [F-Secure Corporation, 1.0.126 ]
[c:\program files\shaw secure\common\fsld32.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\common\fswscs.dll] [F-Secure Corporation, 1.00.170]
[C:\Program Files\Shaw Secure\FWES\Program\fsmirror.dll] [F-Secure Corporation, 2.0.134.0]
[c:\program files\shaw secure\anti-virus\fsgkiapi.dll] [F-Secure Corp., 6.00.11230]
[C:\PROGRA~1\SHAWSE~1\Common\fsdfwres.ENG] [F-Secure Corporation, 5.91.210]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
[PID: 2868][C:\Program Files\Shaw Secure\Anti-Virus\fssm32.exe] [F-Secure Corp., 6.10.12200]
[C:\Program Files\Shaw Secure\Anti-Virus\FM4AV.dll] [N/A, N/A]
[C:\Program Files\Shaw Secure\Anti-Virus\avpproxy.dll] [F-Secure Corporation, 1.2.11430]
[C:\Program Files\Shaw Secure\Anti-Virus\avpfpi0.dll] [Kaspersky Labs, 6.0.169.7050]
[C:\Program Files\Shaw Secure\Anti-Virus\avp_iont.dll] [Kaspersky Labs, 5.0.0.0]
[C:\Program Files\Shaw Secure\Anti-Virus\avpfpi1.dll] [Kaspersky Labs, 6.0.169.7050]
[C:\Program Files\Shaw Secure\Anti-Spyware\LSSE.DLL] [Lavasoft, 1.0.35.0]
[C:\Program Files\Shaw Secure\Anti-Virus\fslfpi.dll] [F-Secure Corporation, 2.03.11]
[C:\Program Files\Shaw Secure\Anti-Virus\dffpi.dll] [F-Secure Corporation, 1.02.37]
[PID: 3720][C:\Program Files\Shaw Secure\Anti-Virus\fsav32.exe] [F-Secure Corporation, 6.10.11370]
[C:\Program Files\Shaw Secure\Anti-Virus\fsched.dll] [F-Secure Corporation, 5.50.9110]
[C:\Program Files\Shaw Secure\Anti-Virus\FSTSM.DLL] [F-Secure Corporation, 5.40.8160]
[c:\program files\shaw secure\common\fsma32.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\common\fspmapi.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\fswscs.dll] [F-Secure Corporation, 1.00.170]
[C:\Program Files\Shaw Secure\TNB\fstnb.dll] [F-Secure Corporation, 1.0.126 ]
[c:\program files\shaw secure\common\fsld32.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Anti-Virus\FSAVHRES.ENG] [N/A, N/A]
[c:\program files\shaw secure\daas\fsclm.dll] [F-Secure Corporation, 2.2.5 ]
[PID: 2104][C:\Program Files\Shaw Secure\Common\FSM32.EXE] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\FSPMAPI.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\FSMA32.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\FSLD32.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\fsexc.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\FSGUI\about.dll] [, 6, 0, 0, 140]
[C:\Program Files\Shaw Secure\Common\fsmres.ENG] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Anti-Spyware\fsawfsm.dll] [F-Secure Corporation, 1.1.160 ]
[C:\Program Files\Shaw Secure\FWES\Program\fsdfwpi.dll] [F-Secure Corporation, 5.91.210]
[C:\Program Files\Shaw Secure\Anti-Virus\fsmuiav.dll] [F-Secure Corporation, 6.10.11510]
[C:\Program Files\Shaw Secure\Anti-Virus\FSAVURES.ENG] [N/A, N/A]
[C:\Program Files\Shaw Secure\backweb\3875767\program\fsbwui.dll] [F-Secure Corporation, 6.90.7]
[C:\Program Files\Shaw Secure\Common\FSMA32S.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\TNB\fstnb.dll] [F-Secure Corporation, 1.0.126 ]
[C:\Program Files\Shaw Secure\FSGUI\guilaunc.dll] [F-Secure Corporation, 6, 20, 350, 0]
[C:\Program Files\Shaw Secure\Common\fsmaui32.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Common\fsmaures.ENG] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\Anti-Virus\fsuipx.dll] [F-Secure Corporation, 1.1.176 ]
[c:\program files\shaw secure\fsgui\flycomm.dll] [F-Secure Corporation, 6, 20, 350, 0]
[C:\Program Files\Shaw Secure\FSGUI\gres.dll] [F-Secure Corporation, 6, 20, 350, 0]
[C:\Program Files\Shaw Secure\Common\fsdfwpi.ENG] [F-Secure Corporation, 5.91.210]
[C:\Program Files\Shaw Secure\Common\fsdfwpi2.eng] [F-Secure Corporation, 5.91.210]
[PID: 1368][C:\PROGRA~1\SHAWSE~1\ANTI-S~1\fsaw.exe] [F-Secure Corporation, 1.1.197 ]
[C:\Program Files\Shaw Secure\Common\fsexc.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\common\fsma32.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\common\fspmapi.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\tnb\fstnb.dll] [F-Secure Corporation, 1.0.126 ]
[C:\PROGRA~1\SHAWSE~1\ANTI-S~1\FSAWLIST.dll] [F-Secure Corporation, 1.1.133 ]
[c:\program files\shaw secure\fsgui\flycomm.dll] [F-Secure Corporation, 6, 20, 350, 0]
[C:\PROGRA~1\SHAWSE~1\ANTI-S~1\fsaw.dll] [Lavasoft, 1.0.17.0]
[PID: 1604][C:\Program Files\Shaw Secure\FSGUI\fsguidll.exe] [F-Secure Corporation, 6, 20, 350, 0]
[C:\Program Files\Shaw Secure\Common\fsexc.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\common\fsld32.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\FSGUI\guiplugn.dll] [F-Secure Corporation, 6, 20, 350, 0]
[C:\Program Files\Shaw Secure\FSGUI\gres.dll] [F-Secure Corporation, 6, 20, 350, 0]
[C:\Program Files\Shaw Secure\FSGUI\flyer.dll] [F-Secure Corporation, 6, 20, 350, 0]
[c:\program files\shaw secure\common\fsma32.dll] [F-Secure Corporation, 6.05.8452 ]
[c:\program files\shaw secure\common\fspmapi.dll] [F-Secure Corporation, 6.05.8452 ]
[C:\Program Files\Shaw Secure\FSGUI\fsavesui.dll] [F-Secure Corporation, 6, 20, 350, 0]
[C:\Program Files\Shaw Secure\FSGUI\guilares.ENG] [F-Secure Corporation, 1, 1, 410, 16]
[c:\program files\shaw secure\tnb\fstnb.dll] [F-Secure Corporation, 1.0.126 ]
[C:\Program Files\Shaw Secure\FSGUI\fsesres.ENG] [, 1, 0, 1, 0]
[C:\Program Files\Shaw Secure\FSGUI\fsesres.dll] [N/A, N/A]
[C:\Program Files\Shaw Secure\FSGUI\flyerres.ENG] [N/A, N/A]
[C:\Program Files\Shaw Secure\FSGUI\flyerres.dll] [N/A, N/A]
[PID: 1428][C:\WINDOWS\system32\WISPTIS.EXE] [Microsoft Corporation, 1.0.2201.0 (xpsp1.020828-1920)]
[C:\Program Files\Common Files\Microsoft Shared\INK\TPCPS.DLL] [Microsoft Corporation, 1.0.2201.0 (xpsp1.020828-1920)]
[PID: 3696][C:\DOCUME~1\Name\LOCALS~1\Temp\Temporary Directory 1 for sreng2.zip\SREng.EXE] [Smallfrogs Studio, 2.3.13.690]
[C:\Program Files\Shaw Secure\FWES\Program\fsdc.dll] [F-Secure Corporation, 5.91.210]
==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock Provider
N/A
==================================
Autorun.Inf
N/A
==================================
HOSTS File
127.0.0.1 localhost
==================================
API HOOK
N/A
==================================