Here is my ComboScan.txt:
ComboScan v20070306.20 run by Ace on 2007-03-12 at 01:11:45
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Failed to create restore point; System Restore is disabled (service is not running).
-- Last 2 Restore Point(s) --
2: 2007-03-10 00:49:25 UTC - RP2 - After
1: 2007-03-10 00:27:44 UTC - RP1 - System Checkpoint
Performed disk cleanup.
-- HijackThis (run as Ace.exe) -------------------------------------------------
HijackThis failed to provide a log after three minutes; running clone instead.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-03-12 01:15:35
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.0.2900.2180)
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchosts.exe
C:\WINDOWS\QmFudGluZyBGYW1pbHk\command.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\PMJ151LA.BIN
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\dvwwhgpc\csrss.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\WINDOWS\SM1bg.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\{3830DA84-0BB6-1033-0217-050312030002}\Update.exe
C:\Program Files\Ipwindows\ipwins.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Documents and Settings\Ace\Application Data\?ppPatch\wuauboot.exe
C:\Program Files\Common Files\??stem32\?xplorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\PeDevice\PeDev.exe
C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
C:\Documents and Settings\Ace\Desktop\comboscan.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.virushelpzone.com/R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ieR1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieR1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieR3 - Default URLSearchHook is missing
F0 - win.ini: load=C:\WINDOWS\system32\dvwwhgpc\csrss.exe
F0 - win.ini: run=C:\WINDOWS\system32\dvwwhgpc\csrss.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
F3 - REG:win.ini: Load=C:\WINDOWS\System32\Userinit.exe
F3 - REG:win.ini: Run=C:\WINDOWS\System32\Userinit.exe
O1 - Hosts: 127.0.0.1 desktop.kazaa.com
O1 - Hosts: 127.0.0.1
www.altnetp2p.comO1 - Hosts: 127.0.0.1 alpha.kazaa.com
O1 - Hosts: 127.0.0.1 shop.kazaa.com
O1 - Hosts: 127.0.0.1
www.bonzi.comO1 - Hosts: 127.0.0.1
www.brilliantdigital.comO1 - Hosts: 127.0.0.1
www.b3d.comO1 - Hosts: 127.0.0.1 media.altnet.com
O1 - Hosts: 127.0.0.1
www.altnet.comO1 - Hosts: 127.0.0.1 dev.bde.com.au
O1 - Hosts: # 821 more entries remain in hosts file.
O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar4.dll
O2 - BHO: (no name) - {B36E7466-C9F8-E92E-F5AE-C2DEBBC20AE5} - C:\WINDOWS\system32\mrhlmpie.dll
O2 - BHO: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\Program Files\Common Files\{3830DA84-0BB6-1033-0217-050312030002}\Bar888.dll
O2 - BHO: PEDEV_IEListener Class - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - C:\Program Files\PeDevice\PeDev.dll
O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\Program Files\Common Files\{3830DA84-0BB6-1033-0217-050312030002}\Bar888.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar4.dll
O4 - HKLM\..\Run: [Corel Graphics Suite 1117] C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe /title="Corel Graphics Suite 11" /date=092004 serial=DR11CRD-0012082-DGW
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [{3830DA84-0BB6-1033-0217-050312030002}] "C:\Program Files\Common Files\{3830DA84-0BB6-1033-0217-050312030002}\Update.exe" te-110-12-0000282
O4 - HKLM\..\Run: [IpWins] C:\Program Files\Ipwindows\ipwins.exe
O4 - HKLM\..\Run: [Nfo] C:\WINDOWS\system32\nfomon\nfomon.exe
O4 - HKLM\..\Run: [vidmon] C:\WINDOWS\system32\vidmon\vidmon.exe
O4 - HKCU\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [Orbt] "C:\DOCUME~1\Ace\APPLIC~1\PPPATC~1\wuauboot.exe" -vt ndrv
O4 - HKCU\..\Run: [Fihhij] C:\Program Files\Common Files\??stem32\?xplorer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: csrss.lnk =
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - (file missing)
O9 - Extra 'Tools' menuitem: (no name) - {44226DFF-747E-4edc-B30C-78752E50CD0C} - (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra 'Tools' menuitem: (no name) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: AOL Instant Messenger (tm) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe (file missing)
O9 - Extra 'Tools' menuitem: (no name) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.live.com (HKCU)
O15 - Trusted Zone: *.msn.com (HKCU)
O16 - DPF: RaptisoftGameLoader () -
http://www.miniclip.com/hamsterball/raptisoftgameloader.cabO16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cabO16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
http://www.apple.com/qtactivex/qtplugin.cabO16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cabO16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macromedia.com/pub/shockwa...director/sw.cabO16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) -
http://download.macromedia.com/pub/shockwa...director/sw.cabO16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) -
http://www.miniclip.com/bestfriends/retro64_loader.dllO16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/MineS...er.cab31267.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by124w.bay124.mail.live.com/mail/re...es/MsnPUpld.cabO16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -
http://upload.facebook.com/controls/Facebo...otoUploader.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://messenger.zone.msn.com/binary/ZIntro.cab47946.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwa...ash/swflash.cabO16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cabO16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) -
http://costco.pnimedia.com/upload/activex/...tupv2.0.0.9.cab?
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - Winlogon Notify: AtiExtEvent - C:\WINDOWS\system32\Ati2evxx.dll
O23 - Service: Alerter - C:\WINDOWS\system32\svchost.exe -k LocalService
O23 - Service: Application Layer Gateway Service (ALG) - C:\WINDOWS\system32\alg.exe
O23 - Service: Application Management (AppMgmt) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
O23 - Service: Ati HotKey Poller - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: ATI Smart - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Windows Audio (AudioSrv) - C:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: avast! Antivirus - "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
O23 - Service: avast! Mail Scanner - "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
O23 - Service: avast! Web Scanner - "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
O23 - Service: Background Intelligent Transfer Service (BITS) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Computer Browser (Browser) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Indexing Service (cisvc) - C:\WINDOWS\system32\cisvc.exe
O23 - Service: Client IP-IPX - "C:\WINDOWS\system32\svchosts.exe" -e te-110-12-0000282
O23 - Service: ClipBook (ClipSrv) - C:\WINDOWS\system32\clipsrv.exe
O23 - Service: Command Service (cmdService) - C:\WINDOWS\QmFudGluZyBGYW1pbHk\command.exe
O23 - Service: COM+ System Application (COMSysApp) - C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
O23 - Service: Creative Service for CDROM Access - C:\WINDOWS\system32\CTSVCCDA.EXE
O23 - Service: Cryptographic Services (CryptSvc) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: DCOM Server Process Launcher (DcomLaunch) - C:\WINDOWS\system32\svchost -k DcomLaunch
O23 - Service: DHCP Client (Dhcp) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - C:\WINDOWS\System32\dmadmin.exe /com
O23 - Service: Logical Disk Manager (dmserver) - C:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: DNS Client (Dnscache) - C:\WINDOWS\system32\svchost.exe -k NetworkService
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Error Reporting Service (ERSvc) - C:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: Event Log (Eventlog) - C:\WINDOWS\system32\services.exe
O23 - Service: COM+ Event System (EventSystem) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Fast User Switching Compatibility (FastUserSwitchingCompatibility) - C:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: Google Updater Service (gusvc) - "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
O23 - Service: Help and Support (helpsvc) - C:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: Human Interface Device Access (HidServ) - C:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: HTTP SSL (HTTPFilter) - C:\WINDOWS\System32\svchost.exe -k HTTPFilter
O23 - Service: InstallDriver Table Manager (IDriverT) - "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - C:\WINDOWS\system32\imapi.exe
O23 - Service: Server (lanmanserver) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Workstation (lanmanworkstation) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: TCP/IP NetBIOS Helper (LmHosts) - C:\WINDOWS\system32\svchost.exe -k LocalService
O23 - Service: Machine Debug Manager (MDM) - "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
O23 - Service: Messenger - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: NetMeeting Remote Desktop Sharing (mnmsrvc) - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - C:\WINDOWS\system32\msdtc.exe
O23 - Service: Windows Installer (MSIServer) - C:\WINDOWS\system32\msiexec.exe /V
O23 - Service: Network DDE (NetDDE) - C:\WINDOWS\system32\netdde.exe
O23 - Service: Network DDE DSDM (NetDDEdsdm) - C:\WINDOWS\system32\netdde.exe
O23 - Service: Net Logon (Netlogon) - C:\WINDOWS\system32\lsass.exe
O23 - Service: Network Connections (Netman) - C:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: Network Location Awareness (NLA) (Nla) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: NT LM Security Support Provider (NtLmSsp) - C:\WINDOWS\system32\lsass.exe
O23 - Service: Removable Storage (NtmsSvc) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Office Source Engine (ose) - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
O23 - Service: PCTEL Speaker Phone (Pctspk) - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Plug and Play (PlugPlay) - C:\WINDOWS\system32\services.exe
O23 - Service: PMJ151 AutoLaunch Service (PMJ151LA) - C:\WINDOWS\PMJ151LA.BIN
O23 - Service: IPSEC Services (PolicyAgent) - C:\WINDOWS\system32\lsass.exe
O23 - Service: Protected Storage (ProtectedStorage) - C:\WINDOWS\system32\lsass.exe
O23 - Service: Remote Access Auto Connection Manager (RasAuto) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Remote Access Connection Manager (RasMan) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Routing and Remote Access (RemoteAccess) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Remote Registry (RemoteRegistry) - C:\WINDOWS\system32\svchost.exe -k LocalService
O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - C:\WINDOWS\system32\locator.exe
O23 - Service: Remote Procedure Call (RPC) (RpcSs) - C:\WINDOWS\system32\svchost -k rpcss
O23 - Service: QoS RSVP (RSVP) - C:\WINDOWS\system32\rsvp.exe
O23 - Service: Security Accounts Manager (SamSs) - C:\WINDOWS\system32\lsass.exe
O23 - Service: Smart Card Helper (SCardDrv) - C:\WINDOWS\system32\scardsvr.exe
O23 - Service: Smart Card (SCardSvr) - C:\WINDOWS\system32\scardsvr.exe
O23 - Service: Task Scheduler (Schedule) - C:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: Secondary Logon (seclogon) - C:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: System Event Notification (SENS) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Windows Firewall/Internet Connection Sharing (ICS) (SharedAccess) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Shell Hardware Detection (ShellHWDetection) - C:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: Print Spooler (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: System Restore Service (srservice) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: SSDP Discovery Service (SSDPSRV) - C:\WINDOWS\system32\svchost.exe -k LocalService
O23 - Service: Windows Image Acquisition (WIA) (stisvc) - C:\WINDOWS\system32\svchost.exe -k imgsvc
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - C:\WINDOWS\system32\dllhost.exe /Processid:{DB4DBE83-33B1-470D-9507-2231E2EB8DD1}
O23 - Service: Performance Logs and Alerts (SysmonLog) - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telephony (TapiSrv) - C:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: Terminal Services (TermService) - C:\WINDOWS\System32\svchost -k DComLaunch
O23 - Service: Themes - C:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: Telnet (TlntSvr) - C:\WINDOWS\system32\tlntsvr.exe
O23 - Service: Distributed Link Tracking Client (TrkWks) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows User Mode Driver Framework (UMWdf) - C:\WINDOWS\system32\wdfmgr.exe
O23 - Service: Universal Plug and Play Device Host (upnphost) - C:\WINDOWS\system32\svchost.exe -k LocalService
O23 - Service: Uninterruptible Power Supply (UPS) - C:\WINDOWS\system32\ups.exe
O23 - Service: Volume Shadow Copy (VSS) - C:\WINDOWS\system32\vssvc.exe
O23 - Service: Windows Time (W32Time) - C:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: WebClient - C:\WINDOWS\system32\svchost.exe -k LocalService
O23 - Service: Windows Management Instrumentation (winmgmt) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Portable Media Serial Number Service (WmdmPmSN) - C:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: Windows Management Instrumentation Driver Extensions (Wmi) - C:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: WMI Performance Adapter (WmiApSrv) - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Security Center (wscsvc) - C:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: Automatic Updates (wuauserv) - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Wireless Zero Configuration (WZCSVC) - C:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: X10 Device Network Service (x10nets) - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe
O23 - Service: Network Provisioning Service (xmlprov) - C:\WINDOWS\System32\svchost.exe -k netsvcs
-- File Associations -----------------------------------------------------------
.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
[color=\"red\"].reg - regfile - "%1"[/color]
.scr - scrfile - "%1" /S
[color=\"red\"].txt - txtfile - NOTEPAD.EXE %1[/color]
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
3S 61883 (61883 Unit Device) - C:\WINDOWS\system32\drivers\61883.sys
1R Aavmker4 (avast! Asynchronous Virus Monitor) - C:\WINDOWS\system32\drivers\aavmker4.sys
3S ac97intc (Intel® 82801 Audio Driver Install Service (WDM)) - C:\WINDOWS\system32\drivers\ac97intc.sys
3S AGBFMON - C:\WINDOWS\system32\drivers\AGBFMON.SYS
3R Arp1394 (1394 ARP Client Protocol) - C:\WINDOWS\system32\drivers\arp1394.sys
2R Aspi32 - C:\WINDOWS\system32\drivers\aspi32.sys
2R aswMon2 (avast! Standard Shield Support) - C:\WINDOWS\system32\drivers\aswmon2.sys
3S aswRdr - C:\WINDOWS\system32\drivers\aswRdr.sys
1R aswTdi (avast! Network Shield Support) - C:\WINDOWS\system32\drivers\aswTdi.sys
3R ati2mtag - C:\WINDOWS\system32\drivers\ati2mtag.sys
3R atinrvxx (ATI WDM Rage Theater Video) - C:\WINDOWS\system32\drivers\atinrvxx.sys
2R ATITUNEP (ATI WDM TV Tuner) - C:\WINDOWS\system32\drivers\atintuxx.sys
3R ativraxx (ATI WDM Rage Theater Audio) - C:\WINDOWS\system32\drivers\atinraxx.sys
2R ATIXSAudio (ATI WDM TV Audio Crossbar) - C:\WINDOWS\system32\drivers\atinxsxx.sys
3S Avc (AVC Device) - C:\WINDOWS\system32\drivers\avc.sys
3S CCDECODE (Closed Caption Decoder) - C:\WINDOWS\system32\drivers\ccdecode.sys
1R Cdr4_xp - C:\WINDOWS\system32\drivers\cdr4_xp.sys
1R Cdralw2k - C:\WINDOWS\system32\drivers\cdralw2k.sys
1R cdudf_xp - C:\WINDOWS\system32\drivers\Cdudf_xp.sys
1R Cinemsup - C:\WINDOWS\system32\drivers\cinemsup.sys
3R ctljystk (Creative SBLive! Gameport) - C:\WINDOWS\system32\drivers\ctljystk.sys
0R drvmcdb - C:\WINDOWS\system32\drivers\drvmcdb.sys
1R DVDVRRdr_xp - C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys
3R dvd_2K - C:\WINDOWS\system32\drivers\dvd_2k.sys
3R emu10k (Creative SB Live! (WDM)) - C:\WINDOWS\system32\drivers\emu10k1m.sys
3R emu10k1 (Creative Interface Manager Driver (WDM)) - C:\WINDOWS\system32\drivers\ctlfacem.sys
3R Eplpdx02 - C:\WINDOWS\system32\drivers\EPLPDX02.SYS
1R FsVga - C:\WINDOWS\system32\drivers\fsvga.sys
3S hidgame (Microsoft Hid to Joystick Port Enabler) - C:\WINDOWS\system32\drivers\hidgame.sys
3R HidUsb (Microsoft HID Class Driver) - C:\WINDOWS\system32\drivers\hidusb.sys
1R intelppm (Intel Processor Driver) - C:\WINDOWS\system32\drivers\intelppm.sys
3S Jukebox3 - C:\WINDOWS\system32\drivers\ctpdusb.sys
3S mmc_2K - C:\WINDOWS\system32\drivers\mmc_2k.sys
3R mouhid (Mouse HID Driver) - C:\WINDOWS\system32\drivers\mouhid.sys
3S MSDV (Microsoft DV Camera and VCR) - C:\WINDOWS\system32\drivers\msdv.sys
3S MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter) - C:\WINDOWS\system32\drivers\mstee.sys
3S MTDVC (Panasonic DVC USB-SERIAL Driver for NT Technology) - C:\WINDOWS\system32\drivers\mtdv2ku1.sys
3S MTDVC_ENUM (Panasonic DVC COM Driver for NT Technology) - C:\WINDOWS\system32\drivers\mtdv2ks1.sys
2R MVDCODEC (ATI WDM Specialized MVD Codec) - C:\WINDOWS\system32\drivers\atinmdxx.sys
3S NABTSFEC (NABTS/FEC VBI Codec) - C:\WINDOWS\system32\drivers\nabtsfec.sys
3S NdisIP (Microsoft TV/Video Connection) - C:\WINDOWS\system32\drivers\ndisip.sys
3R NIC1394 (1394 Net Driver) - C:\WINDOWS\system32\drivers\nic1394.sys
3S ntgrip (Gravis GamePort device driver) - C:\WINDOWS\system32\drivers\ntgrip.sys
3S nv - C:\WINDOWS\system32\drivers\nv4_mini.sys
0R ohci1394 (NEC FireWarden OHCI Compliant IEEE 1394 Host Controller) - C:\WINDOWS\system32\drivers\ohci1394.sys
3R pfc (PADUS ASPI SHELL) - C:\WINDOWS\system32\drivers\pfc.sys
2R PMJ151NM (Panasonic DVC Web Camera) - C:\WINDOWS\system32\drivers\PMJ151NM.sys
3R Ptserlp (PCTEL Serial Device Driver for PCI) - C:\WINDOWS\system32\drivers\ptserlp.sys
1R pwd_2k - C:\WINDOWS\system32\drivers\Pwd_2k.sys
0R PxHelp20 - C:\WINDOWS\system32\drivers\pxhelp20.sys
3S rtl8139 (Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver) - C:\WINDOWS\system32\DRIVERS\RTL8139.SYS (not found)
3R sfman (Creative SoundFont Manager Driver (WDM)) - C:\WINDOWS\system32\drivers\sfmanm.sys
3S SLIP (BDA Slip De-Framer) - C:\WINDOWS\system32\drivers\slip.sys
3S SONYPVU1 (Sony USB Filter Driver (SONYPVU1)) - C:\WINDOWS\system32\drivers\SONYPVU1.SYS
3R StillCam (Still Serial Digital Camera Driver) - C:\WINDOWS\system32\drivers\serscan.sys
3S streamip (BDA IPSink) - C:\WINDOWS\system32\drivers\streamip.sys
1R UDFReadr - C:\WINDOWS\system32\drivers\Udfreadr.sys
3R usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - C:\WINDOWS\system32\drivers\usbehci.sys
3S usbprint (Microsoft USB PRINTER Class) - C:\WINDOWS\system32\drivers\usbprint.sys
3R usbscan (USB Scanner Driver) - C:\WINDOWS\system32\drivers\usbscan.sys
3S USBSTOR (USB Mass Storage Driver) - C:\WINDOWS\system32\drivers\USBSTOR.SYS
0R Vmodem (XP Vmodem) - C:\WINDOWS\system32\drivers\vmodem.sys
0R Vpctcom (XP Vpctcom) - C:\WINDOWS\system32\drivers\vpctcom.sys
0R Vvoice (XP Vvoice) - C:\WINDOWS\system32\drivers\vvoice.sys
1R WS2IFSL (Windows Socket 2.0 Non-IFS Service Provider Support Environment) - C:\WINDOWS\system32\drivers\ws2ifsl.sys
3S WSTCODEC (World Standard Teletext Codec) - C:\WINDOWS\system32\drivers\wstcodec.sys
3R yukonwxp (NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller) - C:\WINDOWS\system32\drivers\yk51x86.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
4S aswUpdSv (avast! iAVS4 Control Service) - "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
2R Ati HotKey Poller - C:\WINDOWS\System32\Ati2evxx.exe
2S ATI Smart - C:\WINDOWS\system32\ati2sgag.exe
4S avast! Antivirus - "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
3S avast! Mail Scanner - "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
3S avast! Web Scanner - "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
2R Client IP-IPX - "C:\WINDOWS\system32\svchosts.exe" -e te-110-12-0000282
2R cmdService (Command Service) - C:\WINDOWS\QmFudGluZyBGYW1pbHk\command.exe
2R Creative Service for CDROM Access - C:\WINDOWS\system32\CTsvcCDA.EXE
2R EPSONStatusAgent2 (EPSON Printer Status Agent2) - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
3S gusvc (Google Updater Service) - "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
3S IDriverT (InstallDriver Table Manager) - "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
3S ose (Office Source Engine) - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
2R Pctspk (PCTEL Speaker Phone) - C:\WINDOWS\system32\pctspk.exe
2R PMJ151LA (PMJ151 AutoLaunch Service) - C:\WINDOWS\PMJ151LA.BIN
3S SCardDrv (Smart Card Helper) - C:\WINDOWS\System32\SCardSvr.exe
2R UleadBurningHelper (Ulead Burning Helper) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
2R UMWdf (Windows User Mode Driver Framework) - C:\WINDOWS\system32\wdfmgr.exe
3S x10nets (X10 Device Network Service) - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe
-- Scheduled Tasks -------------------------------------------------------------
2007-03-06 01:14:00 318 --a------ C:\WINDOWS\Tasks\Ad-Aware SE Personal.job<AD-AWA~1.JOB>
2007-02-28 02:00:00 230 --a------ C:\WINDOWS\Tasks\dfrg.job
2007-01-10 00:20:00 278 --a------ C:\WINDOWS\Tasks\Disk Cleanup.job<DISKCL~1.JOB>
-- Files created between 2007-02-12 and 2007-03-12 -----------------------------
2007-03-09 17:10:55 0 d-------- C:\Program Files\NoAdware5.0<NOADWA~1.0>
2007-03-09 16:26:19 2 ---hs---- C:\WINDOWS\system32\taskkill.com
2007-03-09 16:26:19 2 ---hs---- C:\WINDOWS\system32\netstat.com
2007-03-09 15:46:10 0 d--hs---- C:\WINDOWS\system32\dvwwhgpc
2007-03-04 18:59:12 0 d-------- C:\Documents and Settings\Ace\Application Data\Registry Cleaner<REGIST~1>
2007-02-23 18:14:22 56832 --a------ C:\WINDOWS\system32\mrhlmpie.dll
2007-02-23 18:14:22 0 d-------- C:\Documents and Settings\Ace\Application Data\?ymbols
2007-02-22 19:44:44 0 d-------- C:\Program Files\PeDevice
2007-02-18 14:34:21 0 d-------- C:\Program Files\Common Files\{3830DA84-0BBA-1033-0217-050312030002}<{3830D~2>
-- Find3M Report ---------------------------------------------------------------
2007-03-12 01:14:37 0 d-------- C:\Program Files\Ipwindows<IPWIND~1>
2007-03-12 00:14:00 0 d-------- C:\Program Files\Common Files\{3830DA84-0BB6-1033-0217-050312030002}<{3830D~1>
2007-03-09 17:07:39 0 d-------- C:\Program Files\EPSON
2007-03-04 23:00:33 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-03-04 23:00:19 0 d-------- C:\Documents and Settings\Ace\Application Data\Apple Computer<APPLEC~1>
2007-03-03 23:21:14 0 d-------- C:\Program Files\Network Monitor<NETWOR~1>
2007-02-23 18:14:24 2 --a------ C:\WINDOWS\system32\wnsintsv.exe
2007-02-22 19:44:44 0 d-------- C:\Program Files\InetGet2
2007-02-14 19:29:40 0 d-------- C:\Program Files\Google
2007-02-11 01:38:58 0 d-------- C:\Program Files\DVD Shrink<DVDSHR~1>
2007-02-03 23:29:04 2560 --a------ C:\WINDOWS\system32\unsvchosts.exe<UNSVCH~1.EXE>
2007-02-03 23:29:04 36864 --a------ C:\WINDOWS\system32\svchosts.exe
2007-02-02 23:12:24 1902704 --a------ C:\Program Files\noadware.exe
2007-01-29 00:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe
2007-01-24 23:41:40 0 d-------- C:\Program Files\s?stem
2007-01-24 23:41:40 0 d-------- C:\Program Files\??stem
2007-01-24 23:41:07 0 d-------- C:\Documents and Settings\Ace\Application Data\?ppPatch
2007-01-24 15:10:20 0 d-------- C:\Program Files\Outerinfo<OUTERI~1>
2007-01-24 12:03:18 0 d-------- C:\Documents and Settings\Ace\Application Data\?ystem32
2007-01-17 14:16:37 0 d--h----- C:\Program Files\Common Files\Uninstall Information<UNINST~1>
2007-01-14 19:31:20 0 d-------- C:\Program Files\Common Files\??stem32
2007-01-14 19:30:44 32177 ---hs---- C:\Program Files\Common Files\Yazzle1122OinUninstaller.exe<YAZZLE~2.EXE>
2007-01-14 19:05:38 687592 --a------ C:\WINDOWS\system32\atmtd.dll
2007-01-03 13:19:56 171008 ---hs---- C:\Program Files\Common Files\Yazzle1122OinAdmin.exe<YAZZLE~1.EXE>
2006-12-19 13:52:18 134656 --a------ C:\WINDOWS\system32\shsvcs.dll
2006-12-19 10:16:47 333824 --a------ C:\WINDOWS\system32\wiaservc.dll
-- Registry Dump ---------------------------------------------------------------
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
"Creative Detector"="C:\\Program Files\\Creative\\MediaSource\\Detector\\CTDetect.exe /R"
"Orbt"="\"C:\\DOCUME~1\\Ace\\APPLIC~1\\PPPATC~1\\wuauboot.exe\" -vt ndrv"
"Fihhij"="C:\\Program Files\\Common Files\\??stem32\\?xplorer.exe"
"csrss"=""
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Corel Graphics Suite 1117"="C:\\Program Files\\Corel\\Corel Graphics 11\\Register\\registration.exe /title=\"Corel Graphics Suite 11\" /date=092004 serial=DR11CRD-0012082-DGW"
"RoxioDragToDisc"="\"C:\\Program Files\\Roxio\\Easy Media Creator 7\\Drag to Disc\\DrgToDsc.exe\""
"SM1BG"="C:\\WINDOWS\\SM1BG.EXE"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"{3830DA84-0BB6-1033-0217-050312030002}"="\"C:\\Program Files\\Common Files\\{3830DA84-0BB6-1033-0217-050312030002}\\Update.exe\" te-110-12-0000282"
"IpWins"="C:\\Program Files\\Ipwindows\\ipwins.exe"
"Nfo"="C:\\WINDOWS\\system32\\nfomon\\nfomon.exe"
"vidmon"="C:\\WINDOWS\\system32\\vidmon\\vidmon.exe"
"csrss"=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"="Narrator.exe"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\runonce]
"RunNarrator"="Narrator.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^EPSON Status Monitor 3 Environment Check 2.lnk]
"path"="C:\\Documents and Settings\\All Users.WINDOWS\\Start Menu\\Programs\\Startup\\EPSON Status Monitor 3 Environment Check 2.lnk"
"backup"="C:\\WINDOWS\\pss\\EPSON Status Monitor 3 Environment Check 2.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\E_SRCV02.EXE "
"item"="EPSON Status Monitor 3 Environment Check 2"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Banting Family^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
"path"="C:\\Documents and Settings\\Banting Family\\Start Menu\\Programs\\Startup\\LimeWire On Startup.lnk"
"backup"="C:\\WINDOWS\\pss\\LimeWire On Startup.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\LimeWire\\LimeWire.exe -startup"
"item"="LimeWire On Startup"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKCU"
"command"=""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AT-Watch]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CXMon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Hpi_Monitor"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Hewlett-Packard\\PhotoSmart\\Photo Imaging\\Hpi_Monitor.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IMEKRMIG"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\ime\\imkr6_1\\IMEKRMIG.EXE"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IMJPMIG"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ink Monitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="InkMonitor"
"hkey"="HKLM"
"command"="C:\\Program Files\\EPSON\\Ink Monitor\\InkMonitor.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\key]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="winxp"
"hkey"="HKCU"
"command"="C:\\WINDOWS\\System32\\winxp.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
"key"="SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Windows"
"item"="zeh"
"hkey"="HKCU"
"command"="C:\\Program Files\\help\\zeh.exe"
"inimapping"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ImScInst"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\IME\\PINTLGNT\\ImScInst.exe /SYNC"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\System32\\NeroCheck.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TINTSETP"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TINTSETP"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DrgToDsc"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Roxio\\Easy Media Creator 7\\Drag to Disc\\DrgToDsc.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]
"key"="SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Windows"
"item"="zeh"
"hkey"="HKCU"
"command"="C:\\Program Files\\help\\zeh.exe"
"inimapping"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hpgs2wnd"
"hkey"="HKLM"
"command"="C:\\Program Files\\Hewlett-Packard\\PhotoSmart\\HP Share-to-Web\\hpgs2wnd.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SM1BG]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SM1BG"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\SM1BG.EXE"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Steam"
"hkey"="HKCU"
"command"="C:\\Program Files\\Valve\\Steam\\Steam.exe -silent"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="C:\\Program Files\\Java\\jre1.5.0_02\\bin\\jusched.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="realsched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WildTangent CDA]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="cdaEngine0400"
"hkey"="HKLM"
"command"="RUNDLL32.exe \"C:\\Program Files\\WildTangent\\Apps\\CDA\\cdaEngine0400.dll\",cdaEngineMain"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZingSpooler]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ZingSpooler"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Zing\\ZingSpooler.exe"
"inimapping"="0"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe"
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe"
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"="1"
"NoAdminPage"="1"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ AlerterWebClientLmHostsRemoteRegistryupnphostSSDPSRV
NetworkService REG_MULTI_SZ DnsCache
rpcss REG_MULTI_SZ RpcSs
imgsvc REG_MULTI_SZ StiSvc
termsvcs REG_MULTI_SZ TermService
HTTPFilter REG_MULTI_SZ HTTPFilter
DcomLaunch REG_MULTI_SZ DcomLaunchTermService
-- Hosts -----------------------------------------------------------------------
127.0.0.1 desktop.kazaa.com
127.0.0.1
www.altnetp2p.com127.0.0.1 alpha.kazaa.com
127.0.0.1 shop.kazaa.com
127.0.0.1
www.bonzi.com127.0.0.1
www.brilliantdigital.com127.0.0.1
www.b3d.com127.0.0.1 media.altnet.com
127.0.0.1
www.altnet.com127.0.0.1 dev.bde.com.au
821 more entries in hosts file.
-- End of ComboScan: finished at 2007-03-12 at 01:16:11 ------------------------
Show Posts