Author Topic: Possible Problem (Read 2534 times)

TSD151 · « **on:** July 21, 2008, 01:00:52 PM »

Possible problem. My Internet Explorer icon simply flashes the desktop when clicked but fails to navigate to my homepage, but only does this once in awhile.

Below is my HJL:

Logfile of HijackThis v1.99.1
Scan saved at 2:05:57 PM, on 9/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\java.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Travis\Desktop\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2060930
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://127.0.0.1:4664/first_usage&s=Y4...9kUcKX0OpLFAFZU
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} - C:\PROGRA~1\VOL_TO~1\VOL_TO~1.DLL
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} - C:\PROGRA~1\VOL_TO~1\VOL_TO~1.DLL
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Startup: 360Share Pro On Startup.lnk = C:\Program Files\360Share Pro\Gui\360Share Pro.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sdcCommon...DSL/tgctlcm.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.Email Removed.com/mail/w2/resources/MSNPUpld.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

guestolo · « **Reply #1 on:** July 21, 2008, 06:22:06 PM »

Can you do the following
Uninstall your version of Hijackthis from Add and Remove Programs as it's outdated

Then do the following
Download Hijackthis Installer from [color=\"#FF0000\"]HERE[/color]
For an alternate download location, you can try HERE
SAVE it to your desktop
Double click on HJTInstall.exe to run it
Choose Install

Hijackthis v2.0.2 will open
Just close it for now, as we will need it later

Then:
Download [color=\"#008000\"]Deckard's System Scanner (dss.exe)[/color] to your desktop.
Close all applications and windows.
Double-click on dss.exe to run it and follow the prompts.
When the scan is complete, two text files will open; main.txt, which will be maximized and extra.txt, which will be minimized.

Post back the Whole contents of Main.txt and Extra.txt

TSD151 · « **Reply #2 on:** July 23, 2008, 04:54:12 AM »

Deckard's System Scanner v20071014.68
Run by TSD on 2008-07-23 00:17:43
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
44: 2008-07-23 04:17:49 UTC - RP570 - Deckard's System Scanner Restore Point
43: 2008-07-22 23:04:46 UTC - RP569 - System Checkpoint
42: 2008-09-21 21:27:14 UTC - RP568 - System Checkpoint
41: 2008-09-20 14:39:21 UTC - RP567 - System Checkpoint
40: 2008-09-19 13:57:37 UTC - RP566 - Software Distribution Service 3.0

-- First Restore Point --
1: 2008-08-10 10:57:14 UTC - RP527 - System Checkpoint

Backed up registry hives.
Performed disk cleanup.

-- HijackThis (run as TSD.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:19:57 AM, on 7/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\java.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Travis\Local Settings\Temporary Internet Files\Content.IE5\IMR4MNOJ\dss[1].exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Travis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2060930
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://127.0.0.1:4664/first_usage&s=Y4...9kUcKX0OpLFAFZU
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} - C:\PROGRA~1\VOL_TO~1\VOL_TO~1.DLL
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} - C:\PROGRA~1\VOL_TO~1\VOL_TO~1.DLL
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1095074575-1839513708-70002034-1008\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup (User 'Tammie')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: 360Share Pro On Startup.lnk = C:\Program Files\360Share Pro\Gui\360Share Pro.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sdcCommon...DSL/tgctlcm.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.Email Removed.com/mail/w2/resources/MSNPUpld.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 10903 bytes

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 PCLEPCI - c:\windows\system32\drivers\pclepci.sys <Not Verified; Pinnacle Systems GmbH; PCLEPCI>
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
R3 ASAPIW2k - c:\windows\system32\drivers\asapiw2k.sys <Not Verified; Pinnacle Systems GmbH; asapi>
R3 LVPrcMon (Logitech LVPrcMon Driver) - c:\windows\system32\drivers\lvprcmon.sys
R3 MarvinBus (Pinnacle Marvin Bus) - c:\windows\system32\drivers\marvinbus.sys <Not Verified; Pinnacle Systems GmbH; Pinnacle Marvin>

S3 DSproct - c:\program files\dell support\gtaction\triggers\dsproct.sys <Not Verified; GTek Technologies Ltd.; processt>
S3 MREMPR5 (MREMPR5 NDIS Protocol Driver) - c:\program files\common files\motive\mrempr5.sys <Not Verified; Motive, Inc.; Motive Rawether for Windows>
S3 MRENDIS5 (MRENDIS5 NDIS Protocol Driver) - c:\program files\common files\motive\mrendis5.sys <Not Verified; Motive, Inc.; Motive Rawether for Windows>

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>

-- Device Manager: Disabled ----------------------------------------------------

Class GUID:
Description: Multimedia Controller
Device ID: PCI\VEN_11BD&DEV_BEDE&SUBSYS_002211BD&REV_00\4&5855BE9&0&10F0
Manufacturer:
Name: Multimedia Controller
PNP Device ID: PCI\VEN_11BD&DEV_BEDE&SUBSYS_002211BD&REV_00\4&5855BE9&0&10F0
Service:

-- Scheduled Tasks -------------------------------------------------------------

2008-09-18 17:51:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

-- Files created between 2008-06-23 and 2008-07-23 -----------------------------

2008-09-16 17:57:47 66888 --ah----- C:\WINDOWS\system32\mlfcache.dat
2008-09-16 17:40:27 0 d-------- C:\Program Files\iTunes
2008-09-16 17:39:37 0 d-------- C:\Program Files\Bonjour
2008-09-16 17:35:04 0 d-------- C:\Program Files\Safari
2008-07-23 00:15:10 0 d-------- C:\Program Files\Trend Micro

-- Find3M Report ---------------------------------------------------------------

2008-09-16 18:00:38 1734 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-09-16 17:42:43 0 d-------- C:\Program Files\Apple Software Update
2008-09-16 17:40:30 0 d-------- C:\Program Files\iPod
2008-09-16 17:39:23 0 d-------- C:\Program Files\QuickTime
2008-09-16 17:36:33 0 d-------- C:\Documents and Settings\Travis\Application Data\Apple Computer
2008-09-11 11:07:44 0 d-------- C:\Documents and Settings\Travis\Application Data\LimeWire
2008-08-11 16:20:53 0 d-------- C:\Program Files\LimeWire2
2008-05-24 11:23:03 0 d-------- C:\Program Files\LimeWire
2008-05-22 19:45:54 664 --a------ C:\WINDOWS\system32\d3d9caps.dat

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22}]
05/25/2007 09:15 AM 1904128 --a------ C:\PROGRA~1\VOL_TO~1\VOL_TO~1.DLL

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22}"= C:\PROGRA~1\VOL_TO~1\VOL_TO~1.DLL [05/25/2007 09:15 AM 1904128]

[-HKEY_CLASSES_ROOT\CLSID\{4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22}]
[HKEY_CLASSES_ROOT\vol_toolbar.VOL_TOOLBAR]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [04/21/2008 10:37 PM]
"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [03/10/2004 07:26 PM]
"AdaptecDirectCD"="C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [12/17/2002 04:28 PM]
"MMTray"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [09/08/2005 08:20 PM]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [07/12/2005 08:05 PM]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [12/09/2005 06:32 PM]
"LogitechCameraAssistant"="C:\Program Files\Logitech\Video\CameraAssistant.exe" [12/07/2005 01:26 PM]
"LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [12/07/2005 01:33 PM]
"LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [11/01/2004 08:22 PM]
"Verizon_McciTrayApp"="C:\Program Files\Verizon\McciTrayApp.exe" [06/06/2007 07:52 PM]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [07/10/2008 09:47 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [05/27/2008 10:50 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [07/10/2008 10:51 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/10/2004 06:00 AM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [01/19/2007 04:49 PM]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [06/21/2006 01:36 AM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Documents and Settings\Travis\Start Menu\Programs\Startup\
360Share Pro On Startup.lnk - C:\Program Files\360Share Pro\Gui\360Share Pro.exe [3/2/2006 1:52:02 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [4/23/2008 3:38:16 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BuildBU]
c:\dell\bldbubg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellHelp]
C:\Dell\DellHelp\DellHelp.exe /c

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
"C:\Program Files\Dell Support\DSAgnt.exe" /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
C:\WINDOWS\System32\DLA\DLACTRLW.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
C:\Program Files\Dell\Media Experience\DMXLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
"c:\dell\E-Center\EULAl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
"C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe]
c:\PROGRA~1\mcafee.com\agent\mcagent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
c:\PROGRA~1\mcafee.com\agent\mcupdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPFExe]
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKAGENTEXE]
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OASClnt]
C:\Program Files\McAfee.com\VSO\oasclnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RecoverFromReboo]
C:\WINDOWS\Temp\RECOVE~1.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
stsystra.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online]
c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask]
"C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
AutoRun\command- E:\setup.exe

-- End of Deckard's System Scanner: finished at 2008-07-23 00:20:25 ------------

[quote name=\'guestolo\' post=\'437640\' date=\'Jul 21 2008, 03:37 PM\']Can you do the following
Uninstall your version of Hijackthis from Add and Remove Programs as it's outdated

Then do the following
Download Hijackthis Installer from [color=\"#FF0000\"]HERE[/color]
For an alternate download location, you can try HERE
SAVE it to your desktop
Double click on HJTInstall.exe to run it
Choose Install

Hijackthis v2.0.2 will open
Just close it for now, as we will need it later

Then:
Download [color=\"#008000\"]Deckard's System Scanner (dss.exe)[/color] to your desktop.
Close all applications and windows.
Double-click on dss.exe to run it and follow the prompts.
When the scan is complete, two text files will open; main.txt, which will be maximized and extra.txt, which will be minimized.

Post back the Whole contents of Main.txt and Extra.txt[/quote]

guestolo · « **Reply #3 on:** July 23, 2008, 09:15:32 PM »

Let's check for possible infections,
download Malwarebytes' Anti-Malware from Here or Here
Save the installer to desktop

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Full Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

TSD151 · « **Reply #4 on:** September 01, 2008, 08:29:02 AM »

Sorry, I was out of town for awhile. Here is the Malware log and a fresh HJT log. Computer is still running slow especially anything IE related.

Malwarebytes' Anti-Malware 1.25
Database version: 1101
Windows 5.1.2600 Service Pack 2

9:52:16 AM 9/1/2008
mbam-log-09-01-2008 (09-52-16).txt

Scan type: Full Scan (C:\|)
Objects scanned: 136366
Time elapsed: 57 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:02:47 AM, on 8/31/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\java.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\LimeWire2\LimeWire.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2060930
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://127.0.0.1:4664/first_usage&s=Y4...9kUcKX0OpLFAFZU
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} - C:\PROGRA~1\VOL_TO~1\VOL_TO~1.DLL
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} - C:\PROGRA~1\VOL_TO~1\VOL_TO~1.DLL
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1095074575-1839513708-70002034-1008\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup (User 'Tammie')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: 360Share Pro On Startup.lnk = C:\Program Files\360Share Pro\Gui\360Share Pro.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sdcCommon...DSL/tgctlcm.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.Email Removed.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 11628 bytes

[quote name=\'guestolo\' post=\'437958\' date=\'Jul 23 2008, 07:42 PM\']Let's check for possible infections,
download Malwarebytes' Anti-Malware from Here or Here
Save the installer to desktop

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Full Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.[/quote]

guestolo · « **Reply #5 on:** September 01, 2008, 09:48:42 AM »

Since it's been awhile since your return, can you do the following please
Ensure that dss.exe is directly on your desktop
Then
go to Start - Run, and copy/paste the following (then press OK):

[color=\"#0000FF\"]"%userprofile%\desktop\dss.exe" /config[/color]

When the DSS Configuration display opens click the "Check All" button

Then click the "Scan!" button to start the scan.

Post back BOTH the log from Main.txt and Extra.txt

TSD151 · « **Reply #6 on:** September 03, 2008, 04:55:46 PM »

I'm not sure what dss.exe is or where to find it. It is not on my desktop.

[quote name=\'guestolo\' post=\'441600\' date=\'Sep 1 2008, 07:15 AM\']Since it's been awhile since your return, can you do the following please
Ensure that dss.exe is directly on your desktop
Then
go to Start - Run, and copy/paste the following (then press OK):

[color=\"#0000FF\"]"%userprofile%\desktop\dss.exe" /config[/color]

When the DSS Configuration display opens click the "Check All" button

Then click the "Scan!" button to start the scan.

Post back BOTH the log from Main.txt and Extra.txt[/quote]

guestolo · « **Reply #7 on:** September 03, 2008, 07:02:36 PM »

Can you do the following instead for now
Please supply an uninstall list from Hijackthis
Open Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents

TSD151 · « **Reply #8 on:** September 05, 2008, 07:41:16 PM »

2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Acrobat.com
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Flash Player ActiveX
Adobe Reader 7.1.0
America Online (Choose which version to remove)
AnswerWorks 4.0 Runtime - English
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOLIcon
Apple Mobile Device Support
Apple Software Update
ATI Control Panel
ATI Display Driver
AVG 7.5
Azureus
Bonjour
CleanUp!
Conexant D850 56K V.9x DFVc Modem
Corel Paint Shop Pro X
Corel Photo Album 6
Dell CinePlayer
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Game Console
Dell Support 3.2
Digital Content Portal
Digital Line Detect
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
Documentation & Support Launcher
EarthLink setup files
Easy CD Creator 5 Basic
EducateU
ELIcon
ESPNMotion
Games, Music, & Photos Launcher
GemMaster Mystic
Get High Speed Internet!
Google Desktop
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hollywood FX 5.5 Additional Effects
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB909394)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
HP Extended Capabilities 5.3
HP Image Zone Express
HP Imaging Device Functions 5.3
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
Intel® PRO Network Connections Drivers
Intel® PROSet for Wired Connections
Internet Service Offers Launcher
iPod for Windows 2006-03-23
iTunes
J2SE Runtime Environment 5.0 Update 6
Java(tm) 6 Update 3
Learn2 Player (Uninstall Only)
LimeWire 4.18.2
Linksys Updater
Logitech QuickCam Software
LogitechÂ® Camera Driver
Malwarebytes' Anti-Malware
MCU
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft ActiveSync 4.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Edition 2003
Microsoft Office Word MUI (English) 2007
Microsoft Office Word Viewer 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Rise Of Nations
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works
Modem Helper
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML4 Parser
MusicmatchÂ® Jukebox
NetWaiting
NetZeroInstallers
Otto
Pinnacle Hollywood FX
PokerStars.net
QuickTime
RealPlayer Basic
Rise of Nations Thrones and Patriots
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Safari
Scientific-Atlanta WebSTAR 2000 series Cable Modem
SearchAssist
Security Update for 2007 Microsoft Office System (KB951596)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB951546)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Visio 2007 (KB947590)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Sonic Activation Module
Sonic Encoders
Sonic Update Manager
SpywareBlaster v3.5.1
Studio 9
Studio 9 Content CD/DVD
System Alert Popup
TurboTax Deluxe 2007
Update for Office 2007 (KB946691)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB951072-v2)
Update Rollup 2 for Windows XP Media Center Edition 2005
URL Assistant
Verizon Broadband Toolbar
Verizon Online DSL
Verizon Online Help and Support
Viewpoint Media Player
WildTangent Web Driver
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890927
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Toolbar

[quote name=\'guestolo\' post=\'441899\' date=\'Sep 3 2008, 04:29 PM\']Can you do the following instead for now
Please supply an uninstall list from Hijackthis
Open Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents[/quote]

guestolo · « **Reply #9 on:** September 06, 2008, 11:02:35 AM »

Can you also do the following for me please

Access your Add and Remove programs and remove the following
Some are preinstalled on Dell computers and not needed
J2SE Runtime Environment 5.0 Update 6
Javaâ„¢ 6 Update 3
Viewpoint Media Player
WildTangent Web Driver
System Alert Popup
SearchAssist
Internet Service Offers Launcher
URL Assistant
ESPN Motion
NetZeroInstallers

Reboot your computer
Back in Windows
[color=\"blue\"]Updating Java:[/color]

Download the latest version of Java Runtime Environment (JRE) 6.
Scroll down to where it says "Java Runtime Environment (JRE) 6 Update 7".
Click the "Download" button to the right.
In the Window that opens, select Windows,>>Check the "agree" box and click Continue.
Click on the link to download Windows Offline Installation and save to your desktop.
.
Then from your desktop double-click on jre-6u7-windows-i586-p.exe that you downloaded to install the newest version.

Download [color=\"#FF0000\"]OTViewIt[/color][/url] to your desktop.

Close all windows and open it
Click Run Scan and let the program run uninterrupted
It will produce two logs for you, one will pop up called OTViewIt.txt, the other will be saved on your desktop and called Extras. Post both those logs here.
You may need to use two posts to get it all on the forum

TSD151 · « **Reply #10 on:** September 06, 2008, 11:14:44 PM »

OTViewIt logfile created on: 9/6/2008 6:32:45 PM - Run 1
OTViewIt by OldTimer - Version 1.0.1.8 Folder = C:\Documents and Settings\Travis\Local Settings\Temporary Internet Files\Content.IE5\BGCT9OHI
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.07 Mb Total Physical Memory | 537.04 Mb Available Physical Memory | 52.54% Memory free
2.40 Gb Paging File | 2.06 Gb Available in Paging File | 85.64% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.80 Gb Total Space | 14.02 Gb Free Space | 20.09% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MAIN
Current User Name: Travis
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On

===== Processes - Non-Microsoft Only =====

[12/09/2005 06:37 PM | 00,081,920 | ---- | M] (Logitech Inc.) - c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
[12/17/2002 04:28 PM | 00,684,032 | ---- | M] (Roxio) - C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe
[09/08/2005 08:20 PM | 00,110,592 | ---- | M] (Musicmatch, Inc.) - C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
[12/09/2005 06:32 PM | 00,225,280 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\LVCOMSX.EXE
[12/07/2005 01:26 PM | 00,489,472 | ---- | M] (Logitech Inc.) - C:\Program Files\Logitech\Video\CameraAssistant.exe
[11/01/2004 08:22 PM | 00,262,144 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\ElkCtrl.exe
[06/06/2007 07:52 PM | 00,936,960 | ---- | M] (Motive Communications, Inc.) - C:\Program Files\Verizon\McciTrayApp.exe

===== Win32 Services - Non-Microsoft Only =====

(LinksysUpdater) Linksys Updater [Auto | Stopped]
[01/15/2008 10:28 AM | 00,204,800 | ---- | M] () - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe

(LVPrcSrv) Logitech Process Monitor [Auto | Running]
[12/09/2005 06:37 PM | 00,081,920 | ---- | M] (Logitech Inc.) - c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe

===== Driver Services - Non-Microsoft Only =====

(cdudf_xp) cdudf_xp [System | Running]
[12/17/2002 04:27 PM | 00,241,152 | ---- | M] (Roxio) - C:\WINDOWS\System32\drivers\cdudf_xp.sys

(DSproct) DSproct [On_Demand | Stopped]
[01/10/2006 01:07 PM | 00,004,864 | ---- | M] (GTek Technologies Ltd.) - C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys

(dvd_2K) dvd_2K [On_Demand | Running]
[12/03/2006 03:22 PM | 00,025,898 | ---- | M] (Roxio) - C:\WINDOWS\System32\drivers\Dvd_2k.sys

(Lvckap) Logitech Kernel Audio Processing Filter Driver [On_Demand | Stopped]
[12/09/2005 06:35 PM | 02,174,464 | ---- | M] () - C:\WINDOWS\system32\drivers\Lvckap.sys

(lvmvdrv) Logitech Machine Vision Engine Loader [On_Demand | Stopped]
[12/09/2005 06:37 PM | 02,400,256 | ---- | M] () - C:\WINDOWS\system32\drivers\LVMVdrv.sys

(LVPrcMon) Logitech LVPrcMon Driver [On_Demand | Running]
[12/09/2005 06:37 PM | 00,016,768 | ---- | M] () - C:\WINDOWS\system32\drivers\LVPrcMon.sys

(LVUSBSta) Logitech USB Monitor Filter [On_Demand | Running]
[12/05/2005 11:26 PM | 00,039,424 | R--- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\LVUSBSta.sys

(mmc_2K) mmc_2K [On_Demand | Stopped]
[12/03/2006 03:22 PM | 00,030,630 | ---- | M] (Roxio) - C:\WINDOWS\System32\drivers\Mmc_2k.sys

(mraid35x) mraid35x [Disabled | Stopped]
[08/17/2001 02:52 PM | 00,017,280 | ---- | M] (American Megatrends Inc.) - C:\WINDOWS\system32\drivers\mraid35x.sys

(MREMPR5) MREMPR5 NDIS Protocol Driver [On_Demand | Stopped]
[06/06/2007 07:52 PM | 00,019,345 | ---- | M] (Motive, Inc.) - C:\Program Files\Common Files\Motive\MREMPR5.sys

(MRENDIS5) MRENDIS5 NDIS Protocol Driver [On_Demand | Stopped]
[06/06/2007 07:52 PM | 00,018,003 | ---- | M] (Motive, Inc.) - C:\Program Files\Common Files\Motive\MRENDIS5.sys

(pepifilter) Volume Adapter [On_Demand | Stopped]
[12/05/2005 11:27 PM | 00,007,136 | R--- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\lv302af.sys

(PID_08A0) QuickCam IM(PID_08A0) [On_Demand | Stopped]
[12/05/2005 11:30 PM | 00,916,096 | R--- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\LV302AV.SYS

(pwd_2k) pwd_2k [System | Running]
[12/03/2006 03:22 PM | 00,143,834 | ---- | M] (Roxio) - C:\WINDOWS\System32\drivers\pwd_2K.sys

(Sparrow) Sparrow [Disabled | Stopped]
[08/17/2001 03:07 PM | 00,019,072 | ---- | M] (Adaptec, Inc.) - C:\WINDOWS\system32\drivers\sparrow.sys

(UdfReadr_xp) UdfReadr_xp [System | Running]
[12/03/2006 03:22 PM | 00,206,464 | ---- | M] (Roxio) - C:\WINDOWS\System32\drivers\udfreadr_xp.sys

(USBCM) Scientific-Atlanta USB Cable Modem Driver [On_Demand | Stopped]
[06/09/2004 07:42 PM | 00,015,429 | R--- | M] ( ) - C:\WINDOWS\system32\drivers\Sacm2A.sys

========== Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdaptecDirectCD" = "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [12/17/2002 04:28 PM | 00,684,032 | ---- | M] (Roxio)
"AppleSyncNotifier" = C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [07/10/2008 09:47 AM | 00,116,040 | ---- | M] (Apple Inc.)
"AVG7_CC" = C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP [04/21/2008 10:37 PM | 00,579,584 | ---- | M] (GRISOFT, s.r.o.)
"iTunesHelper" = "C:\Program Files\iTunes\iTunesHelper.exe" [07/10/2008 10:51 AM | 00,289,064 | ---- | M] (Apple Inc.)
"LogitechCameraAssistant" = C:\Program Files\Logitech\Video\CameraAssistant.exe [12/07/2005 01:26 PM | 00,489,472 | ---- | M] (Logitech Inc.)
"LogitechCameraService(E)" = C:\WINDOWS\system32\ElkCtrl.exe /automation [11/01/2004 08:22 PM | 00,262,144 | ---- | M] (Logitech Inc.)
"LogitechVideo[inspector]" = C:\Program Files\Logitech\Video\InstallHelper.exe /inspect [12/07/2005 01:33 PM | 00,073,728 | ---- | M] (Logitech Inc.)
"LVCOMSX" = C:\WINDOWS\system32\LVCOMSX.EXE [12/09/2005 06:32 PM | 00,225,280 | ---- | M] (Logitech Inc.)
"MMTray" = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [09/08/2005 08:20 PM | 00,110,592 | ---- | M] (Musicmatch, Inc.)
"MSKDetectorExe" = C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall File not found
"PinnacleDriverCheck" = C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg [03/10/2004 07:26 PM | 00,406,016 | ---- | M] ()
"QuickTime Task" = "C:\Program Files\QuickTime\qttask.exe" -atboottime [05/27/2008 10:50 AM | 00,413,696 | ---- | M] (Apple Inc.)
"SunJavaUpdateSched" = "C:\Program Files\Java\jre6\bin\jusched.exe" [09/06/2008 06:08 PM | 00,144,792 | ---- | M] (Sun Microsystems, Inc.)
"Verizon_McciTrayApp" = C:\Program Files\Verizon\McciTrayApp.exe [06/06/2007 07:52 PM | 00,936,960 | ---- | M] (Motive Communications, Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager" = "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet [01/19/2007 04:49 PM | 04,670,968 | ---- | M] (Yahoo! Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" =
"run" = Reg Error: Value run does not exist or could not be read.

========== Startup Folders ==========

[All Users Startup Folder - C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
[04/23/2008 03:38 AM | 00,029,696 | ---- | M] (Adobe Systems Incorporated) - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

[Travis Startup Folder - C:\Documents and Settings\Travis\Start Menu\Programs\Startup]
[03/02/2006 01:52 PM | 00,131,072 | ---- | M] () - C:\Documents and Settings\Travis\Start Menu\Programs\Startup\360Share Pro On Startup.lnk = C:\Program Files\360Share Pro\Gui\360Share Pro.exe

========== BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
HKLM CLSID: (&Yahoo! Toolbar Helper) - [09/05/2007 05:48 PM | 00,816,400 | ---- | M] (Yahoo! Inc.) C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
HKLM CLSID: (Adobe PDF Reader Link Helper) - [12/18/2006 04:16 AM | 00,059,032 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22}]
HKLM CLSID: (Verizon Broadband Toolbar) - [05/25/2007 09:15 AM | 01,904,128 | ---- | M] (Verizon Online. ) C:\Program Files\vol_toolbar\vol_toolbar.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
HKLM CLSID: (Yahoo! IE Services Button) - [10/31/2006 07:29 PM | 00,198,136 | ---- | M] (Yahoo! Inc.) C:\Program Files\Yahoo!\Common\yiesrvc.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
HKLM CLSID: (DriveLetterAccess) - [09/08/2005 06:20 AM | 00,110,652 | ---- | M] (Sonic Solutions) C:\WINDOWS\system32\DLA\DLASHX_W.DLL

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
HKLM CLSID: (Java(tm) Plug-In SSV Helper) - [09/06/2008 06:08 PM | 00,320,920 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\ssv.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
HKLM CLSID: (Google Toolbar Helper) - [01/20/2007 03:55 AM | 02,403,392 | R--- | M] (Google Inc.) c:\Program Files\Google\GoogleToolbar4.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
HKLM CLSID: (Google Toolbar Notifier BHO) - [04/06/2008 10:11 AM | 00,734,704 | ---- | M] (Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
HKLM CLSID: (Java(tm) Plug-In 2 SSV Helper) - [09/06/2008 06:08 PM | 00,034,816 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jp2ssv.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
HKLM CLSID: (JQSIEStartDetectorImpl Class) - [09/06/2008 06:08 PM | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

========== Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"
HKLM CLSID: (&Google) - [01/20/2007 03:55 AM | 02,403,392 | R--- | M] (Google Inc.) c:\Program Files\Google\GoogleToolbar4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22}"
HKLM CLSID: (Verizon Broadband Toolbar) - [05/25/2007 09:15 AM | 01,904,128 | ---- | M] (Verizon Online. ) C:\Program Files\vol_toolbar\vol_toolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"
HKLM CLSID: (Yahoo! Toolbar) - [09/05/2007 05:48 PM | 00,816,400 | ---- | M] (Yahoo! Inc.) C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
HKLM CLSID: (&Google) - [01/20/2007 03:55 AM | 02,403,392 | R--- | M] (Google Inc.) c:\Program Files\Google\GoogleToolbar4.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
HKLM CLSID: (&Google) - [01/20/2007 03:55 AM | 02,403,392 | R--- | M] (Google Inc.) c:\Program Files\Google\GoogleToolbar4.dll

"{4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22}"
HKLM CLSID: (Verizon Broadband Toolbar) - [05/25/2007 09:15 AM | 01,904,128 | ---- | M] (Verizon Online. ) C:\Program Files\vol_toolbar\vol_toolbar.dll

"{84938242-5C5B-4A55-B6B9-A1507543B418}"
HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"
HKLM CLSID: (Yahoo! Toolbar) - [09/05/2007 05:48 PM | 00,816,400 | ---- | M] (Yahoo! Inc.) C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

========== AppInit_Dlls ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls]
= C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
>C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL - [09/30/2006 08:37 AM | 00,111,616 | ---- | M] () C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll

========== HKLM Security Providers ==========

========== HKLM Winlogon Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell]
= Explorer.exe
>Explorer.exe - [06/13/2007 06:23 AM | 01,033,216 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit]
= C:\WINDOWS\system32\userinit.exe,
>C:\WINDOWS\system32\userinit.exe - [08/10/2004 06:00 AM | 00,024,576 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost]
= logonui.exe
>logonui.exe - [08/10/2004 06:00 AM | 00,514,560 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet]
= rundll32 shell32,Control_RunDLL "sysdm.cpl"
>rundll32 shell32 - [10/25/2007 11:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
>Control_RunDLL "sysdm.cpl" - [08/10/2004 06:00 AM | 00,298,496 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl

========== User's Winlogon Settings ==========

========== Winlogon Notify Settings ==========

========== Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoCDBurning" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1
"InstallVisualStyle" = C:\WINDOWS\Resources\Themes\Royale\Royale.mss File not found
"InstallTheme" = C:\WINDOWS\Resources\Themes\Royale.the File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

========== Lsa Authentication Packages ==========

========== Lsa Security Packages ==========

========== Desktop Components ==========

========== Safeboot Options ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
"AlternateShell" = cmd.exe

========== Disabled MsConfig Items ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"path" = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch File not found
"backup" = C:\WINDOWS\pss\Adobe Reader Speed Launch.lnk File not found
"location" = Common Startup
"command" = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [04/23/2008 03:38 AM | 00,029,696 | ---- | M] (Adobe Systems Incorporated)
"item" = Adobe Reader Speed Launch

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
"path" = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk File not found
"backup" = C:\WINDOWS\pss\Digital Line Detect.lnk File not found
"location" = Common Startup
"command" = C:\Program Files\Digital Line Detect\DLG.exe [10/29/2003 03:06 AM | 00,024,576 | R--- | M] (BVRP Software)
"item" = Digital Line Detect

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
"path" = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk File not found
"backup" = C:\WINDOWS\pss\HP Digital Imaging Monitor.lnk File not found
"location" = Common Startup
"command" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [05/12/2005 02:23 AM | 00,282,624 | ---- | M] (Hewlett-Packard Co.)
"item" = HP Digital Imaging Monitor

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" =
"hkey" = HKLM
"command" =
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ATIPTA]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = atiptaxx
"hkey" = HKLM
"command" = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [08/05/2005 10:05 PM | 00,344,064 | ---- | M] (ATI Technologies, Inc.)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BuildBU]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = bldbubg
"hkey" = HKLM
"command" = c:\dell\bldbubg.exe [02/19/2004 07:23 AM | 00,061,440 | ---- | M] ()
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ctfmon.exe]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = C:\WINDOWS\system32\ctfmon.exe [08/10/2004 06:00 AM | 00,015,360 | ---- | M] (Microsoft Corporation)
"hkey" = HKCU
"command" = C:\WINDOWS\system32\ctfmon.exe [08/10/2004 06:00 AM | 00,015,360 | ---- | M] (Microsoft Corporation)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellHelp]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = DellHelp
"hkey" = HKLM
"command" = C:\dell\DellHelp\DellHelp.exe [04/01/2004 09:51 AM | 01,589,248 | ---- | M] (Dell Inc)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellSupport]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = DSAgnt
"hkey" = HKCU
"command" = C:\Program Files\Dell Support\DSAgnt.exe [07/16/2006 10:29 PM | 00,389,120 | ---- | M] (Gteko Ltd.)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DLA]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = DLACTRLW
"hkey" = HKLM
"command" = C:\WINDOWS\system32\DLA\DLACTRLW.EXE [09/08/2005 06:20 AM | 00,122,940 | ---- | M] (Sonic Solutions)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DMXLauncher]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = DMXLauncher
"hkey" = HKLM
"command" = C:\Program Files\Dell\Media Experience\DMXLauncher.exe [10/05/2005 04:12 AM | 00,094,208 | ---- | M] ()
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ECenter]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = EULAl
"hkey" = HKLM
"command" = c:\dell\E-Center\EULAl.exe [08/30/2006 12:59 PM | 00,028,672 | ---- | M] (Dell Computer Corporation)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ehTray]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = ehtray
"hkey" = HKLM
"command" = C:\WINDOWS\ehome\ehtray.exe [09/29/2005 03:01 PM | 00,067,584 | ---- | M] (Microsoft Corporation)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Desktop Search]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = GoogleDesktop
"hkey" = HKLM
"command" = C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [09/30/2006 08:37 AM | 00,169,984 | ---- | M] ()
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = HPWuSchd2
"hkey" = HKLM
"command" = C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [05/12/2005 02:12 AM | 00,049,152 | ---- | M] (Hewlett-Packard Co.)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISUSPM Startup]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = isuspm
"hkey" = HKLM
"command" = C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [06/10/2005 11:44 AM | 00,249,856 | ---- | M] (InstallShield Software Corporation)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISUSScheduler]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = issch
"hkey" = HKLM
"command" = C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [06/10/2005 11:44 AM | 00,081,920 | ---- | M] (InstallShield Software Corporation)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MCAgentExe]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = mcagent
"hkey" = HKLM
"command" = c:\PROGRA~1\mcafee.com\agent\mcagent.exe File not found
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MCUpdateExe]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = mcupdate
"hkey" = HKLM
"command" = c:\PROGRA~1\mcafee.com\agent\mcupdate.exe File not found
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MPFExe]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = MpfTray
"hkey" = HKLM
"command" = C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe File not found
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSKAGENTEXE]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = MskAgent
"hkey" = HKLM
"command" = C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe File not found
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSKDetectorExe]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = MSKDetct
"hkey" = HKLM
"command" = C:\Program Files\McAfee\SpamKiller\MSKDetct.exe [07/12/2005 08:05 PM | 01,117,184 | ---- | M] (McAfee, Inc.)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OASClnt]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = oasclnt
"hkey" = HKLM
"command" = C:\Program Files\McAfee.com\VSO\oasclnt.exe File not found
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RecoverFromReboo]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = RECOVE~1
"hkey" = HKLM
"command" = C:\WINDOWS\Temp\RECOVE~1.EXE File not found
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SigmatelSysTrayApp]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = C:\WINDOWS\stsystra.exe [02/10/2006 12:17 PM | 00,282,624 | ---- | M] (SigmaTel, Inc.)
"hkey" = HKLM
"command" = C:\WINDOWS\stsystra.exe [02/10/2006 12:17 PM | 00,282,624 | ---- | M] (SigmaTel, Inc.)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VirusScan Online]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = mcvsshld
"hkey" = HKLM
"command" = c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe File not found
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VSOCheckTask]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = mcmnhdlr
"hkey" = HKLM
"command" = C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe File not found
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state]
"system.ini" = 0
"win.ini" = 0
"bootini" = 0
"services" = 0
"startup" = 1

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[08/16/2005 05:43 AM | 00,000,000 | ---- | M] () C:\AUTOEXEC.BAT [ NTFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0278f8a4-50b7-11db-b73c-d4502a31dec7}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0278f8a5-50b7-11db-b73c-d4502a31dec7}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0278f8a6-50b7-11db-b73c-d4502a31dec7}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0278f8a7-50b7-11db-b73c-d4502a31dec7}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3526cedc-79ac-11dc-b57b-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell]
"" = AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5005e088-fd75-11db-b56d-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{801a4724-640c-11dd-b5bd-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b453e78a-712d-11db-b54e-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f3139805-57e0-11db-b53c-00038a000015}\Shell]
"" = None

========== DNS Name Servers ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{02F5E71A-AE25-48AA-B1D5-651AA191F638}]
Servers: | Description:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{1829066A-2E61-48E5-9D92-845C89603110}]
Servers: | Description: IntelÂ® PRO/100 VE Network Connection

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{34349A8E-B001-4C6E-ACEC-84CD44192F13}]
Servers: | Description: Windows Mobile-based Device

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{4F1D6C70-0C12-46D6-979D-E5623E7F9C64}]
Servers: | Description: Scientific-Atlanta WebSTAR 2000 series Cable Modem

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{BBFA9E4F-8001-4994-8851-4EBADAA61BB8}]
Servers: | Description: 1394 Net Adapter

========== Hosts File ==========

HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== Files/Folders - Created Within 30 days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[08/26/2008 07:26 PM | ---D | C] - C:\WINDOWS\System32\CatRoot_bak
[09/06/2008 05:54 PM | ---D | C] - C:\WINDOWS\System32\appmgmt
[09/16/2008 05:57 PM | 00,066,888 | -H-- | C] () - C:\WINDOWS\System32\mlfcache.dat
[09/11/2008 10:10 AM | 00,000,284 | ---- | C] () - C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files]
[08/13/2008 05:38 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\NOS
[08/31/2008 11:09 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Malwarebytes
[08/31/2008 11:09 AM | ---D | C] - C:\Documents and Settings\Travis\Application Data\Malwarebytes
[09/06/2008 06:05 PM | ---D | C] - C:\Documents and Settings\Travis\Application Data\Mozilla
[09/06/2008 06:05 PM | ---D | C] - C:\Documents and Settings\Travis\Local Settings\Application Data\Mozilla
[08/08/2008 06:53 PM | 02,996,324 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\AustralianGolfBalls.wmv
[08/10/2008 04:15 PM | 00,009,438 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\Angie Payments.xlsx
[08/16/2008 11:34 AM | 00,009,466 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\Gramps Payments.xlsx
[08/24/2008 01:37 PM | 00,074,663 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\Travis Budget.xlsx
[08/24/2008 01:40 PM | 00,016,312 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\2008.xlsx
[08/24/2008 01:42 PM | 00,035,328 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\Copy of 2009.xls
[08/24/2008 01:43 PM | 00,033,792 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\Copy of 2009-rows-mo.xls
[08/24/2008 01:47 PM | 00,025,600 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\Copy of 2008Calendar_1page_Letter.xls
[08/24/2008 01:47 PM | 00,025,600 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\Copy of 2009Calendar_1page_Letter.xls
[09/18/2008 02:59 PM | 00,144,789 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\Skin Industries Your shopping cart Order processed.mht
[08/13/2008 05:40 PM | 00,000,734 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Acrobat.com.lnk
[08/31/2008 11:09 AM | 00,000,696 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[09/06/2008 06:05 PM | 00,001,602 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[09/16/2008 05:35 PM | 00,002,187 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Safari.lnk
[09/16/2008 05:39 PM | 00,001,604 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[09/16/2008 05:40 PM | 00,002,137 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[08/16/2008 11:29 AM | 00,000,630 | ---- | C] () - C:\Documents and Settings\Travis\Desktop\Shortcut to Angie Payments.xlsx.lnk
[08/16/2008 11:36 AM | 00,000,635 | ---- | C] () - C:\Documents and Settings\Travis\Desktop\Shortcut to Gramps Payments.xlsx.lnk
[08/25/2008 02:44 PM | 00,000,577 | ---- | C] () - C:\Documents and Settings\Travis\Desktop\Shortcut to Travis Budget.xlsx.lnk
[09/06/2008 06:10 PM | 00,001,251 | ---- | C] () - C:\Documents and Settings\Travis\Desktop\1220739034313-integrated.jnlp
[09/06/2008 06:11 PM | 81,208,728 | ---- | C] () - C:\Documents and Settings\Travis\Desktop\jdk-6u7-windows-i586-p.exe
[08/13/2008 05:40 PM | ---D | C] - C:\Program Files\Common Files\Adobe AIR
[08/13/2008 05:38 PM | ---D | C] - C:\Program Files\NOS
[08/31/2008 11:09 AM | ---D | C] - C:\Program Files\Malwarebytes' Anti-Malware
[09/16/2008 05:35 PM | ---D | C] - C:\Program Files\Safari
[09/16/2008 05:39 PM | ---D | C] - C:\Program Files\Bonjour
[09/16/2008 05:40 PM | ---D | C] - C:\Program Files\iTunes

========== Files - Modified Within 30 days ==========

[09/06/2008 06:01 PM | 10,717,96224 | -HS- | M] () - C:\hiberfil.sys
[1 C:\WINDOWS\System32\*.tmp files]
[08/11/2008 01:41 PM | 00,001,682 | -HS- | M] () - C:\WINDOWS\System32\KGyGaAvL.sys
[09/06/2008 06:06 PM | 00,065,044 | ---- | M] () - C:\WINDOWS\System32\perfc009.dat
[09/06/2008 06:06 PM | 00,410,574 | ---- | M] () - C:\WINDOWS\System32\perfh009.dat
[09/06/2008 06:06 PM | 00,483,924 | ---- | M] () - C:\WINDOWS\System32\PerfStringBackup.INI
[09/16/2008 05:57 PM | 00,066,888 | -H-- | M] () - C:\WINDOWS\System32\mlfcache.dat
[08/13/2008 03:03 AM | 00,000,813 | ---- | M] () - C:\WINDOWS\win.ini
[08/13/2008 03:08 AM | 00,001,374 | ---- | M] () - C:\WINDOWS\imsins.BAK
[09/06/2008 06:01 PM | 00,002,048 | --S- | M] () - C:\WINDOWS\bootstat.dat
[09/11/2008 01:29 PM | 00,054,156 | -H-- | M] () - C:\WINDOWS\QTFont.qfn
[09/06/2008 06:01 PM | 00,000,006 | -H-- | M] () - C:\WINDOWS\tasks\SA.DAT
[09/18/2008 05:51 PM | 00,000,284 | ---- | M] () - C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files]
[09/06/2008 05:19 PM | 00,038,400 | ---- | M] () - C:\Documents and Settings\Travis\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[08/08/2008 06:52 PM | 02,996,324 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\AustralianGolfBalls.wmv
[08/08/2008 06:54 PM | 00,037,888 | -HS- | M] () - C:\Documents and Settings\Travis\My Documents\Thumbs.db
@Alternate Data Stream - 0 bytes -> %UserProfile%\My Documents\Thumbs.db:encryptable
[08/16/2008 11:36 AM | 00,009,438 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\Angie Payments.xlsx
[08/16/2008 11:37 AM | 00,009,466 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\Gramps Payments.xlsx
[08/24/2008 01:40 PM | 00,016,312 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\2008.xlsx
[08/24/2008 01:42 PM | 00,035,328 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\Copy of 2009.xls
[08/24/2008 01:43 PM | 00,033,792 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\Copy of 2009-rows-mo.xls
[08/24/2008 01:47 PM | 00,025,600 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\Copy of 2008Calendar_1page_Letter.xls
[08/24/2008 01:47 PM | 00,025,600 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\Copy of 2009Calendar_1page_Letter.xls
[09/06/2008 10:21 AM | 00,074,663 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\Travis Budget.xlsx
[09/18/2008 03:00 PM | 00,144,789 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\Skin Industries Your shopping cart Order processed.mht
[08/13/2008 05:40 PM | 00,000,734 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Acrobat.com.lnk
[08/24/2008 04:59 PM | 00,002,137 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[08/31/2008 11:09 AM | 00,000,696 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[09/06/2008 06:05 PM | 00,001,602 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[09/16/2008 05:39 PM | 00,001,604 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[08/16/2008 11:29 AM | 00,000,630 | ---- | M] () - C:\Documents and Settings\Travis\Desktop\Shortcut to Angie Payments.xlsx.lnk
[08/16/2008 11:36 AM | 00,000,635 | ---- | M] () - C:\Documents and Settings\Travis\Desktop\Shortcut to Gramps Payments.xlsx.lnk
[08/24/2008 12:11 PM | 00,002,473 | ---- | M] () - C:\Documents and Settings\Travis\Desktop\Microsoft Office Excel 2007.lnk
[08/25/2008 02:44 PM | 00,000,577 | ---- | M] () - C:\Documents and Settings\Travis\Desktop\Shortcut to Travis Budget.xlsx.lnk
[09/06/2008 06:10 PM | 00,001,251 | ---- | M] () - C:\Documents and Settings\Travis\Desktop\1220739034313-integrated.jnlp
[09/06/2008 06:13 PM | 81,208,728 | ---- | M] () - C:\Documents and Settings\Travis\Desktop\jdk-6u7-windows-i586-p.exe

< End of report >

guestolo · « **Reply #11 on:** September 07, 2008, 04:17:46 AM »

You didn't post the contents of Extra.txt, can you post it please, there should be a copy right on your desktop
But it looks like you didn't run it like I mentioned
This is where your running OTViewIT from
C:\Documents and Settings\Travis\Local Settings\Temporary Internet Files\Content.IE5\BGCT9OHI

Try downloading OTViewit again, this time save it Directly to your desktop
Run it and post the contents of Extra.txt, which will be minimized

Use the ADD REPLY box when responding back in the bottom right

TSD151 · « **Reply #12 on:** September 08, 2008, 05:16:43 PM »

OTViewIt logfile created on: 9/8/2008 6:43:29 PM - Run 2
OTViewIt by OldTimer - Version 1.0.1.8 Folder = C:\Documents and Settings\Travis\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.07 Mb Total Physical Memory | 502.28 Mb Available Physical Memory | 49.14% Memory free
2.40 Gb Paging File | 1.89 Gb Available in Paging File | 78.90% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.80 Gb Total Space | 12.69 Gb Free Space | 18.18% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MAIN
Current User Name: Travis
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On

===== Processes - Non-Microsoft Only =====

[12/09/2005 06:37 PM | 00,081,920 | ---- | M] (Logitech Inc.) - c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
[12/17/2002 04:28 PM | 00,684,032 | ---- | M] (Roxio) - C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe
[09/08/2005 08:20 PM | 00,110,592 | ---- | M] (Musicmatch, Inc.) - C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
[12/09/2005 06:32 PM | 00,225,280 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\LVCOMSX.EXE
[12/07/2005 01:26 PM | 00,489,472 | ---- | M] (Logitech Inc.) - C:\Program Files\Logitech\Video\CameraAssistant.exe
[11/01/2004 08:22 PM | 00,262,144 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\ElkCtrl.exe
[06/06/2007 07:52 PM | 00,936,960 | ---- | M] (Motive Communications, Inc.) - C:\Program Files\Verizon\McciTrayApp.exe
[12/17/2002 04:28 PM | 00,684,032 | ---- | M] (Roxio) - C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe
[09/08/2005 08:20 PM | 00,110,592 | ---- | M] (Musicmatch, Inc.) - C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
[12/09/2005 06:32 PM | 00,225,280 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\LVCOMSX.EXE
[12/07/2005 01:26 PM | 00,489,472 | ---- | M] (Logitech Inc.) - C:\Program Files\Logitech\Video\CameraAssistant.exe
[11/01/2004 08:22 PM | 00,262,144 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\ElkCtrl.exe
[06/06/2007 07:52 PM | 00,936,960 | ---- | M] (Motive Communications, Inc.) - C:\Program Files\Verizon\McciTrayApp.exe

===== Win32 Services - Non-Microsoft Only =====

(LinksysUpdater) Linksys Updater [Auto | Stopped]
[01/15/2008 10:28 AM | 00,204,800 | ---- | M] () - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe

(LVPrcSrv) Logitech Process Monitor [Auto | Running]
[12/09/2005 06:37 PM | 00,081,920 | ---- | M] (Logitech Inc.) - c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe

===== Driver Services - Non-Microsoft Only =====

(cdudf_xp) cdudf_xp [System | Running]
[12/17/2002 04:27 PM | 00,241,152 | ---- | M] (Roxio) - C:\WINDOWS\System32\drivers\cdudf_xp.sys

(DSproct) DSproct [On_Demand | Stopped]
[01/10/2006 01:07 PM | 00,004,864 | ---- | M] (GTek Technologies Ltd.) - C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys

(dvd_2K) dvd_2K [On_Demand | Running]
[12/03/2006 03:22 PM | 00,025,898 | ---- | M] (Roxio) - C:\WINDOWS\System32\drivers\Dvd_2k.sys

(Lvckap) Logitech Kernel Audio Processing Filter Driver [On_Demand | Stopped]
[12/09/2005 06:35 PM | 02,174,464 | ---- | M] () - C:\WINDOWS\system32\drivers\Lvckap.sys

(lvmvdrv) Logitech Machine Vision Engine Loader [On_Demand | Stopped]
[12/09/2005 06:37 PM | 02,400,256 | ---- | M] () - C:\WINDOWS\system32\drivers\LVMVdrv.sys

(LVPrcMon) Logitech LVPrcMon Driver [On_Demand | Running]
[12/09/2005 06:37 PM | 00,016,768 | ---- | M] () - C:\WINDOWS\system32\drivers\LVPrcMon.sys

(LVUSBSta) Logitech USB Monitor Filter [On_Demand | Running]
[12/05/2005 11:26 PM | 00,039,424 | R--- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\LVUSBSta.sys

(mmc_2K) mmc_2K [On_Demand | Stopped]
[12/03/2006 03:22 PM | 00,030,630 | ---- | M] (Roxio) - C:\WINDOWS\System32\drivers\Mmc_2k.sys

(mraid35x) mraid35x [Disabled | Stopped]
[08/17/2001 02:52 PM | 00,017,280 | ---- | M] (American Megatrends Inc.) - C:\WINDOWS\system32\drivers\mraid35x.sys

(MREMPR5) MREMPR5 NDIS Protocol Driver [On_Demand | Stopped]
[06/06/2007 07:52 PM | 00,019,345 | ---- | M] (Motive, Inc.) - C:\Program Files\Common Files\Motive\MREMPR5.sys

(MRENDIS5) MRENDIS5 NDIS Protocol Driver [On_Demand | Stopped]
[06/06/2007 07:52 PM | 00,018,003 | ---- | M] (Motive, Inc.) - C:\Program Files\Common Files\Motive\MRENDIS5.sys

(pepifilter) Volume Adapter [On_Demand | Stopped]
[12/05/2005 11:27 PM | 00,007,136 | R--- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\lv302af.sys

(PID_08A0) QuickCam IM(PID_08A0) [On_Demand | Stopped]
[12/05/2005 11:30 PM | 00,916,096 | R--- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\LV302AV.SYS

(pwd_2k) pwd_2k [System | Running]
[12/03/2006 03:22 PM | 00,143,834 | ---- | M] (Roxio) - C:\WINDOWS\System32\drivers\pwd_2K.sys

(Sparrow) Sparrow [Disabled | Stopped]
[08/17/2001 03:07 PM | 00,019,072 | ---- | M] (Adaptec, Inc.) - C:\WINDOWS\system32\drivers\sparrow.sys

(UdfReadr_xp) UdfReadr_xp [System | Running]
[12/03/2006 03:22 PM | 00,206,464 | ---- | M] (Roxio) - C:\WINDOWS\System32\drivers\udfreadr_xp.sys

(USBCM) Scientific-Atlanta USB Cable Modem Driver [On_Demand | Stopped]
[06/09/2004 07:42 PM | 00,015,429 | R--- | M] ( ) - C:\WINDOWS\system32\drivers\Sacm2A.sys

========== Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdaptecDirectCD" = "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [12/17/2002 04:28 PM | 00,684,032 | ---- | M] (Roxio)
"AppleSyncNotifier" = C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [07/10/2008 09:47 AM | 00,116,040 | ---- | M] (Apple Inc.)
"AVG7_CC" = C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP [04/21/2008 10:37 PM | 00,579,584 | ---- | M] (GRISOFT, s.r.o.)
"iTunesHelper" = "C:\Program Files\iTunes\iTunesHelper.exe" [07/10/2008 10:51 AM | 00,289,064 | ---- | M] (Apple Inc.)
"LogitechCameraAssistant" = C:\Program Files\Logitech\Video\CameraAssistant.exe [12/07/2005 01:26 PM | 00,489,472 | ---- | M] (Logitech Inc.)
"LogitechCameraService(E)" = C:\WINDOWS\system32\ElkCtrl.exe /automation [11/01/2004 08:22 PM | 00,262,144 | ---- | M] (Logitech Inc.)
"LogitechVideo[inspector]" = C:\Program Files\Logitech\Video\InstallHelper.exe /inspect [12/07/2005 01:33 PM | 00,073,728 | ---- | M] (Logitech Inc.)
"LVCOMSX" = C:\WINDOWS\system32\LVCOMSX.EXE [12/09/2005 06:32 PM | 00,225,280 | ---- | M] (Logitech Inc.)
"MMTray" = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [09/08/2005 08:20 PM | 00,110,592 | ---- | M] (Musicmatch, Inc.)
"MSKDetectorExe" = C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall File not found
"PinnacleDriverCheck" = C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg [03/10/2004 07:26 PM | 00,406,016 | ---- | M] ()
"QuickTime Task" = "C:\Program Files\QuickTime\qttask.exe" -atboottime [05/27/2008 10:50 AM | 00,413,696 | ---- | M] (Apple Inc.)
"SunJavaUpdateSched" = "C:\Program Files\Java\jre6\bin\jusched.exe" [09/06/2008 06:08 PM | 00,144,792 | ---- | M] (Sun Microsystems, Inc.)
"Verizon_McciTrayApp" = C:\Program Files\Verizon\McciTrayApp.exe [06/06/2007 07:52 PM | 00,936,960 | ---- | M] (Motive Communications, Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager" = "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet [01/19/2007 04:49 PM | 04,670,968 | ---- | M] (Yahoo! Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" =
"run" = Reg Error: Value run does not exist or could not be read.

========== Startup Folders ==========

[All Users Startup Folder - C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
[04/23/2008 03:38 AM | 00,029,696 | ---- | M] (Adobe Systems Incorporated) - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

[Travis Startup Folder - C:\Documents and Settings\Travis\Start Menu\Programs\Startup]
[03/02/2006 01:52 PM | 00,131,072 | ---- | M] () - C:\Documents and Settings\Travis\Start Menu\Programs\Startup\360Share Pro On Startup.lnk = C:\Program Files\360Share Pro\Gui\360Share Pro.exe

========== BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
HKLM CLSID: (&Yahoo! Toolbar Helper) - [09/05/2007 05:48 PM | 00,816,400 | ---- | M] (Yahoo! Inc.) C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
HKLM CLSID: (Adobe PDF Reader Link Helper) - [12/18/2006 04:16 AM | 00,059,032 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22}]
HKLM CLSID: (Verizon Broadband Toolbar) - [05/25/2007 09:15 AM | 01,904,128 | ---- | M] (Verizon Online. ) C:\Program Files\vol_toolbar\vol_toolbar.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
HKLM CLSID: (Yahoo! IE Services Button) - [10/31/2006 07:29 PM | 00,198,136 | ---- | M] (Yahoo! Inc.) C:\Program Files\Yahoo!\Common\yiesrvc.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
HKLM CLSID: (DriveLetterAccess) - [09/08/2005 06:20 AM | 00,110,652 | ---- | M] (Sonic Solutions) C:\WINDOWS\system32\DLA\DLASHX_W.DLL

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
HKLM CLSID: (Java(tm) Plug-In SSV Helper) - [09/06/2008 06:08 PM | 00,320,920 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\ssv.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
HKLM CLSID: (Google Toolbar Helper) - [01/20/2007 03:55 AM | 02,403,392 | R--- | M] (Google Inc.) c:\Program Files\Google\GoogleToolbar4.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
HKLM CLSID: (Google Toolbar Notifier BHO) - [04/06/2008 10:11 AM | 00,734,704 | ---- | M] (Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
HKLM CLSID: (Java(tm) Plug-In 2 SSV Helper) - [09/06/2008 06:08 PM | 00,034,816 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jp2ssv.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
HKLM CLSID: (JQSIEStartDetectorImpl Class) - [09/06/2008 06:08 PM | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

========== Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"
HKLM CLSID: (&Google) - [01/20/2007 03:55 AM | 02,403,392 | R--- | M] (Google Inc.) c:\Program Files\Google\GoogleToolbar4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22}"
HKLM CLSID: (Verizon Broadband Toolbar) - [05/25/2007 09:15 AM | 01,904,128 | ---- | M] (Verizon Online. ) C:\Program Files\vol_toolbar\vol_toolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"
HKLM CLSID: (Yahoo! Toolbar) - [09/05/2007 05:48 PM | 00,816,400 | ---- | M] (Yahoo! Inc.) C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
HKLM CLSID: (&Google) - [01/20/2007 03:55 AM | 02,403,392 | R--- | M] (Google Inc.) c:\Program Files\Google\GoogleToolbar4.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
HKLM CLSID: (&Google) - [01/20/2007 03:55 AM | 02,403,392 | R--- | M] (Google Inc.) c:\Program Files\Google\GoogleToolbar4.dll

"{4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22}"
HKLM CLSID: (Verizon Broadband Toolbar) - [05/25/2007 09:15 AM | 01,904,128 | ---- | M] (Verizon Online. ) C:\Program Files\vol_toolbar\vol_toolbar.dll

"{84938242-5C5B-4A55-B6B9-A1507543B418}"
HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"
HKLM CLSID: (Yahoo! Toolbar) - [09/05/2007 05:48 PM | 00,816,400 | ---- | M] (Yahoo! Inc.) C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

========== AppInit_Dlls ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls]
= C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
>C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL - [09/30/2006 08:37 AM | 00,111,616 | ---- | M] () C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll

========== HKLM Security Providers ==========

========== HKLM Winlogon Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell]
= Explorer.exe
>Explorer.exe - [06/13/2007 06:23 AM | 01,033,216 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit]
= C:\WINDOWS\system32\userinit.exe,
>C:\WINDOWS\system32\userinit.exe - [04/13/2008 08:12 PM | 00,026,112 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost]
= logonui.exe
>logonui.exe - [04/13/2008 08:12 PM | 00,514,560 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet]
= rundll32 shell32,Control_RunDLL "sysdm.cpl"
>rundll32 shell32 - [10/25/2007 11:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
>Control_RunDLL "sysdm.cpl" - [04/13/2008 08:12 PM | 00,300,544 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl

========== User's Winlogon Settings ==========

========== Winlogon Notify Settings ==========

========== Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoCDBurning" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1
"InstallVisualStyle" = C:\WINDOWS\Resources\Themes\Royale\Royale.mss File not found
"InstallTheme" = C:\WINDOWS\Resources\Themes\Royale.the File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

========== Lsa Authentication Packages ==========

========== Lsa Security Packages ==========

========== Desktop Components ==========

========== Safeboot Options ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
"AlternateShell" = cmd.exe

========== Disabled MsConfig Items ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"path" = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch File not found
"backup" = C:\WINDOWS\pss\Adobe Reader Speed Launch.lnk File not found
"location" = Common Startup
"command" = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [04/23/2008 03:38 AM | 00,029,696 | ---- | M] (Adobe Systems Incorporated)
"item" = Adobe Reader Speed Launch

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
"path" = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk File not found
"backup" = C:\WINDOWS\pss\Digital Line Detect.lnk File not found
"location" = Common Startup
"command" = C:\Program Files\Digital Line Detect\DLG.exe [10/29/2003 03:06 AM | 00,024,576 | R--- | M] (BVRP Software)
"item" = Digital Line Detect

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
"path" = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk File not found
"backup" = C:\WINDOWS\pss\HP Digital Imaging Monitor.lnk File not found
"location" = Common Startup
"command" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [05/12/2005 02:23 AM | 00,282,624 | ---- | M] (Hewlett-Packard Co.)
"item" = HP Digital Imaging Monitor

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" =
"hkey" = HKLM
"command" =
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ATIPTA]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = atiptaxx
"hkey" = HKLM
"command" = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [08/05/2005 10:05 PM | 00,344,064 | ---- | M] (ATI Technologies, Inc.)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BuildBU]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = bldbubg
"hkey" = HKLM
"command" = c:\dell\bldbubg.exe [02/19/2004 07:23 AM | 00,061,440 | ---- | M] ()
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ctfmon.exe]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = C:\WINDOWS\system32\ctfmon.exe [08/10/2004 06:00 AM | 00,015,360 | ---- | M] (Microsoft Corporation)
"hkey" = HKCU
"command" = C:\WINDOWS\system32\ctfmon.exe [08/10/2004 06:00 AM | 00,015,360 | ---- | M] (Microsoft Corporation)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellHelp]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = DellHelp
"hkey" = HKLM
"command" = C:\dell\DellHelp\DellHelp.exe [04/01/2004 09:51 AM | 01,589,248 | ---- | M] (Dell Inc)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellSupport]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = DSAgnt
"hkey" = HKCU
"command" = C:\Program Files\Dell Support\DSAgnt.exe [07/16/2006 10:29 PM | 00,389,120 | ---- | M] (Gteko Ltd.)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DLA]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = DLACTRLW
"hkey" = HKLM
"command" = C:\WINDOWS\system32\DLA\DLACTRLW.EXE [09/08/2005 06:20 AM | 00,122,940 | ---- | M] (Sonic Solutions)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DMXLauncher]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = DMXLauncher
"hkey" = HKLM
"command" = C:\Program Files\Dell\Media Experience\DMXLauncher.exe [10/05/2005 04:12 AM | 00,094,208 | ---- | M] ()
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ECenter]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = EULAl
"hkey" = HKLM
"command" = c:\dell\E-Center\EULAl.exe [08/30/2006 12:59 PM | 00,028,672 | ---- | M] (Dell Computer Corporation)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ehTray]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = ehtray
"hkey" = HKLM
"command" = C:\WINDOWS\ehome\ehtray.exe [09/29/2005 03:01 PM | 00,067,584 | ---- | M] (Microsoft Corporation)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Desktop Search]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = GoogleDesktop
"hkey" = HKLM
"command" = C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [09/30/2006 08:37 AM | 00,169,984 | ---- | M] ()
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = HPWuSchd2
"hkey" = HKLM
"command" = C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [05/12/2005 02:12 AM | 00,049,152 | ---- | M] (Hewlett-Packard Co.)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISUSPM Startup]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = isuspm
"hkey" = HKLM
"command" = C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [06/10/2005 11:44 AM | 00,249,856 | ---- | M] (InstallShield Software Corporation)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISUSScheduler]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = issch
"hkey" = HKLM
"command" = C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [06/10/2005 11:44 AM | 00,081,920 | ---- | M] (InstallShield Software Corporation)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MCAgentExe]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = mcagent
"hkey" = HKLM
"command" = c:\PROGRA~1\mcafee.com\agent\mcagent.exe File not found
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MCUpdateExe]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = mcupdate
"hkey" = HKLM
"command" = c:\PROGRA~1\mcafee.com\agent\mcupdate.exe File not found
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MPFExe]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = MpfTray
"hkey" = HKLM
"command" = C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe File not found
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSKAGENTEXE]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = MskAgent
"hkey" = HKLM
"command" = C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe File not found
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSKDetectorExe]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = MSKDetct
"hkey" = HKLM
"command" = C:\Program Files\McAfee\SpamKiller\MSKDetct.exe [07/12/2005 08:05 PM | 01,117,184 | ---- | M] (McAfee, Inc.)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OASClnt]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = oasclnt
"hkey" = HKLM
"command" = C:\Program Files\McAfee.com\VSO\oasclnt.exe File not found
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RecoverFromReboo]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = RECOVE~1
"hkey" = HKLM
"command" = C:\WINDOWS\Temp\RECOVE~1.EXE File not found
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SigmatelSysTrayApp]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = C:\WINDOWS\stsystra.exe [02/10/2006 12:17 PM | 00,282,624 | ---- | M] (SigmaTel, Inc.)
"hkey" = HKLM
"command" = C:\WINDOWS\stsystra.exe [02/10/2006 12:17 PM | 00,282,624 | ---- | M] (SigmaTel, Inc.)
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VirusScan Online]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = mcvsshld
"hkey" = HKLM
"command" = c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe File not found
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VSOCheckTask]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = mcmnhdlr
"hkey" = HKLM
"command" = C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe File not found
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state]
"system.ini" = 0
"win.ini" = 0
"bootini" = 0
"services" = 0
"startup" = 1

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[08/16/2005 05:43 AM | 00,000,000 | ---- | M] () C:\AUTOEXEC.BAT [ NTFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0278f8a4-50b7-11db-b73c-d4502a31dec7}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0278f8a5-50b7-11db-b73c-d4502a31dec7}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0278f8a6-50b7-11db-b73c-d4502a31dec7}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0278f8a7-50b7-11db-b73c-d4502a31dec7}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3526cedc-79ac-11dc-b57b-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell]
"" = AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5005e088-fd75-11db-b56d-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{801a4724-640c-11dd-b5bd-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b453e78a-712d-11db-b54e-00038a000015}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f3139805-57e0-11db-b53c-00038a000015}\Shell]
"" = None

========== DNS Name Servers ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{02F5E71A-AE25-48AA-B1D5-651AA191F638}]
Servers: | Description:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{1829066A-2E61-48E5-9D92-845C89603110}]
Servers: | Description: Intel® PRO/100 VE Network Connection

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{34349A8E-B001-4C6E-ACEC-84CD44192F13}]
Servers: | Description: Windows Mobile-based Device

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{4F1D6C70-0C12-46D6-979D-E5623E7F9C64}]
Servers: | Description: Scientific-Atlanta WebSTAR 2000 series Cable Modem

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{BBFA9E4F-8001-4994-8851-4EBADAA61BB8}]
Servers: | Description: 1394 Net Adapter

========== Hosts File ==========

HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== Files/Folders - Created Within 30 days ==========

[08/26/2008 08:49 PM | 00,064,352 | ---- | C] () - C:\WINDOWS\System32\drivers\ativmc20.cod
[08/26/2008 08:49 PM | 00,129,045 | ---- | C] () - C:\WINDOWS\System32\drivers\cxthsfs2.cty
[08/26/2008 08:50 PM | 00,067,866 | ---- | C] () - C:\WINDOWS\System32\drivers\netwlan5.img
[259 C:\WINDOWS\System32\*.tmp files]
[08/26/2008 08:49 PM | 00,000,974 | ---- | C] () - C:\WINDOWS\System32\pid.inf
[09/06/2008 05:54 PM | ---D | C] - C:\WINDOWS\System32\appmgmt
[09/08/2008 08:28 AM | ---D | C] - C:\WINDOWS\System32\bits
[09/08/2008 08:28 AM | ---D | C] - C:\WINDOWS\System32\en
[09/08/2008 08:28 AM | ---D | C] - C:\WINDOWS\System32\scripting
[09/08/2008 08:32 AM | 00,002,973 | ---- | C] () - C:\WINDOWS\System32\spupdsvc.inf
[09/16/2008 05:57 PM | 00,066,888 | -H-- | C] () - C:\WINDOWS\System32\mlfcache.dat
[2 C:\WINDOWS\*.tmp files]
[09/08/2008 08:20 AM | -H-D | C] - C:\WINDOWS\$NtServicePackUninstall$
[09/08/2008 08:25 AM | ---D | C] - C:\WINDOWS\ServicePackFiles
[09/08/2008 08:28 AM | ---D | C] - C:\WINDOWS\l2schemas
[09/08/2008 08:32 AM | ---D | C] - C:\WINDOWS\LastGood
[09/11/2008 10:10 AM | 00,000,284 | ---- | C] () - C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files]
[08/13/2008 05:38 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\NOS
[08/31/2008 11:09 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Malwarebytes
[08/31/2008 11:09 AM | ---D | C] - C:\Documents and Settings\Travis\Application Data\Malwarebytes
[09/06/2008 06:05 PM | ---D | C] - C:\Documents and Settings\Travis\Application Data\Mozilla
[09/06/2008 06:05 PM | ---D | C] - C:\Documents and Settings\Travis\Local Settings\Application Data\Mozilla
[08/10/2008 04:15 PM | 00,009,438 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\Angie Payments.xlsx
[08/16/2008 11:34 AM | 00,009,466 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\Gramps Payments.xlsx
[08/24/2008 01:37 PM | 00,074,663 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\Travis Budget.xlsx
[08/24/2008 01:40 PM | 00,016,312 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\2008.xlsx
[08/24/2008 01:42 PM | 00,035,328 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\Copy of 2009.xls
[08/24/2008 01:43 PM | 00,033,792 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\Copy of 2009-rows-mo.xls
[08/24/2008 01:47 PM | 00,025,600 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\Copy of 2008Calendar_1page_Letter.xls
[08/24/2008 01:47 PM | 00,025,600 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\Copy of 2009Calendar_1page_Letter.xls
[09/18/2008 02:59 PM | 00,144,789 | ---- | C] () - C:\Documents and Settings\Travis\My Documents\Skin Industries Your shopping cart Order processed.mht
[08/13/2008 05:40 PM | 00,000,734 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Acrobat.com.lnk
[08/31/2008 11:09 AM | 00,000,696 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[09/06/2008 06:05 PM | 00,001,602 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[09/16/2008 05:35 PM | 00,002,187 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Safari.lnk
[09/16/2008 05:39 PM | 00,001,604 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[09/16/2008 05:40 PM | 00,002,137 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[08/16/2008 11:29 AM | 00,000,630 | ---- | C] () - C:\Documents and Settings\Travis\Desktop\Shortcut to Angie Payments.xlsx.lnk
[08/16/2008 11:36 AM | 00,000,635 | ---- | C] () - C:\Documents and Settings\Travis\Desktop\Shortcut to Gramps Payments.xlsx.lnk
[08/25/2008 02:44 PM | 00,000,577 | ---- | C] () - C:\Documents and Settings\Travis\Desktop\Shortcut to Travis Budget.xlsx.lnk
[08/13/2008 05:40 PM | ---D | C] - C:\Program Files\Common Files\Adobe AIR
[08/13/2008 05:38 PM | ---D | C] - C:\Program Files\NOS
[08/31/2008 11:09 AM | ---D | C] - C:\Program Files\Malwarebytes' Anti-Malware
[09/16/2008 05:35 PM | ---D | C] - C:\Program Files\Safari
[09/16/2008 05:39 PM | ---D | C] - C:\Program Files\Bonjour
[09/16/2008 05:40 PM | ---D | C] - C:\Program Files\iTunes

========== Files - Modified Within 30 days ==========

[09/06/2008 06:01 PM | 10,717,96224 | -HS- | M] () - C:\hiberfil.sys
[09/08/2008 08:23 AM | 00,250,048 | RHS- | M] () - C:\ntldr
[259 C:\WINDOWS\System32\*.tmp files]
[08/11/2008 01:41 PM | 00,001,682 | -HS- | M] () - C:\WINDOWS\System32\KGyGaAvL.sys
[09/06/2008 06:06 PM | 00,065,044 | ---- | M] () - C:\WINDOWS\System32\perfc009.dat
[09/06/2008 06:06 PM | 00,410,574 | ---- | M] () - C:\WINDOWS\System32\perfh009.dat
[09/06/2008 06:06 PM | 00,483,924 | ---- | M] () - C:\WINDOWS\System32\PerfStringBackup.INI
[09/08/2008 08:34 AM | 00,002,973 | ---- | M] () - C:\WINDOWS\System32\spupdsvc.inf
[09/16/2008 05:57 PM | 00,066,888 | -H-- | M] () - C:\WINDOWS\System32\mlfcache.dat
[2 C:\WINDOWS\*.tmp files]
[08/13/2008 03:03 AM | 00,000,813 | ---- | M] () - C:\WINDOWS\win.ini
[09/06/2008 06:01 PM | 00,002,048 | --S- | M] () - C:\WINDOWS\bootstat.dat
[09/11/2008 01:29 PM | 00,054,156 | -H-- | M] () - C:\WINDOWS\QTFont.qfn
[09/06/2008 06:01 PM | 00,000,006 | -H-- | M] () - C:\WINDOWS\tasks\SA.DAT
[09/18/2008 05:51 PM | 00,000,284 | ---- | M] () - C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files]
[09/06/2008 05:19 PM | 00,038,400 | ---- | M] () - C:\Documents and Settings\Travis\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[08/16/2008 11:36 AM | 00,009,438 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\Angie Payments.xlsx
[08/16/2008 11:37 AM | 00,009,466 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\Gramps Payments.xlsx
[08/24/2008 01:40 PM | 00,016,312 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\2008.xlsx
[08/24/2008 01:42 PM | 00,035,328 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\Copy of 2009.xls
[08/24/2008 01:43 PM | 00,033,792 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\Copy of 2009-rows-mo.xls
[08/24/2008 01:47 PM | 00,025,600 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\Copy of 2008Calendar_1page_Letter.xls
[08/24/2008 01:47 PM | 00,025,600 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\Copy of 2009Calendar_1page_Letter.xls
[09/06/2008 10:21 AM | 00,074,663 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\Travis Budget.xlsx
[09/18/2008 03:00 PM | 00,144,789 | ---- | M] () - C:\Documents and Settings\Travis\My Documents\Skin Industries Your shopping cart Order processed.mht
[08/13/2008 05:40 PM | 00,000,734 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Acrobat.com.lnk
[08/31/2008 11:09 AM | 00,000,696 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[09/06/2008 06:05 PM | 00,001,602 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[09/07/2008 08:52 AM | 00,002,137 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[09/16/2008 05:39 PM | 00,001,604 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[08/16/2008 11:29 AM | 00,000,630 | ---- | M] () - C:\Documents and Settings\Travis\Desktop\Shortcut to Angie Payments.xlsx.lnk
[08/16/2008 11:36 AM | 00,000,635 | ---- | M] () - C:\Documents and Settings\Travis\Desktop\Shortcut to Gramps Payments.xlsx.lnk
[08/24/2008 12:11 PM | 00,002,473 | ---- | M] () - C:\Documents and Settings\Travis\Desktop\Microsoft Office Excel 2007.lnk
[08/25/2008 02:44 PM | 00,000,577 | ---- | M] () - C:\Documents and Settings\Travis\Desktop\Shortcut to Travis Budget.xlsx.lnk

< End of report >

TSD151 · « **Reply #13 on:** September 08, 2008, 05:17:59 PM »

The extra list

OTViewIt Extras logfile created on: 9/8/2008 6:43:29 PM - Run 2
OTViewIt by OldTimer - Version 1.0.1.8 Folder = C:\Documents and Settings\Travis\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.07 Mb Total Physical Memory | 502.28 Mb Available Physical Memory | 49.14% Memory free
2.40 Gb Paging File | 1.89 Gb Available in Paging File | 78.90% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.80 Gb Total Space | 12.69 Gb Free Space | 18.18% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[04/13/2008 08:12 PM | 00,141,312 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
[04/07/2004 01:07 PM | 01,135,728 | ---- | M] (America Online, Inc.)

"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
[04/07/2004 01:07 PM | 00,496,752 | ---- | M] (America Online, Inc)

"C:\Program Files\America Online 9.0\wEmail Removedexe" = C:\Program Files\America Online 9.0\wEmail Removedexe:*:Enabled:AOL
[09/01/2004 12:56 PM | 00,259,184 | ---- | M] (America Online, Inc.)

"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
[06/21/2006 01:36 AM | 00,187,176 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
[06/21/2006 01:36 AM | 01,207,080 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
[06/21/2006 01:36 AM | 01,977,128 | ---- | M] (Microsoft Corporation)

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[04/13/2008 02:53 PM | 00,558,080 | ---- | M] (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[04/13/2008 08:12 PM | 00,141,312 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
[04/07/2004 01:07 PM | 01,135,728 | ---- | M] (America Online, Inc.)

"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
[04/07/2004 01:07 PM | 00,496,752 | ---- | M] (America Online, Inc)

"C:\Program Files\America Online 9.0\wEmail Removedexe" = C:\Program Files\America Online 9.0\wEmail Removedexe:*:Enabled:AOL
[09/01/2004 12:56 PM | 00,259,184 | ---- | M] (America Online, Inc.)

"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
[05/12/2005 02:23 AM | 00,282,624 | ---- | M] (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
[05/12/2005 03:40 AM | 00,204,800 | ---- | M] (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe
[05/24/2005 05:17 AM | 00,225,280 | ---- | M] (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe
[05/24/2005 05:18 AM | 00,040,960 | ---- | M] (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe
[05/24/2005 05:13 AM | 00,081,920 | ---- | M] (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
[05/12/2005 01:06 PM | 00,200,704 | ---- | M] ()

"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
[05/12/2005 10:28 AM | 01,081,344 | ---- | M] (Hewlett-Packard)

"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe
[05/24/2005 05:42 AM | 00,172,032 | ---- | M] (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe
[05/12/2005 11:34 AM | 00,151,635 | ---- | M] (Hewlett-Packard)

"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe
[05/24/2005 05:18 AM | 00,458,752 | ---- | M] (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe
[03/15/2005 06:12 PM | 00,417,792 | ---- | M] ()

"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe
[03/15/2005 06:17 PM | 00,704,512 | ---- | M] ( )

"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
[05/24/2005 05:34 AM | 00,057,344 | ---- | M] (Hewlett-Packard Co.)

"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
[10/13/2004 12:24 PM | 01,694,208 | ---- | M] (Microsoft Corporation)

"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
[02/08/2008 05:32 PM | 00,147,456 | ---- | M] (Lime Wire, LLC)

"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[01/19/2007 04:49 PM | 04,670,968 | ---- | M] (Yahoo! Inc.)

"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
[01/19/2007 04:49 PM | 00,091,640 | ---- | M] (Yahoo! Inc.)

"C:\Program Files\Grisoft\AVG7\avginet.exe" = C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe
[04/21/2008 10:37 PM | 00,510,976 | ---- | M] (GRISOFT, s.r.o.)

"C:\Program Files\Grisoft\AVG7\avgamsvr.exe" = C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe
[10/23/2007 11:33 AM | 00,418,816 | ---- | M] (GRISOFT, s.r.o.)

"C:\Program Files\Grisoft\AVG7\avgcc.exe" = C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe
[04/21/2008 10:37 PM | 00,579,584 | ---- | M] (GRISOFT, s.r.o.)

"C:\Program Files\Grisoft\AVG7\avgemc.exe" = C:\Program Files\Grisoft\AVG7\avgemc.exe:*:Enabled:avgemc.exe
[01/12/2008 09:33 AM | 00,406,528 | ---- | M] (GRISOFT, s.r.o.)

"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Disabled:Java(tm) 2 Platform Standard Edition binary
[09/06/2008 06:08 PM | 00,139,264 | ---- | M] (Sun Microsystems, Inc.)

"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
[06/21/2006 01:36 AM | 00,187,176 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
[06/21/2006 01:36 AM | 01,207,080 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
[06/21/2006 01:36 AM | 01,977,128 | ---- | M] (Microsoft Corporation)

"C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe" = C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax
[02/05/2008 05:25 PM | 10,335,520 | ---- | M] (Intuit, Inc.)

"C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager
[10/22/2007 07:56 PM | 03,597,600 | ---- | M] (Intuit, Inc.)

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[04/13/2008 02:53 PM | 00,558,080 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote
[08/28/2007 11:43 PM | 01,022,840 | ---- | M] (Microsoft Corporation)

"C:\Program Files\LimeWire2\LimeWire.exe" = C:\Program Files\LimeWire2\LimeWire.exe:*:Enabled:LimeWire
[06/05/2008 02:52 PM | 00,147,456 | ---- | M] (Lime Wire, LLC)

"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[07/24/2007 03:17 PM | 00,229,376 | ---- | M] (Apple Inc.)

"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
[07/10/2008 10:51 AM | 20,246,824 | ---- | M] (Apple Inc.)

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] - "%1" %*
.cmd [@ = cmdfile] - "%1" %*
.com [@ = comfile] - "%1" %*
.exe [@ = exefile] - "%1" %*
.pif [@ = piffile] - "%1" %*
.scr [@ = scrfile] - "%1" /S

========== Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - [07/24/2007 03:17 PM | 00,147,456 | ---- | M] (Apple Inc.) C:\Program Files\Bonjour\mdnsNSP.dll

========== HKEY_LOCAL_MACHINE Protocol Defaults ==========

========== HKEY_CURRENT_USER Protocol Defaults ==========

========== Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]
msdaipp: [HKLM - No CLSID value]

========== Protocol Filters ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}" = Security Update for CAPICOM (KB931906)
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Roxio MyDVD LE
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2466E904-7E48-4597-9321-722CF02930EB}" = 5600
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(tm) 6 Update 10
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35B91753-5789-4517-9CF1-2CCE3A8CF4F1}" = Apple Mobile Device Support
"{37477865-A3F1-4772-AD43-AAFC6BCFF99F}" = MSXML 4.0 SP2 (KB927978)
"{3846E811-639D-4DE1-844B-30491C0A6C0C}" = Dell Support 3.2
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch
"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{609F7AC8-C510-11D4-A788-009027ABA5D0}" = Easy CD Creator 5 Basic
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}" = EarthLink setup files
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7A3F0566-5E05-4919-9C98-456F6B5CF831}" = Get High Speed Internet!
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel® PROSet for Wired Connections
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = MusicmatchÂ® Jukebox
"{8A9B8148-DDD7-448F-BD6C-358386D32354}" = Corel Photo Album 6
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{1AFF2298-CC00-4A3B-866A-C62B8373794E}" = Security Update for 2007 Microsoft Office System (KB951596)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{558B709B-821B-4FC5-90FC-9A8890641E77}" = Security Update for Microsoft Office PowerPoint 2007 (KB951338)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6BAD036C-261F-4BEF-96CF-C20678D07A41}" = Security Update for Visio 2007 (KB947590)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7399DD71-8E24-4E60-B6A8-6CED89C0AC26}" = Security Update for Microsoft Office Excel 2007 (KB951546)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8F375E11-4FD6-4B89-9E2B-A76D48B51E00}" = Security Update for Microsoft Office system 2007 (KB951808)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A420F522-7395-4872-9882-C591B4B92278}" = Update for Office 2007 (KB946691)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD72BABE-C733-4FCF-9674-4314466191B9}" = Security Update for Microsoft Office Word 2007 (KB950113)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9E491AB7-4589-48CA-9CBB-874CB2788391}" = Studio 9
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B208806F-A231-4FA0-AB3F-5C1B8979223E}" = Microsoft ActiveSync 4.0
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B67624DE-75CE-4FAD-9F29-5C115773CE61}" = Studio 9 Content CD/DVD
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BFD5AC8A-5884-4da8-9873-3DF8E3DCCE18}" = 5600Trb
"{C04E32E0-0416-434D-AFB9-6969D703A9EF}" = MSXML 4.0 SP2 (KB936181)
"{C15B6175-689A-4D97-A42C-7225353F60A7}" = Linksys Updater
"{C191BE7C-8542-4A61-973A-714EF76C5995}" = Logitech QuickCam Software
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}" = Safari
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC7984C5-020D-4944-85A0-58D09D4A8BFB}" = 5600_Help
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EF6C4600-306D-4F6A-A119-C2A877D25B4A}" = iTunes
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"America Online us" = America Online (Choose which version to remove)
"AOL Connectivity Services" = AOL Connectivity Services
"AOLCoach" = AOL Coach Version 1.0(Build:20040229.1 en)
"ATI Display Driver" = ATI Display Driver
"AVG7Uninstall" = AVG 7.5
"Azureus" = Azureus
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"CleanUp!" = CleanUp!
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell Game Console" = Dell Game Console
"DivX Content Uploader" = DivX Content Uploader
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"Google Desktop" = Google Desktop
"HijackThis" = HijackThis 2.0.2
"Hollywood FX" = Pinnacle Hollywood FX
"Hollywood FX 5.5 Additional Effects" = Hollywood FX 5.5 Additional Effects
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"HPExtendedCapabilities" = HP Extended Capabilities 5.3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"KB835221WXP" = High Definition Audio Driver Package - KB835221
"KB893803v2" = Windows Installer 3.1 (KB893803)
"KB900325" = Update Rollup 2 for Windows XP Media Center Edition 2005
"KB903157" = Hotfix for Windows Media Player 10 (KB903157)
"KB908246" = Windows XP Media Center Edition 2005 KB908246
"KB910393" = Update for Windows Media Player 10 (KB910393)
"KB911564" = Security Update for Windows Media Player (KB911564)
"KB913800" = Update for Windows Media Player 10 (KB913800)
"KB917734_WMP10" = Security Update for Windows Media Player 10 (KB917734)
"KB923689" = Security Update for Windows XP (KB923689)
"KB925398_WMP64" = Security Update for Windows Media Player 6.4 (KB925398)
"KB925766" = Windows XP Media Center Edition 2005 KB925766
"KB926251" = Update for Windows Media Player 10 (KB926251)
"KB929399" = Hotfix for Windows Media Format 11 SDK (KB929399)
"KB931906" = Security Update for CAPICOM (KB931906)
"KB936782_WMP11" = Security Update for Windows Media Player 11 (KB936782)
"KB938127-IE7" = Security Update for Windows Internet Explorer 7 (KB938127)
"KB939683" = Hotfix for Windows Media Player 11 (KB939683)
"KB941569" = Security Update for Windows XP (KB941569)
"KB942615-IE7" = Security Update for Windows Internet Explorer 7 (KB942615)
"KB944533-IE7" = Security Update for Windows Internet Explorer 7 (KB944533)
"KB946648" = Security Update for Windows XP (KB946648)
"KB947864-IE7" = Hotfix for Windows Internet Explorer 7 (KB947864)
"KB950759-IE7" = Security Update for Windows Internet Explorer 7 (KB950759)
"KB950760" = Security Update for Windows XP (KB950760)
"KB950762" = Security Update for Windows XP (KB950762)
"KB950974" = Security Update for Windows XP (KB950974)
"KB951066" = Security Update for Windows XP (KB951066)
"KB951072-v2" = Update for Windows XP (KB951072-v2)
"KB951376" = Security Update for Windows XP (KB951376)
"KB951376-v2" = Security Update for Windows XP (KB951376-v2)
"KB951698" = Security Update for Windows XP (KB951698)
"KB951748" = Security Update for Windows XP (KB951748)
"KB952287" = Hotfix for Windows XP (KB952287)
"KB952954" = Security Update for Windows XP (KB952954)
"KB953838-IE7" = Security Update for Windows Internet Explorer 7 (KB953838)
"KB953839" = Security Update for Windows XP (KB953839)
"LimeWire" = LimeWire 4.18.2
"M928366" = Microsoft .NET Framework 1.1 Hotfix (KB928366)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PokerStars.net" = PokerStars.net
"PROSet" = Intel® PRO Network Connections Drivers
"QcDrv" = LogitechÂ® Camera Driver
"RealPlayer 6.0" = RealPlayer Basic
"RiseOfNations 1.0" = Microsoft Rise Of Nations
"RiseofNationsExpansion 1.0" = Rise of Nations Thrones and Patriots
"SpywareBlaster_is1" = SpywareBlaster v3.5.1
"StreetPlugin" = Learn2 Player (Uninstall Only)
"TurboTax Deluxe 2007" = TurboTax Deluxe 2007
"Verizon Online DSL_is1" = Verizon Online DSL
"Verizon Online Help and Support" = Verizon Online Help and Support
"vol_toolbar" = Verizon Broadband Toolbar
"WebSTAR DPC2100 Uninstall" = Scientific-Atlanta WebSTAR 2000 series Cable Modem
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Customizations" = Yahoo! Browser Services
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/6/2008 10:48:49 PM - Computer Name = MAIN - User Name = User SID not found - Source = Application Hang
Description = Hanging application setup.exe, version 4.6.7334.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/6/2008 10:48:54 PM - Computer Name = MAIN - User Name = User SID not found - Source = Application Hang
Description = Fault bucket 678317510.

Error - 8/10/2008 4:58:29 PM - Computer Name = MAIN - User Name = User SID not found - Source = Application Error
Description = Faulting application itunes.exe, version 7.7.0.43, faulting module
quicktime.qts, version 7.50.61.0, fault address 0x001515c3.

Error - 8/13/2008 7:02:33 AM - Computer Name = MAIN - User Name = NT AUTHORITY\SYSTEM - Source = MsiInstaller
Description = Product: Microsoft Works -- Error 1706.No valid source could be found
for product Microsoft Works. The Windows installer cannot continue.

Error - 8/13/2008 7:02:33 AM - Computer Name = MAIN - User Name = NT AUTHORITY\SYSTEM - Source = MsiInstaller
Description = Product: Microsoft Works - Update 'Update for Microsoft Works 8 (KB955428)'
could not be installed. Error code 1603. Windows Installer can create logs to help
troubleshoot issues with installing software packages. Use the following link for
instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error - 8/13/2008 9:39:52 PM - Computer Name = MAIN - User Name = MAIN\Travis - Source = MsiInstaller
Description = Product: Adobe Reader 9 -- A process is running that cannot be shut
down by Setup. Please either close all applications and run Setup again, or restart
your computer and run Setup again.

Error - 9/2/2008 11:49:43 PM - Computer Name = MAIN - User Name = User SID not found - Source = Application Hang
Description = Hanging application iexplore.exe, version 7.0.6000.16705, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 9/2/2008 11:50:07 PM - Computer Name = MAIN - User Name = User SID not found - Source = Application Hang
Description = Fault bucket 854786114.

Error - 9/2/2008 11:50:58 PM - Computer Name = MAIN - User Name = User SID not found - Source = Application Hang
Description = Hanging application iexplore.exe, version 7.0.6000.16705, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 9/2/2008 11:51:01 PM - Computer Name = MAIN - User Name = User SID not found - Source = Application Hang
Description = Fault bucket 854786114.

[ Internet Explorer Events ]

[ Media Center Events ]

[ ODiag Events ]

[ OSession Events ]
Error - 4/11/2008 7:10:05 AM - Computer Name = MAIN - User Name = User SID not found - Source = Microsoft Office 12 Sessions
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 20788
seconds with 180 seconds of active time. This session ended with a crash.

[ Security Events ]

[ System Events ]
Error - 4/22/2008 4:13:16 PM - Computer Name = MAIN - User Name = MAIN\Travis - Source = DCOM
Description = The server {ED081F25-6A77-4C89-B689-C6E15C582EC1} did not register
with DCOM within the required timeout.

Error - 4/22/2008 4:14:46 PM - Computer Name = MAIN - User Name = MAIN\Travis - Source = DCOM
Description = The server {ED081F25-6A77-4C89-B689-C6E15C582EC1} did not register
with DCOM within the required timeout.

Error - 5/12/2008 9:06:03 AM - Computer Name = MAIN - User Name = User SID not found - Source = Dhcp
Description = Your computer has lost the lease to its IP address 192.168.100.10
on the Network Card with network address 001BD7CB8CD3.

Error - 5/15/2008 2:47:26 AM - Computer Name = MAIN - User Name = MAIN\Travis - Source = DCOM
Description = The server {ED081F25-6A77-4C89-B689-C6E15C582EC1} did not register
with DCOM within the required timeout.

Error - 5/15/2008 2:48:12 AM - Computer Name = MAIN - User Name = MAIN\Travis - Source = DCOM
Description = The server {ED081F25-6A77-4C89-B689-C6E15C582EC1} did not register
with DCOM within the required timeout.

Error - 5/15/2008 2:49:16 AM - Computer Name = MAIN - User Name = MAIN\Travis - Source = DCOM
Description = The server {ED081F25-6A77-4C89-B689-C6E15C582EC1} did not register
with DCOM within the required timeout.

Error - 5/15/2008 9:57:47 PM - Computer Name = MAIN - User Name = MAIN\Tammie - Source = DCOM
Description = The server {ED081F25-6A77-4C89-B689-C6E15C582EC1} did not register
with DCOM within the required timeout.

Error - 5/23/2008 6:02:15 AM - Computer Name = MAIN - User Name = User SID not found - Source = Dhcp
Description = Your computer has lost the lease to its IP address 192.168.100.10
on the Network Card with network address 001BD7CB8CD3.

Error - 6/4/2008 7:04:24 PM - Computer Name = MAIN - User Name = User SID not found - Source = Dhcp
Description = The IP address lease 98.163.117.158 for the Network Card with network
address 001372E6D277 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).

Error - 6/6/2008 3:48:51 PM - Computer Name = MAIN - User Name = MAIN\Tammie - Source = DCOM
Description = The server {ED081F25-6A77-4C89-B689-C6E15C582EC1} did not register
with DCOM within the required timeout.

< End of report >

guestolo · « **Reply #14 on:** September 09, 2008, 09:04:53 AM »

Do a "System scan only" with Hijackthis and put a check next to these entries:

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://127.0.0.1:4664/first_usage&s=Y4...9kUcKX0OpLFAFZU

After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

Reboot your computer

Come back here, post a fresh hijackthis log and let me know how things are running

TheTechGuide Forum

News:

Author Topic: Possible Problem (Read 2534 times)

TSD151

Possible Problem

guestolo

Possible Problem

TSD151

Possible Problem

guestolo

Possible Problem

TSD151

Possible Problem

guestolo

Possible Problem

TSD151

Possible Problem

guestolo

Possible Problem

TSD151

Possible Problem

guestolo

Possible Problem

TSD151

Possible Problem

guestolo

Possible Problem

TSD151

Possible Problem

TSD151

Possible Problem

guestolo

Possible Problem