1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

HJT Help

Discussion in 'Virus & Other Malware Removal' started by ukgeneral, Jul 18, 2008.

Thread Status:
Not open for further replies.
Advertisement
  1. ukgeneral

    ukgeneral Thread Starter

    Joined:
    Jul 18, 2008
    Messages:
    4
    After restarting my computer I was unable to access the internet properly. I use a wireless connection to a BT Home Hub (which I have reset to make sure it was that), while the computer showed it was connected to the wireless network as did PG2, my browser (FireFox - and I did try IE as well, but that didnt work either) was unable to connect, MSN had the same problem giving the error code 80072efd. The Hijacker has also caused system restore to stop working and McAfee to close after a brief flash of the splash. So i believe it could be McAfee's firewall blocking the internet. I have also tried to run McAfee and System restore in safe mode, but they still dont work. I have run HJT its log looks like this:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:56:26, on 18/07/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Cain\Abel.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Kontiki\KService.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
    C:\Program Files\VMware\VMware Player\hqtray.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\ThreatFire\TFTray.exe
    C:\Program Files\McAfee\MSK\MskSrver.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\NetWaiting\netWaiting.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Kontiki\KHost.exe
    C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
    C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\PeerGuardian2\pg2.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Dell Support Center\gs_agent\dsc.exe
    C:\Program Files\ThreatFire\TFService.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
    C:\WINDOWS\system32\vmnat.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\Vidalia Bundle\Tor\tor.exe
    C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\Program Files\VMware\VMware Player\vmware-authd.exe
    C:\WINDOWS\system32\vmnetdhcp.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=1070925
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=1070925
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=1070925
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.3.118\KiweeIEToolbar.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll (file missing)
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.3.118\KiweeIEToolbar.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (file missing)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
    O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
    O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.3.118\KiweeIEToolbar.dll
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
    O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Player\hqtray.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
    O4 - HKLM\..\Run: [RCAutoLiveUpdate] C:\Program Files\Max Registry Cleaner\MaxLiveUpdateRC.exe -AUTO
    O4 - HKLM\..\Run: [RCSystemTray] C:\Program Files\Max Registry Cleaner\MaxRCSystemTray.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
    O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
    O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P2 /q C:\DOCUME~1\EDWARD~1\LOCALS~1\Temp\HSPERF~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\Temp\{59BCB~1\{A804B~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\Temp\{59BCB~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\Temp\isp786.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\OJYRWNSF\CLIENT~2.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\4X8RWX2X\IN591D~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\OJYRWNSF\CAGLMFWL.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\MNIHOPA7\CAFAITNN.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\MNIHOPA7\FILEHI~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\C1YNC5Y7\VIEW_1~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\4989UFYN\CLIENT~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\4989UFYN\BANNER~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\2VQB21AJ\CAPTCH~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\0TYN0TY7\VIEW_1~1.SH! C:\DOCUME~1\
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: AutorunsDisabled
    O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &Download All with FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Download with FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
    O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Edward Richardson\Start Menu\Programs\IMVU\Run IMVU.lnk
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O15 - Trusted Zone: http://*.mcafee.com
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
    O16 - DPF: {ABB660B6-6694-407B-950A-EDBA5A159722} (DVC Download Control) - http://www.shockwave.com/content/davincicode/sis/DVC Download Control.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: wbsys.dll,avgrsstx.dll
    O23 - Service: Abel - oxid.it - C:\Program Files\Cain\Abel.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
    O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe
    O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
    O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
    O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
    --
    End of file - 19751 bytes
     
  2. ukgeneral

    ukgeneral Thread Starter

    Joined:
    Jul 18, 2008
    Messages:
    4
    I also ran the start up tool in HJT it's log looks like this:

    StartupList report, 18/07/2008, 11:37:27
    StartupList version: 1.52.2
    Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE
    Detected: Windows XP SP2 (WinNT 5.01.2600)
    Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    * Using default options
    * Including empty and uninteresting sections
    * Showing rarely important sections
    ==================================================
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Cain\Abel.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Kontiki\KService.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
    C:\Program Files\VMware\VMware Player\hqtray.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\ThreatFire\TFTray.exe
    C:\Program Files\McAfee\MSK\MskSrver.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\NetWaiting\netWaiting.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Kontiki\KHost.exe
    C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
    C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\PeerGuardian2\pg2.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Dell Support Center\gs_agent\dsc.exe
    C:\Program Files\ThreatFire\TFService.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
    C:\WINDOWS\system32\vmnat.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\Vidalia Bundle\Tor\tor.exe
    C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\Program Files\VMware\VMware Player\vmware-authd.exe
    C:\WINDOWS\system32\vmnetdhcp.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\msiexec.exe
     
  3. ukgeneral

    ukgeneral Thread Starter

    Joined:
    Jul 18, 2008
    Messages:
    4
    --------------------------------------------------
    Listing of startup folders:
    Shell folders Startup:
    [C:\Documents and Settings\Edward Richardson\Start Menu\Programs\Startup\]
    IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
    Shell folders AltStartup:
    *Folder not found*
    User shell folders Startup:
    *Folder not found*
    User shell folders AltStartup:
    *Folder not found*
    Shell folders Common Startup:
    [C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
    Digital Line Detect.lnk = ?
    hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
    hpoddt01.exe.lnk = ?
    Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
    Shell folders Common AltStartup:
    *Folder not found*
    User shell folders Common Startup:
    *Folder not found*
    User shell folders Alternate Common Startup:
    *Folder not found*
    --------------------------------------------------
    Checking Windows NT UserInit:
    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\WINDOWS\system32\userinit.exe,
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
    *Registry key not found*
    [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    *Registry value not found*
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
    *Registry key not found*
    --------------------------------------------------
    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    ehTray = C:\WINDOWS\ehome\ehtray.exe
    SunJavaUpdateSched = C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    Dell QuickSet = C:\Program Files\Dell\QuickSet\quickset.exe
    Broadcom Wireless Manager UI = C:\WINDOWS\system32\WLTRAY.exe
    DVDLauncher = "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    ISUSPM Startup = C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    ISUSScheduler = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    (Default) =
    RoxWatchTray = "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    dscactivate = "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
    ECenter = C:\Dell\E-Center\EULALauncher.exe
    QuickTime Task = "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    VMware hqtray = "C:\Program Files\VMware\VMware Player\hqtray.exe"
    Adobe Reader Speed Launcher = "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    Kernel and Hardware Abstraction Layer = KHALMNPR.EXE
    StartCCC = "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    RCAutoLiveUpdate = C:\Program Files\Max Registry Cleaner\MaxLiveUpdateRC.exe -AUTO
    RCSystemTray = C:\Program Files\Max Registry Cleaner\MaxRCSystemTray.exe
    AVG8_TRAY = C:\PROGRA~1\AVG\AVG8\avgtray.exe
    DellSupportCenter = "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    ZoneAlarm Client = "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    ThreatFire = C:\Program Files\ThreatFire\TFTray.exe
    mcagent_exe = C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    --------------------------------------------------
    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
    *No values found*
    --------------------------------------------------
    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    *No values found*
    --------------------------------------------------
    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
    *Registry key not found*
    --------------------------------------------------
    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    *Registry key not found*
    --------------------------------------------------
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    ModemOnHold = C:\Program Files\NetWaiting\netWaiting.exe
    DellSupport = "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    Steam = "C:\Program Files\Steam\Steam.exe" -silent
    DellSupportCenter = "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    ccleaner = "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
    kdx = C:\Program Files\Kontiki\KHost.exe -all
    ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
    SRS Audio Sandbox = "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
    Vidalia = "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
    swg = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    PeerGuardian = C:\Program Files\PeerGuardian2\pg2.exe
    msnmsgr = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background
    --------------------------------------------------
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
    DelayShred = "c:\program files\mcafee\mshr\ShrCL.EXE" /P2 /q C:\DOCUME~1\EDWARD~1\LOCALS~1\Temp\HSPERF~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\Temp\{59BCB~1\{A804B~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\Temp\{59BCB~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\Temp\isp786.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\OJYRWNSF\CLIENT~2.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\4X8RWX2X\IN591D~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\OJYRWNSF\CAGLMFWL.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\MNIHOPA7\CAFAITNN.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\MNIHOPA7\FILEHI~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\C1YNC5Y7\VIEW_1~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\4989UFYN\CLIENT~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\4989UFYN\BANNER~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\2VQB21AJ\CAPTCH~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\0TYN0TY7\VIEW_1~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\0TYN0TY7\CLIENT~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\ASK56P9I\CAPTCH~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\011VYA3U\CLIENT~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\011VYA3U\CAUR4FZW.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\VNCPY644\CAK5IJGV.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\W7YX4KC0\BOOTST~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\0AG8DETC\LOADIN~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\45I7KDAF\HIST1_~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\0AG8DETC\INDEX_~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\W7YX4KC0\APPLIC~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\GG5VB3AW\BOOTST~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\0AG8DETC\HIST1_~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\45I7KDAF\APPLIC~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\FWFOLDZF\APPLIC~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\UJZUGQLA\BOOTST~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\OOH2P8G0\CLIENT~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\OOH2P8G0\HIST0_~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\3DWI1K0P\LOADIN~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\UJZUGQLA\RON_72~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\09MROX63\B26844~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\K16RCLIB\BOOTST~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\ODQR05IJ\CLIENT~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\FT4J7PK5\HIST0_~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\OXMBW5IZ\LOADIN~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\ODQR05IJ\APPLIC~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\KFSFYREJ\APPLIC~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\KFSFYREJ\FOXY_S~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\65EH69CN\BOOTST~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\MO3G3DG5\HIST0_~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\KFSFYREJ\LOADIN~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\V9CW5VKE\OPTN_6~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\221M6W07\INDEX_~2.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\6NYZCV8F\B29271~2.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\6NYZCV8F\LOADIN~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\221M6W07\APPLIC~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\U1SZO7EL\HIST0_~1.SH! C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\6NYZCV8F\BOOTST~1.SH!
    --------------------------------------------------
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    *Registry key not found*
    --------------------------------------------------
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
    *Registry key not found*
    --------------------------------------------------
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    *Registry key not found*
    --------------------------------------------------
    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
    *Registry key not found*
    --------------------------------------------------
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
    *Registry key not found*
    --------------------------------------------------
    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    [AutorunsDisabled]
    4oD = "C:\Program Files\Kontiki\KHost.exe" -all
    DAEMON Tools = "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    Flashget = C:\PROGRA~1\FlashGet\FlashGet.exe /min
    PWRISOVM.EXE = C:\Program Files\PowerISO\PWRISOVM.EXE
    [OptionalComponents]
    =
    --------------------------------------------------
    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
    *No subkeys found*
    --------------------------------------------------
    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    *No subkeys found*
    --------------------------------------------------
    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
    *Registry key not found*
    --------------------------------------------------
    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    *Registry key not found*
    --------------------------------------------------
    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    [AdobeUpdater]
    =
    [AutorunsDisabled]
    AlcoholAutomount = "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background
    swg = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    kdx = C:\Program Files\Kontiki\KHost.exe -all
    Start WingMan Profiler = "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
    CTSyncU.exe = "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
    --------------------------------------------------
    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
    *No subkeys found*
    --------------------------------------------------
    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    *Registry key not found*
    --------------------------------------------------
    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
    *Registry key not found*
    --------------------------------------------------
    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    *Registry key not found*
    --------------------------------------------------
    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
    *Registry key not found*
    --------------------------------------------------
    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
    *Registry key not found*
    --------------------------------------------------
    File association entry for .EXE:
    HKEY_CLASSES_ROOT\exefile\shell\open\command
    (Default) = "%1" %*
    --------------------------------------------------
    File association entry for .COM:
    HKEY_CLASSES_ROOT\comfile\shell\open\command
    (Default) = "%1" %*
    --------------------------------------------------
    File association entry for .BAT:
    HKEY_CLASSES_ROOT\batfile\shell\open\command
    (Default) = "%1" %*
    --------------------------------------------------
    File association entry for .PIF:
    HKEY_CLASSES_ROOT\piffile\shell\open\command
    (Default) = "%1" %*
    --------------------------------------------------
    File association entry for .SCR:
    HKEY_CLASSES_ROOT\scrfile\shell\open\command
    (Default) = "%1" /S
    --------------------------------------------------
    File association entry for .HTA:
    HKEY_CLASSES_ROOT\htafile\shell\open\command
    (Default) = C:\WINDOWS\system32\mshta.exe "%1" %*
    --------------------------------------------------
    File association entry for .TXT:
    HKEY_CLASSES_ROOT\txtfile\shell\open\command
    (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1
    --------------------------------------------------
    Enumerating Active Setup stub paths:
    HKLM\Software\Microsoft\Active Setup\Installed Components
    (* = disabled by HKCU twin)
    [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    [>{26923b43-4d38-484f-9b9e-de460746276c}] *
    StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
    [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
    StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
    StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
    [KB910393] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall
    [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
    StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    [{407408d4-94ed-4d86-ab69-a7f649d112ee}] *
    StubPath = %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
    [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
    [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    [{4b218e3e-bc98-4770-93d3-2731b9329278}] *
    StubPath = %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
    [{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
    [{7790769C-0471-11d2-AF11-00C04FA35D02}] *
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    [{89820200-ECBD-11cf-8B85-00AA005B4340}] *
    StubPath = regsvr32.exe /s /n /i:U shell32.dll
    [{89820200-ECBD-11cf-8B85-00AA005B4383}] *
    StubPath = %SystemRoot%\system32\ie4uinit.exe
    [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
    StubPath = c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
    [{8b15971b-5355-4c82-8c07-7e181ea07608}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
    --------------------------------------------------
    Enumerating ICQ Agent Autostart apps:
    HKCU\Software\Mirabilis\ICQ\Agent\Apps
    *Registry key not found*
    --------------------------------------------------
    Load/Run keys from C:\WINDOWS\WIN.INI:
    load=*INI section not found*
    run=*INI section not found*
    Load/Run keys from Registry:
    HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
    HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
    HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
    HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
    HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
    HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
    HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
    HKCU\..\Windows NT\CurrentVersion\Windows: load=
    HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=wbsys.dll,avgrsstx.dll
    --------------------------------------------------
    Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
    Shell=*INI section not found*
    SCRNSAVE.EXE=*INI section not found*
    drivers=*INI section not found*
    Shell & screensaver key from Registry:
    Shell=Explorer.exe
    SCRNSAVE.EXE=C:\WINDOWS\system32\JARHEA~1.SCR
    drivers=*Registry value not found*
    Policies Shell key:
    HKCU\..\Policies: Shell=*Registry key not found*
    HKLM\..\Policies: Shell=*Registry value not found*
    --------------------------------------------------
    Checking for EXPLORER.EXE instances:
    C:\WINDOWS\Explorer.exe: PRESENT!
    C:\Explorer.exe: not present
    C:\WINDOWS\Explorer\Explorer.exe: not present
    C:\WINDOWS\System\Explorer.exe: not present
    C:\WINDOWS\System32\Explorer.exe: not present
    C:\WINDOWS\Command\Explorer.exe: not present
    C:\WINDOWS\Fonts\Explorer.exe: not present
    --------------------------------------------------
    Checking for superhidden extensions:
    .lnk: HIDDEN! (arrow overlay: yes)
    .pif: HIDDEN! (arrow overlay: yes)
    .exe: not hidden
    .com: not hidden
    .bat: not hidden
    .hta: not hidden
    .scr: not hidden
    .shs: HIDDEN!
    .shb: HIDDEN!
    .vbs: not hidden
    .vbe: not hidden
    .wsh: not hidden
    .scf: HIDDEN! (arrow overlay: NO!)
    .url: HIDDEN! (arrow overlay: yes)
    .js: not hidden
    .jse: not hidden
    --------------------------------------------------
    Verifying REGEDIT.EXE integrity:
    - Regedit.exe found in C:\WINDOWS
    - .reg open command is normal (regedit.exe %1)
    - Company name OK: 'Microsoft Corporation'
    - Original filename OK: 'REGEDIT.EXE'
    - File description: 'Registry Editor'
    Registry check passed
    --------------------------------------------------
    Enumerating Browser Helper Objects:
    (no name) - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
    QFX Software KeyScrambler - C:\Program Files\KeyScrambler\KeyScramblerIE.dll - {2B9F5787-88A5-4945-90E7-C4B18563BC5E}
    flashget urlcatch - C:\Program Files\FlashGet\jccatch.dll - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7}
    McAntiPhishingBHO - c:\PROGRA~1\mcafee\msk\mcapbho.dll (file missing) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4}
    WormRadar.com IESiteBlocker.NavFilter - C:\Program Files\AVG\AVG8\avgssie.dll - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    (no name) - C:\Program Files\Kiwee Toolbar2\1.3.118\KiweeIEToolbar.dll - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F}
    (no name) - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
    scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll (file missing) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231}
    (no name) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
    (no name) - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL - {A057A204-BACC-4D26-9990-79A187E2698E}
    (no name) - c:\program files\google\googletoolbar2.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
    (no name) - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
    (no name) - C:\Program Files\Dell\BAE\BAE.dll - {CA6319C0-31B7-401E-A518-A07C3DB8F777}
    ZoneAlarm Spy Blocker BHO - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}
    (no name) - C:\Program Files\FlashGet\getflash.dll - {F156768E-81EF-470C-9057-481BA8380DBA}
    --------------------------------------------------
    Enumerating Task Scheduler jobs:
    AppleSoftwareUpdate.job
    FRU Task #Hewlett-Packard#hp psc 2100 series#1191153532.job
    McDefragTask.job
    McQcTask.job
    --------------------------------------------------
    Enumerating Download Program Files:
    [Microsoft XML Parser for Java]
    CODEBASE = file://C:\WINDOWS\Java\classes\xmldso.cab
    OSD = C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd
    [Checkers Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\msgrchkr.dll
    CODEBASE = http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    [System Requirements Lab Class]
    InProcServer32 = C:\Program Files\SystemRequirementsLab\sysreqlab2.dll
    CODEBASE = http://www.systemrequirementslab.com/sysreqlab2.cab
    OSD = C:\WINDOWS\Downloaded Program Files\SysReqLab2.osd
    [Java Plug-in 1.6.0_03]
    InProcServer32 = C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    CODEBASE = http://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab
    [DVC Download Control]
    InProcServer32 = C:\WINDOWS\DOWNLO~1\DVCDOW~1.OCX
    CODEBASE = http://www.shockwave.com/content/davincicode/sis/DVC%20Download%20Control.cab
    [MessengerStatsClient Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll
    CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    [Java Plug-in 1.4.2_04]
    InProcServer32 = C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    CODEBASE = http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
    [Java Plug-in 1.5.0_06]
    InProcServer32 = C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
    [Java Plug-in 1.6.0_03]
    InProcServer32 = C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
    [Java Plug-in 1.6.0_03]
    InProcServer32 = C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
    CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
    [PCPitstop Exam]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\pcpitstop2.dll
    CODEBASE = http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
    --------------------------------------------------
    Enumerating Winsock LSP files:
    NameSpace #1: C:\WINDOWS\System32\mswsock.dll
    NameSpace #2: C:\WINDOWS\System32\winrnr.dll
    NameSpace #3: C:\WINDOWS\System32\mswsock.dll
    NameSpace #4: C:\WINDOWS\System32\nwprovau.dll
    Protocol #1: C:\WINDOWS\system32\mswsock.dll
    Protocol #2: C:\WINDOWS\system32\mswsock.dll
    Protocol #3: C:\WINDOWS\system32\mswsock.dll
    Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
    Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
    Protocol #6: C:\WINDOWS\system32\mswsock.dll
    Protocol #7: C:\WINDOWS\system32\mswsock.dll
    Protocol #8: C:\WINDOWS\system32\mswsock.dll
    Protocol #9: C:\WINDOWS\system32\mswsock.dll
    Protocol #10: C:\WINDOWS\system32\mswsock.dll
    Protocol #11: C:\WINDOWS\system32\mswsock.dll
    Protocol #12: C:\WINDOWS\system32\mswsock.dll
    Protocol #13: C:\WINDOWS\system32\mswsock.dll
    Protocol #14: C:\WINDOWS\system32\mswsock.dll
    Protocol #15: C:\WINDOWS\system32\mswsock.dll
    Protocol #16: C:\WINDOWS\system32\mswsock.dll
    Protocol #17: C:\WINDOWS\system32\mswsock.dll
    Protocol #18: C:\WINDOWS\system32\mswsock.dll
     
  4. ukgeneral

    ukgeneral Thread Starter

    Joined:
    Jul 18, 2008
    Messages:
    4
    --------------------------------------------------
    Enumerating Windows NT/2000/XP services
    Abel: C:\Program Files\Cain\Abel.exe (autostart)
    abp480n5: \SystemRoot\system32\DRIVERS\ABP480N5.SYS (disabled)
    Microsoft ACPI Driver: system32\DRIVERS\ACPI.sys (system)
    Microsoft Embedded Controller Driver: system32\DRIVERS\ACPIEC.sys (system)
    adpu160m: \SystemRoot\system32\DRIVERS\adpu160m.sys (disabled)
    Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start)
    AFD: \SystemRoot\System32\drivers\afd.sys (system)
    Intel AGP Bus Filter: \SystemRoot\system32\DRIVERS\agp440.sys (disabled)
    Compaq AGP Bus Filter: \SystemRoot\system32\DRIVERS\agpCPQ.sys (disabled)
    Aha154x: \SystemRoot\system32\DRIVERS\aha154x.sys (disabled)
    aic78u2: \SystemRoot\system32\DRIVERS\aic78u2.sys (disabled)
    aic78xx: \SystemRoot\system32\DRIVERS\aic78xx.sys (disabled)
    Alerter: %SystemRoot%\system32\svchost.exe -k LocalService (disabled)
    Application Layer Gateway Service: %SystemRoot%\System32\alg.exe (manual start)
    AliIde: \SystemRoot\system32\DRIVERS\aliide.sys (disabled)
    ALI AGP Bus Filter: \SystemRoot\system32\DRIVERS\alim1541.sys (disabled)
    AMD AGP Bus Filter Driver: \SystemRoot\system32\DRIVERS\amdagp.sys (disabled)
    AMD Processor Driver: system32\DRIVERS\AmdK8.sys (system)
    AMDPCI: \??\C:\DOCUME~1\EDWARD~1\LOCALS~1\Temp\AMDPCI.sys (manual start)
    AMD Special Tools Driver: system32\DRIVERS\AmdTools.sys (manual start)
    amsint: \SystemRoot\system32\DRIVERS\amsint.sys (disabled)
    APPDRV: \SystemRoot\SYSTEM32\DRIVERS\APPDRV.SYS (system)
    Application Management: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    asc: \SystemRoot\system32\DRIVERS\asc.sys (disabled)
    asc3350p: \SystemRoot\system32\DRIVERS\asc3350p.sys (disabled)
    asc3550: \SystemRoot\system32\DRIVERS\asc3550.sys (disabled)
    ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (manual start)
    RAS Asynchronous Media Driver: system32\DRIVERS\asyncmac.sys (manual start)
    Standard IDE/ESDI Hard Disk Controller: system32\DRIVERS\atapi.sys (system)
    Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart)
    ATI Smart: C:\WINDOWS\system32\ati2sgag.exe (autostart)
    ati2mtag: system32\DRIVERS\ati2mtag.sys (manual start)
    ATM ARP Client Protocol: system32\DRIVERS\atmarpc.sys (manual start)
    Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Audio Stub Driver: system32\DRIVERS\audstub.sys (manual start)
    AVG8 E-mail Scanner: C:\PROGRA~1\AVG\AVG8\avgemc.exe (autostart)
    AVG8 WatchDog: C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (autostart)
    AVG AVI Loader Driver x86: \SystemRoot\System32\Drivers\avgldx86.sys (system)
    AVG On-access Scanner Minifilter Driver x86: \SystemRoot\System32\Drivers\avgmfx86.sys (system)
    AVG8 Network Redirector: \SystemRoot\System32\Drivers\avgtdix.sys (autostart)
    Dell Wireless WLAN Card Driver: system32\DRIVERS\bcmwl5.sys (manual start)
    Broadcom 440x 10/100 Integrated Controller XP Driver: system32\DRIVERS\bcm4sbxp.sys (manual start)
    Background Intelligent Transfer Service: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##: "C:\Program Files\Bonjour\mDNSResponder.exe" (autostart)
    Computer Browser: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Bluetooth Request Block Driver: system32\DRIVERS\BthEnum.sys (manual start)
    Bluetooth Device (Personal Area Network): system32\DRIVERS\bthpan.sys (manual start)
    Bluetooth Port Driver: System32\Drivers\BTHport.sys (manual start)
    Bluetooth Support Service: %SystemRoot%\system32\svchost.exe -k bthsvcs (autostart)
    Bluetooth Radio USB Driver: System32\Drivers\BTHUSB.sys (manual start)
    cbidf: \SystemRoot\system32\DRIVERS\cbidf2k.sys (disabled)
    Closed Caption Decoder: system32\DRIVERS\CCDECODE.sys (manual start)
    cd20xrnt: \SystemRoot\system32\DRIVERS\cd20xrnt.sys (disabled)
    CD-ROM Driver: system32\DRIVERS\cdrom.sys (system)
    Indexing Service: %SystemRoot%\system32\cisvc.exe (manual start)
    ClipBook: %SystemRoot%\system32\clipsrv.exe (disabled)
    .NET Runtime Optimization Service v2.0.50727_X86: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start)
    Microsoft ACPI Control Method Battery Driver: system32\DRIVERS\CmBatt.sys (manual start)
    CmdIde: \SystemRoot\system32\DRIVERS\cmdide.sys (disabled)
    Microsoft Composite Battery Driver: system32\DRIVERS\compbatt.sys (system)
    COM+ System Application: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
    Cpqarray: \SystemRoot\system32\DRIVERS\cpqarray.sys (disabled)
    Creative Service for CDROM Access: C:\WINDOWS\system32\CTsvcCDA.exe (autostart)
    Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    dac2w2k: \SystemRoot\system32\DRIVERS\dac2w2k.sys (disabled)
    dac960nt: \SystemRoot\system32\DRIVERS\dac960nt.sys (disabled)
    Dual-Mode DSC(2770): System32\Drivers\SQcaptur.sys (manual start)
    DCOM Server Process Launcher: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
    DHCP Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Disk Driver: system32\DRIVERS\disk.sys (system)
    DLABMFSM: System32\DLA\DLABMFSM.SYS (autostart)
    DLABOIOM: System32\DLA\DLABOIOM.SYS (autostart)
    DLACDBHM: System32\Drivers\DLACDBHM.SYS (system)
    DLADResM: System32\DLA\DLADResM.SYS (autostart)
    DLAIFS_M: System32\DLA\DLAIFS_M.SYS (autostart)
    DLAOPIOM: System32\DLA\DLAOPIOM.SYS (autostart)
    DLAPoolM: System32\DLA\DLAPoolM.SYS (autostart)
    DLARTL_M: System32\Drivers\DLARTL_M.SYS (system)
    DLAUDFAM: System32\DLA\DLAUDFAM.SYS (autostart)
    DLAUDF_M: System32\DLA\DLAUDF_M.SYS (autostart)
    Logical Disk Manager Administrative Service: %SystemRoot%\System32\dmadmin.exe /com (manual start)
    dmboot: System32\drivers\dmboot.sys (disabled)
    Logical Disk Manager Driver: System32\drivers\dmio.sys (system)
    dmload: System32\drivers\dmload.sys (disabled)
    Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start)
    DNS Client: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
    dpti2o: \SystemRoot\system32\DRIVERS\dpti2o.sys (disabled)
    Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
    DRVMCDB: System32\Drivers\DRVMCDB.SYS (system)
    DRVNDDM: System32\Drivers\DRVNDDM.SYS (autostart)
    DSBrokerService: "C:\Program Files\DellSupport\brkrsvc.exe" (manual start)
    DSproct: \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (manual start)
    DellSupport UniDriver: system32\DRIVERS\dsunidrv.sys (autostart)
    dtscsi: \SystemRoot\System32\Drivers\dtscsi.sys (manual start)
    DVDRM: System32\drivers\dvdrm.sys (system)
    Intel(R) PRO Adapter Driver: system32\DRIVERS\e100b325.sys (manual start)
    Media Center Receiver Service: C:\WINDOWS\eHome\ehRecvr.exe (autostart)
    Media Center Scheduler Service: C:\WINDOWS\eHome\ehSched.exe (autostart)
    Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Event Log: %SystemRoot%\system32\services.exe (autostart)
    COM+ Event System: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start)
    Fast User Switching Compatibility: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Fax: %systemroot%\system32\fxssvc.exe (autostart)
    Floppy Disk Controller Driver: system32\DRIVERS\fdc.sys (manual start)
    FLEXnet Licensing Service: "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" (manual start)
    Floppy Disk Driver: system32\DRIVERS\flpydisk.sys (manual start)
    FltMgr: system32\DRIVERS\fltMgr.sys (system)
    Windows Presentation Foundation Font Cache 3.0.0.0: c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (manual start)
    Volume Manager Driver: system32\DRIVERS\ftdisk.sys (system)
    Generic Packet Classifier: system32\DRIVERS\msgpc.sys (manual start)
    Google Updater Service: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" (manual start)
    VMware hcmon: \??\C:\WINDOWS\system32\Drivers\hcmon.sys (autostart)
    Microsoft UAA Bus Driver for High Definition Audio: system32\DRIVERS\HDAudBus.sys (manual start)
    Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Microsoft HID Class Driver: system32\DRIVERS\hidusb.sys (manual start)
    hpn: \SystemRoot\system32\DRIVERS\hpn.sys (disabled)
    IEEE-1284.4 Driver HPZid412: system32\DRIVERS\HPZid412.sys (manual start)
    Print Class Driver for IEEE-1284.4 HPZipr12: system32\DRIVERS\HPZipr12.sys (manual start)
    USB to IEEE-1284.4 Translation Driver HPZius12: system32\DRIVERS\HPZius12.sys (manual start)
    HSF_DPV: system32\DRIVERS\HSX_DPV.sys (manual start)
    HSXHWAZL: system32\DRIVERS\HSXHWAZL.sys (manual start)
    HTTP: System32\Drivers\HTTP.sys (manual start)
    HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
    i2omp: \SystemRoot\system32\DRIVERS\i2omp.sys (disabled)
    i8042 Keyboard and PS/2 Mouse Port Driver: system32\DRIVERS\i8042prt.sys (system)
    InstallDriver Table Manager: "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" (manual start)
    Windows CardSpace: "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" (manual start)
    CD-Burning Filter Driver: system32\DRIVERS\imapi.sys (system)
    IMAPI CD-Burning COM Service: C:\WINDOWS\system32\imapi.exe (manual start)
    ini910u: \SystemRoot\system32\DRIVERS\ini910u.sys (disabled)
    IntelIde: \SystemRoot\system32\DRIVERS\intelide.sys (disabled)
    Intel Processor Driver: system32\DRIVERS\intelppm.sys (disabled)
    IPv6 Windows Firewall Driver: system32\DRIVERS\Ip6Fw.sys (manual start)
    IP Traffic Filter Driver: system32\DRIVERS\ipfltdrv.sys (manual start)
    IP in IP Tunnel Driver: system32\DRIVERS\ipinip.sys (manual start)
    IP Network Address Translator: system32\DRIVERS\ipnat.sys (manual start)
    IPSEC driver: system32\DRIVERS\ipsec.sys (system)
    IR Enumerator Service: system32\DRIVERS\irenum.sys (manual start)
    PnP ISA/EISA Bus Driver: system32\DRIVERS\isapnp.sys (system)
    Keyboard Class Driver: system32\DRIVERS\kbdclass.sys (system)
    Keyboard HID Driver: system32\DRIVERS\kbdhid.sys (system)
    KeyScrambler: System32\drivers\keyscrambler.sys (manual start)
    KLIF: system32\DRIVERS\klif.sys (system)
    Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start)
    KService: "C:\Program Files\Kontiki\KService.exe" (autostart)
    Server: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Workstation: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Logitech SetPoint KMDF HID Filter Driver: system32\DRIVERS\LHidFilt.Sys (manual start)
    TCP/IP NetBIOS Helper: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
    Logitech SetPoint KMDF Mouse Filter Driver: system32\DRIVERS\LMouFilt.Sys (manual start)
    Driver for MagicISO SCSI Host Controller: system32\DRIVERS\mcdbus.sys (manual start)
    McAfee Services: C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (autostart)
    McAfee Network Agent: "c:\program files\common files\mcafee\mna\mcnasvc.exe" (autostart)
    McAfee Scanner: C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (manual start)
    McAfee Proxy Service: c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (autostart)
    Media Center Extender Service: C:\WINDOWS\ehome\mcrdsvc.exe (autostart)
    McAfee Real-time Scanner: C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (autostart)
    McAfee SystemGuards: C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (manual start)
    mdmxsdk: system32\DRIVERS\mdmxsdk.sys (autostart)
    Messenger: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
    McAfee Inc. mfeavfk: system32\drivers\mfeavfk.sys (manual start)
    McAfee Inc. mfebopk: system32\drivers\mfebopk.sys (manual start)
    McAfee Inc. mfehidk: system32\drivers\mfehidk.sys (system)
    McAfee Inc. mferkdk: system32\drivers\mferkdk.sys (manual start)
    McAfee Inc. mfesmfk: system32\drivers\mfesmfk.sys (manual start)
    MHN: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    MHN driver: system32\DRIVERS\mhndrv.sys (manual start)
    NetMeeting Remote Desktop Sharing: C:\WINDOWS\system32\mnmsrvc.exe (manual start)
    Mouse Class Driver: system32\DRIVERS\mouclass.sys (system)
    Mouse HID Driver: system32\DRIVERS\mouhid.sys (manual start)
    MPFP: System32\Drivers\Mpfp.sys (system)
    McAfee Personal Firewall Service: "C:\Program Files\McAfee\MPF\MPFSrv.exe" (autostart)
    mraid35x: \SystemRoot\system32\DRIVERS\mraid35x.sys (disabled)
    WebDav Client Redirector: system32\DRIVERS\mrxdav.sys (manual start)
    MRXSMB: system32\DRIVERS\mrxsmb.sys (system)
    Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start)
    Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start)
    McAfee SpamKiller Service: "C:\Program Files\McAfee\MSK\MskSrver.exe" (autostart)
    Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
    Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
    Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
    Microsoft System Management BIOS Driver: system32\DRIVERS\mssmbios.sys (manual start)
    Microsoft Streaming Tee/Sink-to-Sink Converter: system32\drivers\MSTEE.sys (manual start)
    NABTS/FEC VBI Codec: system32\DRIVERS\NABTSFEC.sys (manual start)
    Microsoft TV/Video Connection: system32\DRIVERS\NdisIP.sys (manual start)
    Remote Access NDIS TAPI Driver: system32\DRIVERS\ndistapi.sys (manual start)
    NDIS Usermode I/O Protocol: system32\DRIVERS\ndisuio.sys (manual start)
    Remote Access NDIS WAN Driver: system32\DRIVERS\ndiswan.sys (manual start)
    NetBIOS Interface: system32\DRIVERS\netbios.sys (system)
    NetBios over Tcpip: system32\DRIVERS\netbt.sys (system)
    Network DDE: %SystemRoot%\system32\netdde.exe (disabled)
    Network DDE DSDM: %SystemRoot%\system32\netdde.exe (disabled)
    Net Logon: %SystemRoot%\system32\lsass.exe (manual start)
    Network Connections: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Net.Tcp Port Sharing Service: "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" (disabled)
    Network Location Awareness (NLA): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    Network Monitor Driver: system32\DRIVERS\NMnt.sys (manual start)
    NoteCable Driver (WDM): system32\drivers\notcable.sys (manual start)
    NetGroup Packet Filter Driver: system32\drivers\npf.sys (manual start)
    NTHANDLE: \??\C:\Downloads\nthandleex\HANDLE.SYS (manual start)
    NT LM Security Support Provider: %SystemRoot%\system32\lsass.exe (manual start)
    Removable Storage: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
    nv: system32\DRIVERS\nv4_mini.sys (manual start)
    IPX Traffic Filter Driver: system32\DRIVERS\nwlnkflt.sys (manual start)
    IPX Traffic Forwarder Driver: system32\DRIVERS\nwlnkfwd.sys (manual start)
    Office Source Engine: "c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (manual start)
    Parallel port driver: system32\DRIVERS\parport.sys (manual start)
    PCI Bus Driver: system32\DRIVERS\pci.sys (system)
    PCIIde: system32\DRIVERS\pciide.sys (system)
    perc2: \SystemRoot\system32\DRIVERS\perc2.sys (disabled)
    perc2hib: \SystemRoot\system32\DRIVERS\perc2hib.sys (disabled)
    pgfilter: \??\C:\Program Files\PeerGuardian2\pgfilter.sys (manual start)
    Plug and Play: %SystemRoot%\system32\services.exe (autostart)
    Pml Driver HPZ12: C:\WINDOWS\system32\HPZipm12.exe (manual start)
    IPSEC Services: %SystemRoot%\system32\lsass.exe (autostart)
    WAN Miniport (PPTP): system32\DRIVERS\raspptp.sys (manual start)
    Processor Driver: system32\DRIVERS\processr.sys (system)
    Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
    ProtexisLicensing: C:\WINDOWS\system32\PSIService.exe (autostart)
    QoS Packet Scheduler: system32\DRIVERS\psched.sys (manual start)
    Direct Parallel Link Driver: system32\DRIVERS\ptilink.sys (manual start)
    PxHelp20: System32\Drivers\PxHelp20.sys (system)
    ql1080: \SystemRoot\system32\DRIVERS\ql1080.sys (disabled)
    Ql10wnt: \SystemRoot\system32\DRIVERS\ql10wnt.sys (disabled)
    ql12160: \SystemRoot\system32\DRIVERS\ql12160.sys (disabled)
    ql1240: \SystemRoot\system32\DRIVERS\ql1240.sys (disabled)
    ql1280: \SystemRoot\system32\DRIVERS\ql1280.sys (disabled)
    Remote Access Auto Connection Driver: system32\DRIVERS\rasacd.sys (system)
    Remote Access Auto Connection Manager: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    WAN Miniport (L2TP): system32\DRIVERS\rasl2tp.sys (manual start)
    Remote Access Connection Manager: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    Remote Access PPPOE Driver: system32\DRIVERS\raspppoe.sys (manual start)
    Direct Parallel: system32\DRIVERS\raspti.sys (manual start)
    Rdbss: system32\DRIVERS\rdbss.sys (system)
    RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
    Terminal Server Device Redirector Driver: system32\DRIVERS\rdpdr.sys (manual start)
    Remote Desktop Help Session Manager: C:\WINDOWS\system32\sessmgr.exe (manual start)
    Digital CD Audio Playback Filter Driver: system32\DRIVERS\redbook.sys (system)
    Routing and Remote Access: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
    Remote Registry: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
    Bluetooth Device (RFCOMM Protocol TDI): system32\DRIVERS\rfcomm.sys (manual start)
    rimmptsk: system32\DRIVERS\rimmptsk.sys (manual start)
    RoxMediaDB9: "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe" (manual start)
    Roxio Hard Drive Watcher 9: "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe" (autostart)
    Remote Packet Capture Protocol v.0 (experimental): "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" (manual start)
    Remote Procedure Call (RPC) Locator: %SystemRoot%\system32\locator.exe (manual start)
    Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
    QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start)
    RTCore32: \??\C:\Downloads\RMClock\RTCore32.sys (manual start)
    Sony Ericsson Device 117 driver (WDM): system32\DRIVERS\s117bus.sys (manual start)
    Sony Ericsson Device 117 USB WMC Modem Filter: system32\DRIVERS\s117mdfl.sys (manual start)
    Sony Ericsson Device 117 USB WMC Modem Driver: system32\DRIVERS\s117mdm.sys (manual start)
    Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS): system32\DRIVERS\s117nd5.sys (manual start)
    Sony Ericsson Device 117 USB WMC OBEX Interface: system32\DRIVERS\s117obex.sys (manual start)
    Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM): system32\DRIVERS\s117unic.sys (manual start)
    Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
    Smart Card: %SystemRoot%\System32\SCardSvr.exe (manual start)
    Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    sdbus: system32\DRIVERS\sdbus.sys (manual start)
    Secdrv: system32\DRIVERS\secdrv.sys (manual start)
    Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Serenum Filter Driver: system32\DRIVERS\serenum.sys (manual start)
    Serial port driver: system32\DRIVERS\serial.sys (system)
    SFF Storage Class Driver: system32\DRIVERS\sffdisk.sys (manual start)
    SFF Storage Protocol Driver for SDBus: system32\DRIVERS\sffp_sd.sys (manual start)
    Windows Firewall/Internet Connection Sharing (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    SIS AGP Bus Filter: \SystemRoot\system32\DRIVERS\sisagp.sys (disabled)
    BDA Slip De-Framer: system32\DRIVERS\SLIP.sys (manual start)
    Sparrow: \SystemRoot\system32\DRIVERS\sparrow.sys (disabled)
    Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start)
    Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
    SupportSoft Sprocket Service (dellsupportcenter): C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter (autostart)
    sptd: System32\Drivers\sptd.sys (system)
    System Restore Filter Driver: system32\DRIVERS\sr.sys (system)
    srescan: system32\ZoneLabs\srescan.sys (system)
    System Restore Service: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    SRS Labs Audio Sandbox (WDM): system32\drivers\srs_sscfilter_i386.sys (manual start)
    Srv: system32\DRIVERS\srv.sys (manual start)
    SSDP Discovery Service: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
    StarWind AE Service: C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (autostart)
    SigmaTel High Definition Audio CODEC: system32\drivers\sthda.sys (manual start)
    Windows Image Acquisition (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart)
    stllssvr: "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe" (manual start)
    BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start)
    Software Bus Driver: system32\DRIVERS\swenum.sys (manual start)
    Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start)
    MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{6F6160A9-C71A-4D34-91A0-5B9E71074979} (manual start)
    symc810: \SystemRoot\system32\DRIVERS\symc810.sys (disabled)
    symc8xx: \SystemRoot\system32\DRIVERS\symc8xx.sys (disabled)
    sym_hi: \SystemRoot\system32\DRIVERS\sym_hi.sys (disabled)
    sym_u3: \SystemRoot\system32\DRIVERS\sym_u3.sys (disabled)
    Synaptics TouchPad Driver: system32\DRIVERS\SynTP.sys (manual start)
    Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start)
    Performance Logs and Alerts: %SystemRoot%\system32\smlogsvc.exe (manual start)
    Telephony: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    TCP/IP Protocol Driver: system32\DRIVERS\tcpip.sys (system)
    Terminal Device Driver: system32\DRIVERS\termdd.sys (system)
    Terminal Services: %SystemRoot%\System32\svchost -k DComLaunch (manual start)
    TfFsMon: system32\drivers\TfFsMon.sys (system)
    TfKbMon: System32\Drivers\TfKbMon.sys (manual start)
    TfNetMon: \??\C:\WINDOWS\system32\drivers\TfNetMon.sys (manual start)
    TfSysMon: system32\drivers\TfSysMon.sys (system)
    Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    ThreatFire: C:\Program Files\ThreatFire\TFService.exe service (autostart)
    Telnet: C:\WINDOWS\system32\tlntsvr.exe (disabled)
    TosIde: \SystemRoot\system32\DRIVERS\toside.sys (disabled)
    Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    ultra: \SystemRoot\system32\DRIVERS\ultra.sys (disabled)
    Microcode Update Driver: system32\DRIVERS\update.sys (manual start)
    Universal Plug and Play Device Host: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
    Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start)
    Microsoft USB Generic Parent Driver: system32\DRIVERS\usbccgp.sys (manual start)
    Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32\DRIVERS\usbehci.sys (manual start)
    USB2 Enabled Hub: system32\DRIVERS\usbhub.sys (manual start)
    Microsoft USB Open Host Controller Miniport Driver: system32\DRIVERS\usbohci.sys (manual start)
    Microsoft USB PRINTER Class: system32\DRIVERS\usbprint.sys (manual start)
    USB Scanner Driver: system32\DRIVERS\usbscan.sys (manual start)
    USB Mass Storage Driver: system32\DRIVERS\USBSTOR.SYS (manual start)
    Microsoft USB Universal Host Controller Miniport Driver: system32\DRIVERS\usbuhci.sys (manual start)
    Messenger Sharing Folders USN Journal Reader service: "C:\Program Files\Windows Live\Messenger\usnsvc.exe" (manual start)
    VgaSave: \SystemRoot\System32\drivers\vga.sys (system)
    VIA AGP Bus Filter: \SystemRoot\system32\DRIVERS\viaagp.sys (disabled)
    ViaIde: \SystemRoot\system32\DRIVERS\viaide.sys (disabled)
    VMware Authorization Service: "C:\Program Files\VMware\VMware Player\vmware-authd.exe" (autostart)
    VMware kbd: \??\C:\WINDOWS\system32\drivers\VMkbd.sys (manual start)
    VMware Virtual Ethernet Adapter Driver: system32\DRIVERS\vmnetadapter.sys (manual start)
    VMware Bridge Protocol: system32\DRIVERS\vmnetbridge.sys (autostart)
    VMware DHCP Service: C:\WINDOWS\system32\vmnetdhcp.exe (autostart)
    VMware Network Application Interface: \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys (autostart)
    VMware Virtual Mount Manager Extended: "C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe" (autostart)
    VMware NAT Service: C:\WINDOWS\system32\vmnat.exe (autostart)
    VMware vmx86: \??\C:\WINDOWS\system32\Drivers\vmx86.sys (autostart)
    vsdatant: System32\vsdatant.sys (system)
    TrueVector Internet Monitor: C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service (autostart)
    Volume Shadow Copy: %SystemRoot%\System32\vssvc.exe (manual start)
    Vstor2 Virtual Storage Driver: \??\C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys (autostart)
    Sony Ericsson W300 Driver driver (WDM): system32\DRIVERS\w300bus.sys (manual start)
    Windows Time: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Remote Access IP ARP Driver: system32\DRIVERS\wanarp.sys (manual start)
    Wdf01000: system32\DRIVERS\Wdf01000.sys (manual start)
    Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start)
    WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
    winachsf: system32\DRIVERS\HSX_CNXT.sys (manual start)
    Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    Windows Live Setup Service: "C:\Program Files\Windows Live\installer\WLSetupSvc.exe" (manual start)
    Dell Wireless WLAN Tray Service: %SystemRoot%\System32\WLTRYSVC.EXE %SystemRoot%\System32\bcmwltry.exe (autostart)
    Logitech Virtual Bus Enumerator Driver: system32\drivers\WmBEnum.sys (manual start)
    Portable Media Serial Number Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Logitech WingMan HID Filter Driver: system32\drivers\WmFilter.sys (manual start)
    Windows Management Instrumentation Driver Extensions: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Microsoft Windows Management Interface for ACPI: system32\DRIVERS\wmiacpi.sys (system)
    WMI Performance Adapter: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start)
    Windows Media Player Network Sharing Service: "C:\Program Files\Windows Media Player\WMPNetwk.exe" (manual start)
    Logitech Virtual Hid Device Driver: system32\drivers\WmVirHid.sys (manual start)
    Logitech WingMan Translation Layer Driver: system32\drivers\WmXlCore.sys (manual start)
    WpdUsb: system32\DRIVERS\wpdusb.sys (manual start)
    Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    World Standard Teletext Codec: system32\DRIVERS\WSTCODEC.SYS (manual start)
    Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    Windows Driver Foundation - User-mode Driver Framework Platform Driver: system32\DRIVERS\WudfPf.sys (system)
    Windows Driver Foundation - User-mode Driver Framework Reflector: system32\DRIVERS\wudfrd.sys (manual start)
    Windows Driver Foundation - User-mode Driver Framework: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup (autostart)
    Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Network Provisioning Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

    --------------------------------------------------
    Enumerating Windows NT logon/logoff scripts:
    *No scripts set to run*
    Windows NT checkdisk command:
    BootExecute = autocheck autochk *
    Windows NT 'Wininit.ini':
    PendingFileRenameOperations: C:\DOCUME~1\EDWARD~1\LOCALS~1\TEMPOR~1\Content.IE5\index.dat||C:\DOCUME~1\EDWARD~1\Cookies\index.dat||C:\DOCUME~1\EDWARD~1\LOCALS~1\History\History.IE5\index.dat|||~
    --------------------------------------------------
    Enumerating ShellServiceObjectDelayLoad items:
    PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
    CDBurn: C:\WINDOWS\system32\SHELL32.dll
    WebCheck: C:\WINDOWS\system32\webcheck.dll
    SysTray: C:\WINDOWS\system32\stobject.dll
    WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll
    --------------------------------------------------
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
    *Registry key not found*
    --------------------------------------------------
    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
    *Registry key not found*
    --------------------------------------------------
    End of report, 58,156 bytes
    Report generated in 0.328 seconds

    I'll happily answer any questions. THANKS FOR YOUR HELP!!!

    P.S. Sorry for posting 4x, it wldnt fit on one post!
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/731591