I have tried everylittle trick I know and haven't gotten any where.

Here is the HJT.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:48:26 PM, on 1/14/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell Photo AIO Printer 942\memcard.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=20008&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=20008&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DellMCM] "C:\Program Files\Dell Photo AIO Printer 942\memcard.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Dell Photo AIO Printer 942] "C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck /autofix
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Search - ?p=ZCxdm565YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1231901144156
O17 - HKLM\System\CCS\Services\Tcpip\..\{B808F886-1A5C-49D0-8FC8-A6D54E8A2598}: NameServer = 192.168.1.1,4.2.2.2
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlbu_device - Dell - C:\WINDOWS\system32\dlbucoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 11497 bytes

Hello and Welcome to Safer Networking,

My name is peku006and I will be helping you to remove any infection(s) that you may have.
I will be giving you a series of instructions that need to be followed in the order in which I give them to you.

Please observe these rules while we work:


If you don't know, stop and ask! Don't keep going on.
Please reply to this thread. Do not start a new topic.
Please continue to respond until I give you the "All Clear"

If you follow these instructions, everything should go smoothly.

1 - Download and Run Malwarebytes' Anti-Malware
Please download Malwarebytes Anti-Malware (http://www.besttechie.net/tools/mbam-setup.exe) and save it to your desktop.
alternate download link 1 (http://malwarebytes.gt500.org/mbam-setup.exe)
alternate download link 2 (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html)

Double-click on Download_mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware
Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
If an update is found, the program will automatically update itself.
Press the OK button to close that box and continue.
If you encounter any problems while downloading the updates, manually download them from here (http://www.malwarebytes.org/mbam/database/mbam-rules.exe) and just double-click on mbam-rules.exe to install.
On the Scanner tab:

Make sure the "Perform full scan" option is selected.
Then click on the Scan button.
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button
The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:

Click on the Show Results button to see a list of any malware that was found.
Make sure that everything is checked, and click Remove Selected.
When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
The log can also be found here:

C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Copy and paste the contents of that report in your next reply and exit MBAM.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

2 - download and run RSIT

Download random's system information tool (RSIT) by random/random from here (http://images.malwareremoval.com/random/RSIT.exe) and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt<- (will be maximized) and info.txt<- (will be minimized)

3 - Status Check
Please reply with

1.the logs from RSIT (log.txt ,info.txt)
2. the Malwarebytes' Anti-Malware Log

Thanks peku006

Malware Bytes Log

Malwarebytes' Anti-Malware 1.32
Database version: 1650
Windows 5.1.2600 Service Pack 3

1/18/2009 6:45:12 PM
mbam-log-2009-01-18 (18-45-12).txt

Scan type: Full Scan (C:\|)
Objects scanned: 116347
Time elapsed: 1 hour(s), 1 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Logfile of random's system information tool 1.05 (written by random/random)
Run by Lindsey at 2009-01-18 18:48:00
Microsoft Windows XP Professional Service Pack 3
System drive C: has 15 GB (45%) free of 33 GB
Total RAM: 503 MB (18% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:48:31 PM, on 1/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell Photo AIO Printer 942\memcard.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Lindsey\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Lindsey.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=20008&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=20008&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DellMCM] "C:\Program Files\Dell Photo AIO Printer 942\memcard.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Dell Photo AIO Printer 942] "C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - ?p=ZCxdm565YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1231901144156
O17 - HKLM\System\CCS\Services\Tcpip\..\{B808F886-1A5C-49D0-8FC8-A6D54E8A2598}: NameServer = 192.168.1.1,4.2.2.2
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlbu_device - - C:\WINDOWS\system32\dlbucoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 11174 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\McDefragTask.job
C:\WINDOWS\tasks\McQcTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{089FD14D-132B-48FC-8861-0048AE113215}]
C:\Program Files\SiteAdvisor\6261\SiteAdv.dll [2008-05-16 927008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mcapbho.dll [2007-11-26 324936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06 118842]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-13 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-11-09 58688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-13 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-13 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0} - McAfee SiteAdvisor - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll [2008-05-16 927008]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RealTray"=C:\Program Files\Real\RealPlayer\RealPlay.exe [2005-11-04 26112]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-11-01 582992]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-06-10 81920]
"ISUSPM Startup"=c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-06-10 249856]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2004-10-30 385024]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"DVDLauncher"=C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [2005-02-23 53248]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2004-12-06 127035]
"DellMCM"=C:\Program Files\Dell Photo AIO Printer 942\memcard.exe [2004-07-27 262144]
"Dell QuickSet"=C:\Program Files\Dell\QuickSet\quickset.exe [2005-03-04 606208]
"Dell Photo AIO Printer 942"=C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe [2004-08-31 294912]
"Corel Photo Downloader"=C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe [2005-11-16 106496]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2004-09-13 155648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-10-14 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-10-14 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-10-14 114688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"DellSupport"=C:\Program Files\DellSupport\DSAgnt.exe [2007-03-15 460784]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-10-14 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2004-09-07 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\1132031662\ee\AOLServiceHost.exe"="C:\Program Files\Common Files\AOL\1132031662\ee\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23a4d106-beb1-11da-8b98-001422df06ba}]
shell\AutoRun\command - E:\JDSecure\Windows\JDSecure31.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
shell\AutoRun\command - E:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63e189ee-93c1-11dc-8de7-001422df06ba}]
shell\AutoRun\command - E:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd86c87a-b3b3-11da-8b87-001422df06ba}]
shell\AutoRun\command - E:\JDSecure\Windows\JDSecure31.exe


======List of files/folders created in the last 1 months======

2009-01-18 18:48:00 ----D---- C:\rsit
2009-01-17 13:48:52 ----A---- C:\WINDOWS\system32\igfxres.dll
2009-01-17 13:27:17 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-01-17 13:25:20 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-01-17 13:23:36 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2009-01-17 13:22:05 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-01-17 13:20:48 ----A---- C:\WINDOWS\ModemLog_Conexant D110 MDC V.92 Modem.txt
2009-01-17 12:46:13 ----D---- C:\Documents and Settings\Lindsey\Application Data\MSNInstaller
2009-01-16 20:50:50 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$
2009-01-16 20:50:34 ----D---- C:\Program Files\Microsoft Silverlight
2009-01-16 20:49:57 ----D---- C:\Documents and Settings\Lindsey\Application Data\Windows Desktop Search
2009-01-16 20:47:40 ----D---- C:\WINDOWS\system32\GroupPolicy
2009-01-16 20:47:40 ----D---- C:\Program Files\Windows Desktop Search
2009-01-16 20:47:19 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2009-01-16 20:47:11 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-01-16 20:45:54 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-01-16 20:45:53 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-01-16 20:44:35 ----D---- C:\Program Files\Windows Media Connect 2
2009-01-16 20:44:19 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-01-16 20:42:19 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-01-16 20:40:19 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-01-16 20:37:15 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2009-01-16 17:30:56 ----D---- C:\WINDOWS\ie7updates
2009-01-16 17:29:15 ----D---- C:\WINDOWS\WBEM
2009-01-16 17:27:20 ----HDC---- C:\WINDOWS\ie7
2009-01-16 17:26:50 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-01-16 17:26:01 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-01-15 18:11:21 ----D---- C:\Program Files\Bonjour
2009-01-15 18:08:41 ----D---- C:\Program Files\iTunes
2009-01-15 18:08:41 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-15 18:04:46 ----D---- C:\Program Files\QuickTime
2009-01-15 17:54:55 ----D---- C:\Program Files\Apple Software Update
2009-01-15 03:03:21 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-01-15 03:02:59 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2009-01-15 03:02:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-01-15 03:02:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2009-01-15 03:02:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-15 03:02:03 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-01-15 03:01:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-01-15 03:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-01-15 03:01:18 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-01-14 19:17:43 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-01-14 19:15:30 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-01-14 19:09:53 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-01-14 19:09:52 ----D---- C:\Program Files\NOS
2009-01-14 19:06:57 ----SHD---- C:\RECYCLER
2009-01-14 16:24:24 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-01-14 16:24:24 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-01-14 15:44:13 ----D---- C:\Program Files\Trend Micro
2009-01-14 11:08:42 ----D---- C:\WINDOWS\pss
2009-01-14 08:05:21 ----D---- C:\Documents and Settings\Lindsey\Application Data\Malwarebytes
2009-01-14 08:05:12 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-14 08:05:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-14 08:03:07 ----A---- C:\ComboFix.txt
2009-01-14 07:50:27 ----D---- C:\32788R22FWJFW
2009-01-14 03:07:31 ----D---- C:\WINDOWS\Prefetch
2009-01-14 00:36:55 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-01-14 00:36:45 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-01-14 00:36:37 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-01-14 00:36:24 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-01-14 00:36:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-01-14 00:35:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2009-01-14 00:35:46 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-01-14 00:35:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-01-14 00:35:19 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2009-01-14 00:35:08 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-01-14 00:34:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-01-14 00:34:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-14 00:34:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-01-14 00:34:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-01-14 00:34:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2009-01-14 00:34:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-01-14 00:33:58 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-01-14 00:33:48 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-01-14 00:33:35 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
2009-01-14 00:33:26 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-01-14 00:33:17 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-01-14 00:24:46 ----D---- C:\WINDOWS\system32\en-us
2009-01-14 00:24:44 ----D---- C:\WINDOWS\system32\scripting
2009-01-14 00:24:42 ----D---- C:\WINDOWS\l2schemas
2009-01-14 00:24:41 ----D---- C:\WINDOWS\system32\en
2009-01-14 00:24:40 ----D---- C:\WINDOWS\system32\bits
2009-01-14 00:19:41 ----D---- C:\WINDOWS\ServicePackFiles
2009-01-14 00:07:51 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-01-13 23:45:37 ----D---- C:\Program Files\Common Files\Software Update Utility
2009-01-13 23:44:58 ----D---- C:\Program Files\AIM Search
2009-01-13 23:44:46 ----D---- C:\Documents and Settings\All Users\Application Data\acccore
2009-01-13 23:44:09 ----D---- C:\Documents and Settings\All Users\Application Data\AOL OCP
2009-01-13 23:41:46 ----D---- C:\Program Files\AIM6
2009-01-13 20:58:41 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-01-13 20:58:41 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-13 20:36:43 ----A---- C:\Boot.bak
2009-01-13 20:36:32 ----RASHD---- C:\cmdcons
2009-01-13 20:33:13 ----A---- C:\WINDOWS\zip.exe
2009-01-13 20:33:13 ----A---- C:\WINDOWS\VFIND.exe
2009-01-13 20:33:13 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-01-13 20:33:13 ----A---- C:\WINDOWS\SWSC.exe
2009-01-13 20:33:13 ----A---- C:\WINDOWS\SWREG.exe
2009-01-13 20:33:13 ----A---- C:\WINDOWS\sed.exe
2009-01-13 20:33:13 ----A---- C:\WINDOWS\NIRCMD.exe
2009-01-13 20:33:13 ----A---- C:\WINDOWS\grep.exe
2009-01-13 20:33:13 ----A---- C:\WINDOWS\fdsv.exe
2009-01-13 20:32:19 ----D---- C:\WINDOWS\ERDNT
2009-01-13 20:32:18 ----D---- C:\Qoobox
2009-01-13 19:00:32 ----A---- C:\WINDOWS\system32\javaws.exe
2009-01-13 19:00:32 ----A---- C:\WINDOWS\system32\javaw.exe
2009-01-13 19:00:32 ----A---- C:\WINDOWS\system32\java.exe
2009-01-13 19:00:32 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-01-13 18:29:48 ----D---- C:\WINDOWS\network diagnostic
2009-01-13 18:29:42 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2009-01-13 18:29:03 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2009-01-13 18:22:15 ----D---- C:\c6c09be9c96fcda5042230d4669d60

======List of files/folders modified in the last 1 months======

2009-01-18 18:48:09 ----D---- C:\WINDOWS\Temp
2009-01-17 13:53:51 ----D---- C:\WINDOWS\Microsoft.NET
2009-01-17 13:53:49 ----RSD---- C:\WINDOWS\assembly
2009-01-17 13:49:08 ----D---- C:\WINDOWS
2009-01-17 13:48:52 ----D---- C:\WINDOWS\system32
2009-01-17 13:47:46 ----D---- C:\WINDOWS\Registration
2009-01-17 13:45:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-17 13:42:22 ----D---- C:\WINDOWS\system32\drivers
2009-01-17 13:42:17 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-01-17 13:41:11 ----HD---- C:\WINDOWS\inf
2009-01-17 13:34:39 ----SHD---- C:\WINDOWS\Installer
2009-01-17 13:33:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-17 13:33:06 ----D---- C:\WINDOWS\WinSxS
2009-01-17 13:31:17 ----D---- C:\Program Files\Internet Explorer
2009-01-17 13:25:38 ----A---- C:\WINDOWS\imsins.BAK
2009-01-17 13:24:24 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-17 13:20:41 ----A---- C:\WINDOWS\ModemLog_Conexant D110 MDC V.9x Modem.txt
2009-01-17 13:20:23 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-17 12:47:49 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-17 12:47:49 ----D---- C:\Program Files
2009-01-17 12:46:17 ----D---- C:\Program Files\MSN
2009-01-17 12:44:00 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-17 12:43:07 ----D---- C:\Program Files\AIM
2009-01-17 12:42:54 ----D---- C:\Documents and Settings\Lindsey\Application Data\Aim
2009-01-17 03:02:05 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-01-17 00:46:58 ----D---- C:\WINDOWS\ehome
2009-01-16 20:51:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-16 20:50:55 ----D---- C:\WINDOWS\system32\wbem
2009-01-16 20:48:06 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-16 20:45:12 ----A---- C:\WINDOWS\win.ini
2009-01-16 20:44:34 ----D---- C:\Program Files\Windows Media Player
2009-01-16 20:44:27 ----D---- C:\WINDOWS\Help
2009-01-16 20:40:32 ----D---- C:\WINDOWS\system32\LogFiles
2009-01-16 17:29:23 ----D---- C:\WINDOWS\system32\config
2009-01-16 17:29:01 ----D---- C:\WINDOWS\Media
2009-01-16 03:14:07 ----D---- C:\Program Files\McAfee
2009-01-16 03:04:20 ----RSD---- C:\WINDOWS\Fonts
2009-01-16 03:03:05 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-01-15 18:09:41 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-01-15 18:09:00 ----D---- C:\Program Files\iPod
2009-01-15 18:08:59 ----D---- C:\Program Files\Common Files\Apple
2009-01-15 17:55:02 ----SD---- C:\WINDOWS\Tasks
2009-01-14 19:18:06 ----D---- C:\Program Files\Adobe
2009-01-14 19:17:43 ----D---- C:\Program Files\Common Files
2009-01-14 19:16:04 ----D---- C:\Program Files\Common Files\Adobe
2009-01-14 14:36:50 ----SHD---- C:\System Volume Information
2009-01-14 14:36:50 ----D---- C:\WINDOWS\system32\Restore
2009-01-14 14:30:18 ----RASH---- C:\boot.ini
2009-01-14 14:30:18 ----A---- C:\WINDOWS\system.ini
2009-01-14 07:56:03 ----D---- C:\WINDOWS\AppPatch
2009-01-14 03:09:21 ----A---- C:\WINDOWS\OEWABLog.txt
2009-01-14 03:07:35 ----A---- C:\WINDOWS\setuplog.txt
2009-01-14 03:06:55 ----D---- C:\Program Files\Messenger
2009-01-14 03:06:54 ----D---- C:\WINDOWS\system32\Setup
2009-01-14 00:38:53 ----D---- C:\WINDOWS\security
2009-01-14 00:25:13 ----D---- C:\WINDOWS\system32\inetsrv
2009-01-14 00:25:12 ----D---- C:\WINDOWS\ime
2009-01-14 00:24:46 ----D---- C:\WINDOWS\system32\usmt
2009-01-14 00:24:40 ----D---- C:\WINDOWS\PeerNet
2009-01-14 00:24:39 ----D---- C:\Program Files\Movie Maker
2009-01-14 00:19:19 ----D---- C:\WINDOWS\system32\npp
2009-01-14 00:19:19 ----D---- C:\WINDOWS\mui
2009-01-14 00:19:17 ----D---- C:\WINDOWS\msagent
2009-01-14 00:19:15 ----D---- C:\WINDOWS\srchasst
2009-01-14 00:19:13 ----D---- C:\Program Files\NetMeeting
2009-01-14 00:19:11 ----D---- C:\WINDOWS\system32\Com
2009-01-14 00:19:07 ----D---- C:\Program Files\Windows NT
2009-01-14 00:19:06 ----D---- C:\Program Files\Outlook Express
2009-01-14 00:19:00 ----D---- C:\Program Files\Common Files\System
2009-01-14 00:18:35 ----D---- C:\WINDOWS\system32\oobe
2009-01-14 00:18:31 ----D---- C:\WINDOWS\system
2009-01-13 23:44:55 ----D---- C:\Program Files\Viewpoint
2009-01-13 23:44:54 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2009-01-13 23:43:28 ----D---- C:\Program Files\Common Files\AOL
2009-01-13 22:13:38 ----A---- C:\WINDOWS\wininit.ini
2009-01-13 22:13:37 ----D---- C:\WINDOWS\wt
2009-01-13 21:44:51 ----D---- C:\WINDOWS\SoftwareDistribution
2009-01-13 19:21:02 ----D---- C:\Program Files\Common Files\SMART Technologies Inc
2009-01-13 18:59:58 ----D---- C:\Program Files\Java
2009-01-13 18:43:06 ----SHD---- C:\WINDOWS\CSC
2009-01-09 17:35:30 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2004-08-18 16128]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2007-11-22 201320]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2007-07-13 113952]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2004-02-13 17153]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-07-14 5627]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-07-14 23545]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.1.0.1; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2005-11-04 17056]
R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2005-11-04 8552]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-11-23 40480]
R2 dsunidrv;DellSupport UniDriver; C:\WINDOWS\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376]
R2 LxrJD31d;LxrJD31d; \??\C:\WINDOWS\system32\Drivers\LxrJD31d.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2004-08-31 11354]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2004-12-06 25883]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2004-12-06 34843]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2004-12-06 4123]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2004-12-06 2239]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2004-12-06 86586]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2004-12-06 15227]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2004-12-06 6363]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2004-12-06 98714]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2004-12-06 100603]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-11-16 108791]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2004-05-26 44928]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys []
R3 GearAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS [2005-05-03 1033728]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2005-05-03 208384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-10-14 1302812]
R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2007-11-22 79304]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2007-11-22 35240]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2007-12-02 40488]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2005-12-09 31680]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 STAC97;SigmaTel C-Major Audio; C:\WINDOWS\system32\drivers\STAC97.sys [2005-03-10 273168]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-05-03 705408]
S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys []
S3 catchme;catchme; \??\C:\Combo-Fix\catchme.sys []
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-17 1041536]
S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2007-11-22 33832]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-21 3210496]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2004-09-07 86016]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-13 152984]
R2 LxrJD31s;Lexar JD31; C:\WINDOWS\system32\LxrJD31s.exe [2006-03-28 71168]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:\program files\common files\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2007-07-24 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]
R2 MSK80Service;McAfee SpamKiller Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2007-11-26 23880]
R2 NICCONFIGSVC;NICCONFIGSVC; C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe [2005-03-04 356352]
R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2004-09-07 139264]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2004-09-07 360521]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 WLANKEEPER;WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2004-09-07 225353]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-12-05 695624]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 dlbu_device;dlbu_device; C:\WINDOWS\system32\dlbucoms.exe [2007-02-28 538096]
S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-07 76848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.05 2009-01-18 18:48:39

======Uninstall list======

-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->MsiExec.exe /I{F543B12A-13F5-487E-9314-F7D25E1BBE3E}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
AIM 6-->C:\Program Files\AIM6\uninst.exe
ALPS Touch Pad Driver-->C:\Program Files\Apoint\Uninstap.exe ADDREMOVE
AOLIcon-->MsiExec.exe /I{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Banctec Service Agreement-->MsiExec.exe /X{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}
Blasterball 2-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\D1A6F3FD-7B40-443F-8767-BADB25A0D222\Uninstall.exe"
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Broadcom Management Programs 2-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{64A77F14-0E08-4A97-A859-E93CFF428756} /l1033
Conexant D110 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1\HXFSETUP.EXE -U -Idel5422k.inf
Corel Photo Album 6-->MsiExec.exe /X{8A9B8148-DDD7-448F-BD6C-358386D32354}
Dell Digital Jukebox Driver-->C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Driver Reset Tool-->MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
Dell Game Console-->"C:\Program Files\WildTangent\Apps\Dell Game Console\Uninstall.exe"
Dell Photo AIO Printer 942-->C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBUUNST.EXE -NOLICENSE
DellSupport-->MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Digital Content Portal-->MsiExec.exe /I{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}
Digital Line Detect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
Download Updater (AOL LLC)-->C:\Program Files\Common Files\Software Update Utility\uninstall.exe
DVD X Copy GOLD v3.0.2 (remove only)-->C:\Program Files\321Studios\DVDXCopy GOLD\Uninst.exe
EarthLink setup files-->MsiExec.exe /X{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}
EducateU-->MsiExec.exe /I{A683A2C0-821C-486F-858C-FA634DB5E864}
ESPNMotion-->C:\PROGRA~1\ESPNMO~1\UNWISE.EXE /u C:\PROGRA~1\ESPNMO~1\INSTALL.LOG
GemMaster Mystic-->"C:\Program Files\GemMaster\uninstallgemmaster.exe"
Get High Speed Internet!-->MsiExec.exe /I{7A3F0566-5E05-4919-9C98-456F6B5CF831}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Intel(R) Graphics Media Accelerator Driver for Mobile-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
Internal Network Card Power Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F528948-0E80-4C96-B455-DE4167CB1DF7}\setup.exe" -l0x9 UNINSTALL APPDRVNT4
Internet Explorer Default Page-->MsiExec.exe /I{35BDEFF1-A610-4956-A00D-15453C116395}
iPod for Windows 2005-11-17-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{8338BA06-E527-491B-9400-F51708FEE695} /l1033
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Jasc Paint Shop Photo Album-->MsiExec.exe /I{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}
Jasc Paint Shop Pro 8 Dell Edition-->MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
Java 2 Runtime Environment, SE v1.4.2_03-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
JD Secure 3.1-->C:\WINDOWS\System32\JDSecure31.exe /u
Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
Macromedia Flash Player-->MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
mCore-->MsiExec.exe /I{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
mHlpDell-->MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Plus! Digital Media Edition Installer-->MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
Microsoft Plus! Photo Story 2 LE-->MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mIWCA-->MsiExec.exe /I{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Modem Helper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
mSSO-->MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
mToolkit-->MsiExec.exe /I{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
MyWay Search Assistant-->MsiExec.exe /X{E7559288-223B-453C-9F06-340E3BE21E39}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Otto-->"C:\Program Files\EnglishOtto\uninstallotto.exe"
PowerDVD 5.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickBooks Simple Start Special Edition-->msiexec.exe /I {F543B12A-13F5-487E-9314-F7D25E1BBE3E} UNIQUE_NAME="atomlimited" QBFULLNAME="QuickBooks Simple Start Special Edition" ADDREMOVE=1
QuickSet-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe" -l0x9 UNINSTALL APPDRVNT4 - ALL
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
RealPlayer Basic-->C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
SCRABBLE-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\6B6A7665-DB48-4762-AB5D-BEEB9E1CD7FA\Uninstall.exe"
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Update for Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Update for Windows XP (KB943729)-->"C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update Rollup 2 for Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
WebCyberCoach 3.2 Dell-->"C:\Program Files\WebCyberCoach\b_Dell\WCC_Wipe.exe" "WebCyberCoach ext\wtrb" /inf "engine.inf,RealUninstallSection,,4" /infcfg "enginecf.inf,RealUninstallSection,,4"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]-->C:\WINDOWS\$NtUninstallEmeraldQFE2$\spuninst\spuninst.exe
Windows Media Player 10-->MsiExec.exe /I{33BB4982-DC52-4886-A03B-F4C5C80BEE89}
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WordPerfect Office 12-->MsiExec.exe /I{AF19F291-F22F-4798-9662-525305AE9E48}

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: McAfee VirusScan
FW: McAfee Personal Firewall

System event log

Computer Name: D8YS4S81
Event Code: 7035
Message: The DSproct service was successfully sent a start control.

Record Number: 49923
Source Name: Service Control Manager
Time Written: 20081019093936.000000-240
Event Type: information
User: D8YS4S81\Lindsey

Computer Name: D8YS4S81
Event Code: 7036
Message: The Network Location Awareness (NLA) service entered the running state.

Record Number: 49922
Source Name: Service Control Manager
Time Written: 20081019093935.000000-240
Event Type: information
User:

Computer Name: D8YS4S81
Event Code: 7035
Message: The Network Location Awareness (NLA) service was successfully sent a start control.

Record Number: 49921
Source Name: Service Control Manager
Time Written: 20081019093935.000000-240
Event Type: information
User: NT AUTHORITY\SYSTEM

Computer Name: D8YS4S81
Event Code: 7035
Message: The Remote Access Connection Manager service was successfully sent a start control.

Record Number: 49920
Source Name: Service Control Manager
Time Written: 20081019093935.000000-240
Event Type: information
User: D8YS4S81\Lindsey

Computer Name: D8YS4S81
Event Code: 7035
Message: The COM+ System Application service was successfully sent a start control.

Record Number: 49919
Source Name: Service Control Manager
Time Written: 20081019093935.000000-240
Event Type: information
User: NT AUTHORITY\SYSTEM

Application event log

Computer Name: D8YS4S81
Event Code: 1004
Message: Detection of product '{8A9B8148-DDD7-448F-BD6C-358386D32354}', feature 'PaintShopPhotoAlbum', component '{25F669D8-9DC1-44D1-A06B-28E42E930387}' failed. The resource 'HKEY_CURRENT_USER\Software\Corel\Auto Update\{8A9B8148-DDD7-448F-BD6C-358386D32354}\Interval' does not exist.

Record Number: 17457
Source Name: MsiInstaller
Time Written: 20081112195546.000000-300
Event Type: warning
User: D8YS4S81\Lindsey

Computer Name: D8YS4S81
Event Code: 1001
Message: Detection of product '{8A9B8148-DDD7-448F-BD6C-358386D32354}', feature 'PaintShopPhotoAlbum' failed during request for component '{D2D7B4BF-6CCA-11D5-8B3F-00105A9846E9}'

Record Number: 17456
Source Name: MsiInstaller
Time Written: 20081112195546.000000-300
Event Type: warning
User: D8YS4S81\Lindsey

Computer Name: D8YS4S81
Event Code: 1004
Message: Detection of product '{8A9B8148-DDD7-448F-BD6C-358386D32354}', feature 'PaintShopPhotoAlbum', component '{25F669D8-9DC1-44D1-A06B-28E42E930387}' failed. The resource 'HKEY_CURRENT_USER\Software\Corel\Auto Update\{8A9B8148-DDD7-448F-BD6C-358386D32354}\Interval' does not exist.

Record Number: 17455
Source Name: MsiInstaller
Time Written: 20081112195546.000000-300
Event Type: warning
User: D8YS4S81\Lindsey

Computer Name: D8YS4S81
Event Code: 1001
Message: Detection of product '{8A9B8148-DDD7-448F-BD6C-358386D32354}', feature 'PaintShopPhotoAlbum' failed during request for component '{D2D7B4BF-6CCA-11D5-8B3F-00105A9846E9}'

Record Number: 17454
Source Name: MsiInstaller
Time Written: 20081112195546.000000-300
Event Type: warning
User: D8YS4S81\Lindsey

Computer Name: D8YS4S81
Event Code: 1004
Message: Detection of product '{8A9B8148-DDD7-448F-BD6C-358386D32354}', feature 'PaintShopPhotoAlbum', component '{25F669D8-9DC1-44D1-A06B-28E42E930387}' failed. The resource 'HKEY_CURRENT_USER\Software\Corel\Auto Update\{8A9B8148-DDD7-448F-BD6C-358386D32354}\Interval' does not exist.

Record Number: 17453
Source Name: MsiInstaller
Time Written: 20081112195546.000000-300
Event Type: warning
User: D8YS4S81\Lindsey

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\QuickTime\QTSystem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Hi OleTomCat

1 - Remove bad HijackThis entries

Run HijackThis
Click on the Scan button
Put a check beside all of the items listed below (if present):



R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DE
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askR...8&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askR...gct=&gc=1&q=%s
O8 - Extra context menu item: &Search - ?p=ZCxdm565YYUS


Close all open windows and browsers/email, etc...
Click on the "Fix Checked" button
When completed, close the application.

2 - Clean temp files

Download and Run ATF Cleaner
Download ATF (Atribune Temp File) Cleaner© by Atribune (http://www.atribune.org/ccount/click.php?id=1) to your desktop.Double-click ATF Cleaner.exe to open it.

Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.

if you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

if you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.


Click Exit on the Main menu to close the program


3 - Kaspersky Online Scan

Please go to Kaspersky website (http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html) and perform an online antivirus scan.

Read through the requirements and privacy statement and click on Accept button.
It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
When the downloads have finished, click on Settings.
Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button: Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Mail databases Click on My Computer under Scan.
Once the scan is complete, it will display the results. Click on View Scan Report.
You will see a list of infected items there. Click on Save Report As....
Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
Please post this log in your next reply.

4 - Run Hijackthis
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad

5 - Status Check
Please reply with

1. the Kaspersky online scanner report
2. a fresh HijackThis log
How's the computer running now? Any problems?

Thanks peku006

KASPERSKY ONLINE SCANNER 7 REPORTKASPERSKY ONLINE SCANNER 7 REPORT
Monday, January 19, 2009
Operating System: Microsoft Windows XP Professional Service Pack 3 (build
2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, January 19, 2009 10:14:39
Records in database: 1646830


Scan settings
Scan using the following databaseextended
Scan archivesyes
Scan mail databasesyes

Scan areaMy Computer
C:\
D:\

Scan statistics
Files scanned71536
Threat name10
Infected objects14
Suspicious objects0
Duration of the scan02:30:04

File nameThreat nameThreats count
C:\Qoobox\Quarantine\C\Program
Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL.virInfected:
not-a-virus:WebToolbar.Win32.MyWebSearch.al1

C:\Qoobox\Quarantine\C\Program
Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL.virInfected:
not-a-virus:WebToolbar.Win32.MyWebSearch1

C:\Qoobox\Quarantine\C\Program
Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL.virInfected:
not-a-virus:WebToolbar.Win32.MyWebSearch.an1

C:\Qoobox\Quarantine\C\Program
Files\MyWebSearch\bar\1.bin\F3REPROX.DLL.virInfected:
not-a-virus:AdTool.Win32.MyWebSearch.cy1

C:\Qoobox\Quarantine\C\Program
Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL.virInfected:
not-a-virus:WebToolbar.Win32.MyWebSearch.al1

C:\Qoobox\Quarantine\C\Program
Files\MyWebSearch\bar\1.bin\M3HTML.DLL.virInfected:
not-a-virus:WebToolbar.Win32.MyWebSearch.f1

C:\Qoobox\Quarantine\C\Program
Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL.virInfected:
not-a-virus:WebToolbar.Win32.MyWebSearch.an1

C:\Qoobox\Quarantine\C\Program
Files\MyWebSearch\bar\1.bin\M3SKIN.DLL.virInfected:
not-a-virus:WebToolbar.Win32.MyWebSearch.ad1

C:\Qoobox\Quarantine\C\Program
Files\MyWebSearch\bar\1.bin\MWSBAR.DLL.virInfected:
not-a-virus:WebToolbar.Win32.MyWebSearch.an1

C:\Qoobox\Quarantine\C\Program
Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL.virInfected:
not-a-virus:WebToolbar.Win32.MyWebSearch.q1

C:\Qoobox\Quarantine\C\Program
Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL.virInfected:
not-a-virus:WebToolbar.Win32.MyWebSearch1

C:\Qoobox\Quarantine\C\Program
Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL.virInfected:
not-a-virus:WebToolbar.Win32.MyWebSearch.i1

C:\Qoobox\Quarantine\C\Program
Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL.virInfected:
not-a-virus:WebToolbar.Win32.MyWebSearch.ai1

C:\Qoobox\Quarantine\C\WINDOWS\dwltqnmx.exe.virInfected:
not-a-virus:AdWare.Win32.Vapsup.dil1

The selected area was scanned.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:32:01 PM, on 1/19/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell Photo AIO Printer 942\memcard.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DellMCM] "C:\Program Files\Dell Photo AIO Printer 942\memcard.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Dell Photo AIO Printer 942] "C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1231901144156
O17 - HKLM\System\CCS\Services\Tcpip\..\{B808F886-1A5C-49D0-8FC8-A6D54E8A2598}: NameServer = 192.168.1.1,4.2.2.2
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlbu_device - - C:\WINDOWS\system32\dlbucoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 10484 bytes

Still running like a turd, but getting better with each passing scan....

Hi OleTomCat

System Still Slow?
You may wish to try StartupLite. (http://www.malwarebytes.org/startuplite.php) Simply download this tool to your desktop and run it. It will explain any optional auto-start programs on your system, and offer the option to stop these programs from starting at startup. This will result in fewer programs running when you boot your system, and should improve preformance.
If that does not work, you can try the steps mentioned in Slow Computer/browser? Check Here First; It May Not Be Malware (http://www.bleepingcomputer.com/forums/index.php?showtopic=87058&view=findpost&p=487112)

post back if it helped.

Thanks peku006

Is the system clean?

It may be that I am just used to my machine which is really fast.

Hi OleTomCat

Great that your machine is running better now, the scans are fine and it looks like your machine is clean :yahoo:

Delete RSIT from your desktop, also delete this folder C:\rsit.

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Disable and Enable System Restore-WINDOWS XP
This is a good time to clear your existing system restore points and establish a new clean restore point:

Turn off System Restore
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
Reboot.
Turn ON System Restore
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.
This will remove all restore points except the new one you just created.

Here are some free programs I recommend that could help you improve your computer's security.

Spybot Search and Destroy 1.6
Download it from here (http://www.safer-networking.org/en/mirrors/index.html). Just choose a mirror and off you go.
Find here the tutorial on how to use Spybot properly here (http://www.bleepingcomputer.com/tutorials/tutorial43.html)

Install SpyWare Blaster 4.0
Download it from here (http://www.javacoolsoftware.com/spywareblaster.html)
Find here the tutorial on how to use Spyware Blaster here (http://www.bleepingcomputer.com/tutorials/tutorial49.html)

Install WinPatrol
Download it from here (http://www.winpatrol.com/download.html)
Here you can find information about how WinPatrol works here (http://www.winpatrol.com/features.html)

Install FireTrust SiteHound
You can find information and download it from here (http://www.firetrust.com/en/products/sitehound)

Install MVPS Hosts File from here (http://mvps.org/winhelp2002/hosts.htm)
The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
Find Tutorial here : http://www.mvps.org/winhelp2002/hosts.htm

Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector (http://secunia.com/software_inspector/)
F-secure Health Check (http://www.f-secure.com/weblog/archives/00001356.html)

Visit Microsoft often to get the latest updates for your computer.
http://www.update.microsoft.com

Please check out Tony Klein's article "How did I get infected in the first place?" (http://forums.spybot.info/showthread.php?t=279)

Read some information here (http://users.telenet.be/bluepatchy/miekiemoes/prevention.html) how to prevent Malware.


Happy safe surfing! :bigthumb:

Peku,

I just ran Spybot and it is still showing three PUPS that it can not get rid of:

Company: WildTangent, Inc.
Product: WildTangent Visualizers
Threat: PUPS

Company URL:
_http://www.wildtangent.com/_
Company product URL:
_http://www.wildtangent.com/candy/visualizers.html_
Company privacy URL:
_http://www.wildtangent.com/candy/privacy.html_

Functionality
Visualization for Media Players, Platform for games

Description
Configuration information is transmitted on a regular basis.

Privacy Statement
If you download our Web Driver software it will gather and store information about your computer that is specifically related to the functioning of the Web Driver software, such as processor type or the presence or absence of graphics accelerators and the related software drivers. The Web Driver software will not gather information from your computer about you, such as general application software you have installed or personal data that you store on your computer. The Web Driver software will report this configuration information to us on a regular basis. We use this information to identify your system's capability and to optimize the delivery of content to the Web Driver.

Hi OleTomCat

Viewpoint Media Player
For your information, Viewpoint is installed by aol probably without your knowledge. I suggest you uninstall this resource waster in Add Remove programs.
http://www.spywareinfo.com/newsletter/archives/2005/nov4.php#viewpoint
http://www.clickz.com/news/article.php/3561546
http://vil.nai.com/vil/content/v_137262.htm

Is Viewpoint the source of the PUPS?

Hi Peter

Is Viewpoint the source of the PUPS?
No

Sorry, it was my fault,I forgot this.....:oops:

Please download OTScanIt2 from Geeks to Go (http://oldtimer.geekstogo.com/OTScanIt2.exe) or Bleeping Computer (http://download.bleepingcomputer.com/oldtimer/OTScanIt2.exe). Save it to your desktop.

Double click on OTScanIt2.exe to run it.
Click on Extract. Once done, you will be prompted. Click OK and click Close.
Double click on the OTScanIt2 folder. Double click on OTScanIt2.exe to run it.
Under Rookit Search, select Yes.
Click on Run Scan at the top left hand corner.
When done, Notepad will open. Please post this log in your next reply.

Thanks peku006

OTScanIt2 logfile created on: 1/21/2009 6:35:36 AM - Run 1
OTScanIt2 by OldTimer - Version 1.0.6.2 Folder = C:\Documents and Settings\Lindsey\Desktop\OTScanIt2
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.37 Mb Total Physical Memory | 107.84 Mb Available Physical Memory | 21.42% Memory free
1.20 Gb Paging File | 0.53 Gb Available in Paging File | 44.34% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32.55 Gb Total Space | 15.71 Gb Free Space | 48.26% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: D8YS4S81
Current User Name: Lindsey
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

[Processes - Safe List]
apntex.exe -> %ProgramFiles%\Apoint\ApntEx.exe -> [2004/08/19 15:40:08 | 00,045,056 | ---- | M] (Alps Electric Co., Ltd.)
apoint.exe -> %ProgramFiles%\Apoint\Apoint.exe -> [2004/09/13 17:33:20 | 00,155,648 | ---- | M] (Alps Electric Co., Ltd.)
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.)
dlbubmgr.exe -> %ProgramFiles%\Dell Photo AIO Printer 942\dlbubmgr.exe -> [2004/08/31 09:18:44 | 00,294,912 | ---- | M] ()
dlbubmon.exe -> %ProgramFiles%\Dell Photo AIO Printer 942\dlbubmon.exe -> [2004/08/31 09:34:08 | 00,102,400 | ---- | M] ()
dsagnt.exe -> %ProgramFiles%\DellSupport\DSAgnt.exe -> [2007/03/15 10:09:36 | 00,460,784 | ---- | M] (Gteko Ltd.)
ehmsas.exe -> %SystemRoot%\ehome\ehmsas.exe -> [2005/08/05 14:56:28 | 00,046,592 | ---- | M] (Microsoft Corporation)
ehrecvr.exe -> %SystemRoot%\ehome\ehrecvr.exe -> [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation)
ehsched.exe -> %SystemRoot%\ehome\ehSched.exe -> [2005/08/05 14:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation)
ehtray.exe -> %SystemRoot%\ehome\ehtray.exe -> [2005/08/05 14:56:34 | 00,064,512 | ---- | M] (Microsoft Corporation)
evteng.exe -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> [2004/09/07 17:02:40 | 00,086,016 | ---- | M] (Intel Corporation)
hkcmd.exe -> %SystemRoot%\system32\hkcmd.exe -> [2005/10/14 14:46:34 | 00,077,824 | ---- | M] (Intel Corporation)
iexplore.exe -> %ProgramFiles%\Internet Explorer\iexplore.exe -> [2008/10/15 02:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation)
ifrmewrk.exe -> %ProgramFiles%\Intel\Wireless\Bin\iFrmewrk.exe -> [2004/10/30 15:59:54 | 00,385,024 | ---- | M] (Intel Corporation)
igfxpers.exe -> %SystemRoot%\system32\igfxpers.exe -> [2005/10/14 14:50:30 | 00,114,688 | ---- | M] (Intel Corporation)
igfxsrvc.exe -> %SystemRoot%\system32\igfxsrvc.exe -> [2005/10/14 14:46:24 | 00,159,744 | ---- | M] (Intel Corporation)
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> [2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.)
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> [2008/11/20 13:20:54 | 00,290,088 | ---- | M] (Apple Inc.)
jqs.exe -> %ProgramFiles%\Java\jre6\bin\jqs.exe -> [2009/01/13 19:00:02 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.)
lxrjd31s.exe -> %SystemRoot%\system32\LxrJD31s.exe -> [2006/03/28 18:18:29 | 00,071,168 | ---- | M] ()
mcagent.exe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe -> [2007/11/01 18:12:38 | 00,582,992 | ---- | M] (McAfee, Inc.)
mcmscsvc.exe -> %ProgramFiles%\McAfee\MSC\mcmscsvc.exe -> [2008/01/09 15:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.)
mcnasvc.exe -> %CommonProgramFiles%\McAfee\MNA\McNASvc.exe -> [2008/01/25 00:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.)
mcproxy.exe -> %CommonProgramFiles%\McAfee\McProxy\McProxy.exe -> [2007/08/15 11:36:04 | 00,359,248 | ---- | M] (McAfee, Inc.)
mcrdsvc.exe -> %SystemRoot%\ehome\mcrdsvc.exe -> [2005/08/05 14:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation)
mcshield.exe -> %ProgramFiles%\McAfee\VirusScan\Mcshield.exe -> [2007/07/24 11:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.)
mcsysmon.exe -> %ProgramFiles%\McAfee\VirusScan\mcsysmon.exe -> [2007/12/05 09:04:10 | 00,695,624 | ---- | M] (McAfee, Inc.)
mdnsresponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.)
mediadetect.exe -> %ProgramFiles%\Corel\Corel Photo Album 6\MediaDetect.exe -> [2005/11/16 19:08:40 | 00,106,496 | ---- | M] (Corel, Inc.)
memcard.exe -> %ProgramFiles%\Dell Photo AIO Printer 942\memcard.exe -> [2004/07/27 09:08:22 | 00,262,144 | ---- | M] ()
mpfsrv.exe -> %ProgramFiles%\McAfee\MPF\MpfSrv.exe -> [2007/07/18 14:54:42 | 00,856,864 | ---- | M] (McAfee, Inc.)
msksrver.exe -> %ProgramFiles%\McAfee\MSK\msksrver.exe -> [2007/11/26 09:46:14 | 00,023,880 | ---- | M] (McAfee, Inc.)
nicconfigsvc.exe -> %ProgramFiles%\Dell\NicConfigSvc\NicConfigSvc.exe -> [2005/03/04 00:29:02 | 00,356,352 | ---- | M] (Dell Inc.)
otscanit2.exe -> %UserProfile%\Desktop\OTScanIt2\OTScanIt2.exe -> [2009/01/09 09:03:22 | 00,485,376 | ---- | M] (OldTimer Tools)
quickset.exe -> %ProgramFiles%\Dell\QuickSet\quickset.exe -> [2005/03/04 12:26:08 | 00,606,208 | ---- | M] ()
regsrvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> [2004/09/07 17:02:04 | 00,139,264 | ---- | M] (Intel Corporation)
rundll32.exe -> %SystemRoot%\system32\rundll32.exe -> [2008/04/13 19:12:33 | 00,033,280 | ---- | M] (Microsoft Corporation)
s24evmon.exe -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> [2004/09/07 17:05:10 | 00,360,521 | ---- | M] (Intel Corporation )
searchfilterhost.exe -> %SystemRoot%\system32\searchfilterhost.exe -> [2008/05/26 22:17:56 | 00,087,552 | ---- | M] (Microsoft Corporation)
searchindexer.exe -> %SystemRoot%\system32\searchindexer.exe -> [2008/05/26 22:18:44 | 00,439,808 | ---- | M] (Microsoft Corporation)
searchprotocolhost.exe -> %SystemRoot%\system32\searchprotocolhost.exe -> [2008/05/26 22:18:18 | 00,184,832 | ---- | M] (Microsoft Corporation)
siteadv.exe -> %ProgramFiles%\SiteAdvisor\6261\SiteAdv.exe -> [2007/03/30 10:42:50 | 00,036,904 | ---- | M] (McAfee, Inc.)
spybotsd.exe -> %ProgramFiles%\Spybot - Search & Destroy\SpybotSD.exe -> [2008/07/07 09:42:04 | 04,891,472 | RHS- | M] (Safer Networking Limited)
teatimer.exe -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe -> [2008/09/16 12:16:08 | 01,833,296 | RHS- | M] (Safer Networking Limited)
tfswctrl.exe -> %SystemRoot%\system32\dla\tfswctrl.exe -> [2004/12/06 02:05:00 | 00,127,035 | ---- | M] (Sonic Solutions)
windowssearch.exe -> %ProgramFiles%\Windows Desktop Search\WindowsSearch.exe -> [2008/05/26 22:19:14 | 00,123,904 | ---- | M] (Microsoft Corporation)
wlkeeper.exe -> %ProgramFiles%\Intel\Wireless\Bin\WLKEEPER.exe -> [2004/09/07 17:12:32 | 00,225,353 | ---- | M] (Intel® Corporation)
wmiprvse.exe -> %SystemRoot%\system32\wbem\wmiprvse.exe -> [2008/04/13 19:12:40 | 00,218,112 | ---- | M] (Microsoft Corporation)
zcfgsvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\ZCfgSvc.exe -> [2004/09/07 17:08:02 | 00,389,120 | ---- | M] (Intel Corporation)

[Win32 Services - Safe List]
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.)
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation)
(Bonjour Service) Bonjour Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.)
(clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation)
(dlbu_device) dlbu_device [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\dlbucoms.exe -> [2007/02/28 18:38:18 | 00,538,096 | ---- | M] ( )
(DSBrokerService) DSBrokerService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\DellSupport\brkrsvc.exe -> [2007/03/07 14:47:46 | 00,076,848 | ---- | M] ()
(ehRecvr) Media Center Receiver Service [Win32_Own | Auto | Running] -> %SystemRoot%\ehome\ehrecvr.exe -> [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation)
(ehSched) Media Center Scheduler Service [Win32_Own | Auto | Running] -> %SystemRoot%\ehome\ehSched.exe -> [2005/08/05 14:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation)
(EvtEng) EvtEng [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> [2004/09/07 17:02:40 | 00,086,016 | ---- | M] (Intel Corporation)
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation)
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> [2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.)
(JavaQuickStarterService) Java Quick Starter [Win32_Own | Auto | Running] -> %ProgramFiles%\Java\jre6\bin\jqs.exe -> [2009/01/13 19:00:02 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.)
(LxrJD31s) Lexar JD31 [Win32_Own | Auto | Running] -> %SystemRoot%\system32\LxrJD31s.exe -> [2006/03/28 18:18:29 | 00,071,168 | ---- | M] ()
(mcmscsvc) McAfee Services [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MSC\mcmscsvc.exe -> [2008/01/09 15:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.)
(McNASvc) McAfee Network Agent [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\MNA\McNASvc.exe -> [2008/01/25 00:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.)
(McODS) McAfee Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\McAfee\VirusScan\mcods.exe -> [2007/11/07 08:35:40 | 00,378,184 | ---- | M] (McAfee, Inc.)
(McProxy) McAfee Proxy Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\McProxy\McProxy.exe -> [2007/08/15 11:36:04 | 00,359,248 | ---- | M] (McAfee, Inc.)
(McrdSvc) Media Center Extender Service [Win32_Own | Auto | Running] -> %SystemRoot%\ehome\mcrdsvc.exe -> [2005/08/05 14:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation)
(McShield) McAfee Real-time Scanner [Win32_Own | Unknown | Running] -> %ProgramFiles%\McAfee\VirusScan\Mcshield.exe -> [2007/07/24 11:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.)
(McSysmon) McAfee SystemGuards [Win32_Own | On_Demand | Running] -> %ProgramFiles%\McAfee\VirusScan\mcsysmon.exe -> [2007/12/05 09:04:10 | 00,695,624 | ---- | M] (McAfee, Inc.)
(MpfService) McAfee Personal Firewall Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MPF\MpfSrv.exe -> [2007/07/18 14:54:42 | 00,856,864 | ---- | M] (McAfee, Inc.)
(MSK80Service) McAfee SpamKiller Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MSK\msksrver.exe -> [2007/11/26 09:46:14 | 00,023,880 | ---- | M] (McAfee, Inc.)
(NICCONFIGSVC) NICCONFIGSVC [Win32_Own | Auto | Running] -> %ProgramFiles%\Dell\NicConfigSvc\NicConfigSvc.exe -> [2005/03/04 00:29:02 | 00,356,352 | ---- | M] (Dell Inc.)
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation)
(RegSrvc) RegSrvc [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> [2004/09/07 17:02:04 | 00,139,264 | ---- | M] (Intel Corporation)
(S24EventMonitor) Spectrum24 Event Monitor [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> [2004/09/07 17:05:10 | 00,360,521 | ---- | M] (Intel Corporation )
(WLANKEEPER) WLANKEEPER [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\WLKEEPER.exe -> [2004/09/07 17:12:32 | 00,225,353 | ---- | M] (Intel® Corporation)
(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation)
(WSearch) Windows Search [Win32_Own | Auto | Running] -> %SystemRoot%\system32\searchindexer.exe -> [2008/05/26 22:18:44 | 00,439,808 | ---- | M] (Microsoft Corporation)

[Driver Services - Safe List]
(AegisP) AEGIS Protocol (IEEE 802.1x) v3.1.0.1 [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\AegisP.sys -> [2005/11/04 00:22:27 | 00,017,056 | ---- | M] (Meetinghouse Data Communications)
(AliIde) AliIde [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\aliide.sys -> [2001/08/17 14:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.)
(amdagp) AMD AGP Bus Filter Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\amdagp.sys -> [2008/04/13 13:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.)
(ApfiltrService) Alps Touch Pad Filter Driver for Windows 2000/XP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Apfiltr.sys -> [2004/11/16 17:03:52 | 00,108,791 | ---- | M] (Alps Electric Co., Ltd.)
(APPDRV) APPDRV [Kernel | System | Running] -> %SystemRoot%\system32\drivers\APPDRV.SYS -> [2004/08/18 15:53:54 | 00,016,128 | ---- | M] (Dell Inc)
(asc) asc [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\asc.sys -> [2001/08/17 14:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.)
(asc3550) asc3550 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\asc3550.sys -> [2001/08/17 14:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.)
(ASCTRM) ASCTRM [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\asctrm.sys -> [2005/11/04 00:28:50 | 00,008,552 | ---- | M] (Windows (R) 2000 DDK provider)
(bcm4sbxp) Broadcom 440x 10/100 Integrated Controller XP Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\bcm4sbxp.sys -> [2004/05/26 21:18:18 | 00,044,928 | ---- | M] (Broadcom Corporation)
(CmdIde) CmdIde [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\cmdide.sys -> [2001/08/17 14:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.)
(dac2w2k) dac2w2k [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dac2w2k.sys -> [2001/08/17 14:52:16 | 00,179,584 | ---- | M] (Mylex Corporation)
(drvmcdb) drvmcdb [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\drvmcdb.sys -> [2004/12/01 04:22:00 | 00,087,488 | ---- | M] (Sonic Solutions)
(drvnddm) drvnddm [File_System | Auto | Running] -> %SystemRoot%\system32\drivers\drvnddm.sys -> [2004/11/23 03:56:00 | 00,040,480 | ---- | M] (Sonic Solutions)
(DSproct) DSproct [Kernel | On_Demand | Running] -> %ProgramFiles%\DellSupport\GTAction\triggers\DSproct.sys -> [2006/10/05 15:07:28 | 00,004,736 | ---- | M] (Gteko Ltd.)
(dsunidrv) DellSupport UniDriver [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\dsunidrv.sys -> [2007/02/25 11:10:48 | 00,005,376 | --S- | M] (Gteko Ltd.)
(E100B) Intel(R) PRO Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\e100b325.sys -> [2001/08/17 13:12:10 | 00,117,760 | ---- | M] (Intel Corporation)
(GearAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\GEARAspiWDM.sys -> [2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.)
(HSFHWICH) HSFHWICH [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSFHWICH.sys -> [2005/05/03 15:08:50 | 00,208,384 | ---- | M] (Conexant Systems, Inc.)
(HSF_DP) HSF_DP [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HSF_DP.sys -> [2004/06/17 21:55:04 | 01,041,536 | ---- | M] (Conexant Systems, Inc.)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_DPV.SYS -> [2005/05/03 15:09:28 | 01,033,728 | ---- | M] (Conexant Systems, Inc.)
(ialm) ialm [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ialmnt5.sys -> [2005/10/14 15:15:18 | 01,302,812 | ---- | M] (Intel Corporation)
(IWCA) Intel Wireless Connection Agent Miniport for Win XP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\iwca.sys -> [2004/08/12 09:44:04 | 00,234,496 | ---- | M] (Intel Corporation)
(LxrJD31d) LxrJD31d [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\LxrJD31d.sys -> [2006/03/28 18:18:29 | 00,069,824 | ---- | M] ()
(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\mdmxsdk.sys -> [2004/03/17 12:04:14 | 00,013,059 | ---- | M] (Conexant)
(mfeavfk) McAfee Inc. mfeavfk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\mfeavfk.sys -> [2007/11/22 05:44:08 | 00,079,304 | ---- | M] (McAfee, Inc.)
(mfebopk) McAfee Inc. mfebopk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\mfebopk.sys -> [2007/11/22 05:44:08 | 00,035,240 | ---- | M] (McAfee, Inc.)
(mfehidk) McAfee Inc. mfehidk [Kernel | System | Running] -> %SystemRoot%\system32\drivers\mfehidk.sys -> [2007/11/22 05:44:08 | 00,201,320 | ---- | M] (McAfee, Inc.)
(mferkdk) McAfee Inc. mferkdk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\mferkdk.sys -> [2007/11/22 05:44:04 | 00,033,832 | ---- | M] (McAfee, Inc.)
(mfesmfk) McAfee Inc. mfesmfk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\mfesmfk.sys -> [2007/12/02 11:51:42 | 00,040,488 | ---- | M] (McAfee, Inc.)
(MPFP) MPFP [Kernel | System | Running] -> %SystemRoot%\system32\drivers\Mpfp.sys -> [2007/07/13 05:20:24 | 00,113,952 | ---- | M] (McAfee, Inc.)
(mraid35x) mraid35x [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\mraid35x.sys -> [2001/08/17 14:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.)
(nv) nv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> [2004/08/03 23:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation)
(omci) OMCI WDM Device Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\omci.sys -> [2004/02/13 17:46:00 | 00,017,153 | ---- | M] (Dell Inc)
(Pcouffin) Low level access layer for CD devices [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Pcouffin.sys -> [2005/12/09 21:20:23 | 00,031,680 | ---- | M] (VSO Software)
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2004/08/10 06:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> [2005/04/25 03:03:00 | 00,020,640 | ---- | M] (Sonic Solutions)
(ql1080) ql1080 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql1080.sys -> [2001/08/17 14:52:20 | 00,040,320 | ---- | M] (QLogic Corporation)
(ql12160) ql12160 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql12160.sys -> [2001/08/17 14:52:20 | 00,045,312 | ---- | M] (QLogic Corporation)
(ql1280) ql1280 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql1280.sys -> [2001/08/17 14:52:18 | 00,049,024 | ---- | M] (QLogic Corporation)
(s24trans) WLAN Transport [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\s24trans.sys -> [2004/08/31 09:53:04 | 00,011,354 | ---- | M] (Intel Corporation)
(sdbus) sdbus [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\sdbus.sys -> [2008/04/13 13:36:44 | 00,079,232 | ---- | M] (Microsoft Corporation)
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(sffdisk) SFF Storage Class Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\sffdisk.sys -> [2008/04/13 13:40:47 | 00,011,904 | ---- | M] (Microsoft Corporation)
(sffp_sd) SFF Storage Protocol Driver for SDBus [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\sffp_sd.sys -> [2008/04/13 13:40:47 | 00,011,008 | ---- | M] (Microsoft Corporation)
(sisagp) SIS AGP Bus Filter [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sisagp.sys -> [2008/04/13 13:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation)
(Sparrow) Sparrow [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sparrow.sys -> [2001/08/17 15:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.)
(sscdbhk5) sscdbhk5 [File_System | System | Running] -> %SystemRoot%\system32\drivers\sscdbhk5.sys -> [2004/07/14 12:29:04 | 00,005,627 | ---- | M] (Sonic Solutions)
(ssrtln) ssrtln [File_System | System | Running] -> %SystemRoot%\system32\drivers\ssrtln.sys -> [2004/07/14 12:28:50 | 00,023,545 | ---- | M] (Sonic Solutions)
(STAC97) SigmaTel C-Major Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\STAC97.sys -> [2005/03/10 23:56:06 | 00,273,168 | ---- | M] (SigmaTel, Inc.)
(symc810) symc810 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\symc810.sys -> [2001/08/17 15:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.)
(symc8xx) symc8xx [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\symc8xx.sys -> [2001/08/17 15:07:36 | 00,032,640 | ---- | M] (LSI Logic)
(sym_hi) sym_hi [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sym_hi.sys -> [2001/08/17 15:07:40 | 00,028,384 | ---- | M] (LSI Logic)
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sym_u3.sys -> [2001/08/17 15:07:42 | 00,030,688 | ---- | M] (LSI Logic)
(tfsnboio) tfsnboio [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsnboio.sys -> [2004/12/06 02:05:00 | 00,025,883 | ---- | M] (Sonic Solutions)
(tfsncofs) tfsncofs [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsncofs.sys -> [2004/12/06 02:05:00 | 00,034,843 | ---- | M] (Sonic Solutions)
(tfsndrct) tfsndrct [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsndrct.sys -> [2004/12/06 02:05:00 | 00,004,123 | ---- | M] (Sonic Solutions)
(tfsndres) tfsndres [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsndres.sys -> [2004/12/06 02:05:00 | 00,002,239 | ---- | M] (Sonic Solutions)
(tfsnifs) tfsnifs [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsnifs.sys -> [2004/12/06 02:05:00 | 00,086,586 | ---- | M] (Sonic Solutions)
(tfsnopio) tfsnopio [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsnopio.sys -> [2004/12/06 02:05:00 | 00,015,227 | ---- | M] (Sonic Solutions)
(tfsnpool) tfsnpool [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsnpool.sys -> [2004/12/06 02:05:00 | 00,006,363 | ---- | M] (Sonic Solutions)
(tfsnudf) tfsnudf [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsnudf.sys -> [2004/12/06 02:05:00 | 00,098,714 | ---- | M] (Sonic Solutions)
(tfsnudfa) tfsnudfa [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsnudfa.sys -> [2004/12/06 02:05:00 | 00,100,603 | ---- | M] (Sonic Solutions)
(ultra) ultra [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ultra.sys -> [2001/08/17 14:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.)
(w29n51) Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\w29n51.sys -> [2004/10/21 21:56:04 | 03,210,496 | ---- | M] (Intel® Corporation)
(winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_CNXT.sys -> [2005/05/03 15:08:44 | 00,705,408 | ---- | M] (Conexant Systems, Inc.)
(WS2IFSL) Windows Socket 2.0 Non-IFS Service Provider Support Environment [Kernel | System | Running] -> %SystemRoot%\system32\drivers\ws2ifsl.sys -> [2004/08/10 06:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation)

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> ->
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.aol.com/?src=aim ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
HKEY_CURRENT_USER\: "ProxyOverride" -> *.local ->
< HOSTS File > (290515 bytes and 10055 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
First 25 entries...
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 www.1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{089FD14D-132B-48FC-8861-0048AE113215} [HKLM] -> %ProgramFiles%\SiteAdvisor\6261\SiteAdv.dll [Reg Error: Value does not exist or could not be read.] -> [2008/05/16 11:49:40 | 00,927,008 | ---- | M] ()
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2008/06/11 22:33:16 | 00,075,128 | ---- | M] (Adobe Systems Incorporated)
{377C180E-6F0E-4D4C-980F-F45BD3D40CF4} [HKLM] -> %ProgramFiles%\McAfee\MSK\mcapbho.dll [McAfee Phishing Filter] -> [2007/11/26 09:46:10 | 00,324,936 | ---- | M] ()
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2008/09/15 14:25:44 | 01,562,960 | RHS- | M] (Safer Networking Limited)
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> %SystemRoot%\system32\dla\tfswshx.dll [DriveLetterAccess] -> [2004/12/06 02:05:00 | 00,118,842 | ---- | M] (Sonic Solutions)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre6\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2009/01/13 19:00:02 | 00,320,920 | ---- | M] (Sun Microsystems, Inc.)
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> %ProgramFiles%\McAfee\VirusScan\scriptsn.dll [scriptproxy] -> [2007/11/09 11:09:08 | 00,058,688 | ---- | M] (McAfee, Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> %ProgramFiles%\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/01/13 19:00:02 | 00,034,816 | ---- | M] (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} [HKLM] -> %ProgramFiles%\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [JQSIEStartDetectorImpl Class] -> [2009/01/13 19:00:02 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{0BF43445-2F28-4351-9252-17FE6E806AA0}" [HKLM] -> %ProgramFiles%\SiteAdvisor\6261\SiteAdv.dll [McAfee SiteAdvisor] -> [2008/05/16 11:49:40 | 00,927,008 | ---- | M] ()
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{D7F30B62-8269-41AF-9539-B2697FA7D77E}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Adobe Reader Speed Launcher" -> %ProgramFiles%\Adobe\Reader 9.0\Reader\reader_sl.exe ["C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2008/06/12 02:38:00 | 00,034,672 | ---- | M] (Adobe Systems Incorporated)
"Apoint" -> %ProgramFiles%\Apoint\Apoint.exe [C:\Program Files\Apoint\Apoint.exe] -> [2004/09/13 17:33:20 | 00,155,648 | ---- | M] (Alps Electric Co., Ltd.)
"Corel Photo Downloader" -> %ProgramFiles%\Corel\Corel Photo Album 6\MediaDetect.exe [C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe] -> [2005/11/16 19:08:40 | 00,106,496 | ---- | M] (Corel, Inc.)
"Dell Photo AIO Printer 942" -> %ProgramFiles%\Dell Photo AIO Printer 942\dlbubmgr.exe ["C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe"] -> [2004/08/31 09:18:44 | 00,294,912 | ---- | M] ()
"Dell QuickSet" -> %ProgramFiles%\Dell\QuickSet\quickset.exe [C:\Program Files\Dell\QuickSet\quickset.exe] -> [2005/03/04 12:26:08 | 00,606,208 | ---- | M] ()
"DellMCM" -> %ProgramFiles%\Dell Photo AIO Printer 942\memcard.exe ["C:\Program Files\Dell Photo AIO Printer 942\memcard.exe"] -> [2004/07/27 09:08:22 | 00,262,144 | ---- | M] ()
"dla" -> %SystemRoot%\system32\dla\tfswctrl.exe [C:\WINDOWS\system32\dla\tfswctrl.exe] -> [2004/12/06 02:05:00 | 00,127,035 | ---- | M] (Sonic Solutions)
"ehTray" -> %SystemRoot%\ehome\ehtray.exe [C:\WINDOWS\ehome\ehtray.exe] -> [2005/08/05 14:56:34 | 00,064,512 | ---- | M] (Microsoft Corporation)
"igfxhkcmd" -> %SystemRoot%\system32\hkcmd.exe [C:\WINDOWS\system32\hkcmd.exe] -> [2005/10/14 14:46:34 | 00,077,824 | ---- | M] (Intel Corporation)
"igfxpers" -> %SystemRoot%\system32\igfxpers.exe [C:\WINDOWS\system32\igfxpers.exe] -> [2005/10/14 14:50:30 | 00,114,688 | ---- | M] (Intel Corporation)
"IntelWireless" -> %ProgramFiles%\Intel\Wireless\Bin\iFrmewrk.exe [C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless] -> [2004/10/30 15:59:54 | 00,385,024 | ---- | M] (Intel Corporation)
"iTunesHelper" -> %ProgramFiles%\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> [2008/11/20 13:20:54 | 00,290,088 | ---- | M] (Apple Inc.)
"mcagent_exe" -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe [C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey] -> [2007/11/01 18:12:38 | 00,582,992 | ---- | M] (McAfee, Inc.)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"DellSupport" -> ["C:\Program Files\DellSupport\DSAgnt.exe" /startup] -> File not found
"SpybotSD TeaTimer" -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe [C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe] -> [2008/09/16 12:16:08 | 01,833,296 | RHS- | M] (Safer Networking Limited)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersProfile%\Start Menu\Programs\Startup\Windows Search.lnk -> %ProgramFiles%\Windows Desktop Search\WindowsSearch.exe -> [2008/05/26 22:19:14 | 00,123,904 | ---- | M] (Microsoft Corporation)
< Lindsey Startup Folder > -> C:\Documents and Settings\Lindsey\Start Menu\Programs\Startup ->
< Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel
\Control Panel\\"Connwiz Admin Lock" -> [0] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoCDBurning" -> [0] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" -> [0] -> File not found
\\"legalnoticecaption" -> [] -> File not found
\\"legalnoticetext" -> [] -> File not found
\\"shutdownwithoutlogon" -> [1] -> File not found
\\"undockwithoutlogon" -> [1] -> File not found
\\"InstallVisualStyle" -> %SystemRoot%\Resources\Themes\Royale\Royale.mss [C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles] -> File not found
\\"InstallTheme" -> %SystemRoot%\Resources\Themes\Royale.the [C:\WINDOWS\Resources\Themes\Royale.theme] -> File not found
\\"DisableRegistryTools" -> [0] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000] -> [2008/10/13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Research] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2008/09/15 14:25:44 | 01,562,960 | RHS- | M] (Safer Networking Limited)
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found
CmdMapping\\"{39FD89BF-D3F1-45b6-BB56-3582CCF489E1}" [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}" [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\"{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}" [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> [2008/09/15 14:25:44 | 01,562,960 | RHS- | M] (Safer Networking Limited)
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5241 domain(s) found. ->
49 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5240 domain(s) found. ->
48 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} [HKLM] -> http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab [McAfee.com Operating System Class] ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1231901144156 [MUWebControl Class] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] ->
{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab [Java Plug-in 1.4.2_03] ->
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{6F917D17-0BC2-41F5-BB0B-E344DD5F2A3F} -> (Broadcom 440x 10/100 Integrated Controller) ->
{75CC1D76-ABBA-439D-86E4-9E877F9B60B5} -> (1394 Net Adapter) ->
{B808F886-1A5C-49D0-8FC8-A6D54E8A2598} -> 192.168.1.1,4.2.2.2 (Intel(R) PRO/Wireless 2200BG Network Connection) ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> %SystemRoot%\system32\igfxdev.dll -> [2005/10/14 14:45:38 | 00,135,168 | ---- | M] (Intel Corporation)
IntelWireless -> %ProgramFiles%\Intel\Wireless\Bin\LgNotify.dll -> [2004/09/07 17:08:06 | 00,110,592 | ---- | M] (Intel Corporation)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
"{56F9679E-7826-4C84-81F3-532071A8BCC5}" [HKLM] -> %ProgramFiles%\Windows Desktop Search\MSNLNamespaceMgr.dll [] -> [2008/05/26 22:19:02 | 00,304,128 | ---- | M] (Microsoft Corporation)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 19:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\AIM\aim.exe" -> C:\Program Files\AIM\aim.exe [C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger] -> File not found
"C:\Program Files\America Online 9.0\waol.exe" -> C:\Program Files\America Online 9.0\waol.exe [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\1132031662\ee\AOLServiceHost.exe" -> C:\Program Files\Common Files\AOL\1132031662\ee\AOLServiceHost.exe [C:\Program Files\Common Files\AOL\1132031662\ee\AOLServiceHost.exe:*:Enabled:AOL Services] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" -> C:\Program Files\Common Files\AOL\Loader\aolload.exe [C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader] -> [2006/11/03 02:17:27 | 00,010,800 | ---- | M] (AOL LLC)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 19:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\AIM\aim.exe" -> C:\Program Files\AIM\aim.exe [C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger] -> File not found
"C:\Program Files\AIM6\aim6.exe" -> C:\Program Files\AIM6\aim6.exe [C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM] -> [2008/10/31 14:22:38 | 00,050,480 | ---- | M] (AOL LLC)
"C:\Program Files\Bonjour\mDNSResponder.exe" -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour] -> [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" -> C:\Program Files\Common Files\AOL\Loader\aolload.exe [C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader] -> [2006/11/03 02:17:27 | 00,010,800 | ---- | M] (AOL LLC)
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" -> C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe [C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent] -> [2008/01/25 00:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.)
"C:\Program Files\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> [2008/11/20 13:20:48 | 14,294,824 | ---- | M] (Apple Inc.)
"C:\Program Files\Messenger\msmsgs.exe" -> C:\Program Files\Messenger\msmsgs.exe [C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
"AlternateShell" -> cmd.exe ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/04/13 13:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2005/08/16 05:43:04 | 00,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
\{23a4d106-beb1-11da-8b98-001422df06ba}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{23a4d106-beb1-11da-8b98-001422df06ba}\Shell\AutoRun\command
\{23a4d106-beb1-11da-8b98-001422df06ba}\Shell\AutoRun\command\\"" -> E:\JDSecure\Windows\JDSecure31.exe [E:\JDSecure\Windows\JDSecure31.exe] -> File not found
\{361ac05d-0e0d-11da-9aa9-806d6172696f}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell
\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\\"" -> [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun
\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command
\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command\\"" -> E:\setup.exe [E:\setup.exe] -> File not found
\{63e189ee-93c1-11dc-8de7-001422df06ba}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{63e189ee-93c1-11dc-8de7-001422df06ba}\Shell
\{63e189ee-93c1-11dc-8de7-001422df06ba}\Shell\\"" -> [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{63e189ee-93c1-11dc-8de7-001422df06ba}\Shell\AutoRun
\{63e189ee-93c1-11dc-8de7-001422df06ba}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{63e189ee-93c1-11dc-8de7-001422df06ba}\Shell\AutoRun\command
\{63e189ee-93c1-11dc-8de7-001422df06ba}\Shell\AutoRun\command\\"" -> E:\LaunchU3.exe [E:\LaunchU3.exe -a] -> File not found
\{cd86c87a-b3b3-11da-8b87-001422df06ba}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cd86c87a-b3b3-11da-8b87-001422df06ba}\Shell\AutoRun\command
\{cd86c87a-b3b3-11da-8b87-001422df06ba}\Shell\AutoRun\command\\"" -> E:\JDSecure\Windows\JDSecure31.exe [E:\JDSecure\Windows\JDSecure31.exe] -> File not found


[Files/Folders - Created Within 30 Days]
1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
OTScanIt2 -> %UserProfile%\Desktop\OTScanIt2 -> [2009/01/21 06:34:32 | 00,000,000 | ---D | C]
Trouble Shooting -> %UserProfile%\Desktop\Trouble Shooting -> [2009/01/19 17:40:41 | 00,000,000 | ---D | C]
rsit -> %SystemDrive%\rsit -> [2009/01/18 18:48:00 | 00,000,000 | ---D | C]
MSNInstaller -> %AppData%\MSNInstaller -> [2009/01/17 12:46:13 | 00,000,000 | ---D | C]
Microsoft Silverlight -> %ProgramFiles%\Microsoft Silverlight -> [2009/01/16 20:50:34 | 00,000,000 | ---D | C]
Windows Desktop Search -> %AppData%\Windows Desktop Search -> [2009/01/16 20:49:57 | 00,000,000 | ---D | C]
Windows Search.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Windows Search.lnk -> [2009/01/16 20:47:59 | 00,001,787 | ---- | C] ()
Windows Desktop Search -> %ProgramFiles%\Windows Desktop Search -> [2009/01/16 20:47:40 | 00,000,000 | ---D | C]
GroupPolicy -> %SystemRoot%\System32\GroupPolicy -> [2009/01/16 20:47:40 | 00,000,000 | ---D | C]
offfilt.dll -> %SystemRoot%\System32\dllcache\offfilt.dll -> [2009/01/16 20:46:12 | 00,192,000 | ---- | C] (Microsoft Corporation)
nlhtml.dll -> %SystemRoot%\System32\dllcache\nlhtml.dll -> [2009/01/16 20:46:12 | 00,098,304 | ---- | C] (Microsoft Corporation)
mimefilt.dll -> %SystemRoot%\System32\dllcache\mimefilt.dll -> [2009/01/16 20:46:12 | 00,029,696 | ---- | C] (Microsoft Corporation)
spmsg.dll -> %SystemRoot%\System32\spmsg.dll -> [2009/01/16 20:45:54 | 00,016,760 | ---- | C] (Microsoft Corporation)
Windows Media Connect 2 -> %ProgramFiles%\Windows Media Connect 2 -> [2009/01/16 20:44:35 | 00,000,000 | ---D | C]
MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [2009/01/16 20:40:40 | 00,000,000 | -H-- | C] ()
UMDF -> %SystemRoot%\System32\drivers\UMDF -> [2009/01/16 20:40:32 | 00,000,000 | ---D | C]
ie7updates -> %SystemRoot%\ie7updates -> [2009/01/16 17:30:56 | 00,000,000 | ---D | C]
msfeedsbs.dll -> %SystemRoot%\System32\dllcache\msfeedsbs.dll -> [2009/01/16 17:30:02 | 00,052,224 | ---- | C] (Microsoft Corporation)
msfeeds.dll -> %SystemRoot%\System32\dllcache\msfeeds.dll -> [2009/01/16 17:30:01 | 00,459,264 | ---- | C] (Microsoft Corporation)
iertutil.dll -> %SystemRoot%\System32\dllcache\iertutil.dll -> [2009/01/16 17:30:01 | 00,267,776 | ---- | C] (Microsoft Corporation)
ieudinit.exe -> %SystemRoot%\System32\dllcache\ieudinit.exe -> [2009/01/16 17:30:01 | 00,013,824 | ---- | C] (Microsoft Corporation)
ieframe.dll.mui -> %SystemRoot%\System32\dllcache\ieframe.dll.mui -> [2009/01/16 17:30:00 | 00,991,232 | ---- | C] (Microsoft Corporation)
ieframe.dll -> %SystemRoot%\System32\dllcache\ieframe.dll -> [2009/01/16 17:29:59 | 06,066,176 | ---- | C] (Microsoft Corporation)
ieapfltr.dll -> %SystemRoot%\System32\dllcache\ieapfltr.dll -> [2009/01/16 17:29:59 | 00,383,488 | ---- | C] (Microsoft Corporation)
ieapfltr.dat -> %SystemRoot%\System32\dllcache\ieapfltr.dat -> [2009/01/16 17:29:58 | 02,455,488 | ---- | C] (Microsoft Corporation)
icardie.dll -> %SystemRoot%\System32\dllcache\icardie.dll -> [2009/01/16 17:29:57 | 00,063,488 | ---- | C] (Microsoft Corporation)
WBEM -> %SystemRoot%\WBEM -> [2009/01/16 17:29:15 | 00,000,000 | ---D | C]
ie7 -> %SystemRoot%\ie7 -> [2009/01/16 17:27:20 | 00,000,000 | -H-D | C]
$NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [2009/01/16 17:26:50 | 00,000,000 | -H-D | C]
$NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [2009/01/16 17:26:01 | 00,000,000 | -H-D | C]
Bonjour -> %ProgramFiles%\Bonjour -> [2009/01/15 18:11:21 | 00,000,000 | ---D | C]
iTunes.lnk -> %AllUsersProfile%\Desktop\iTunes.lnk -> [2009/01/15 18:09:53 | 00,001,804 | ---- | C] ()
iTunes -> %ProgramFiles%\iTunes -> [2009/01/15 18:08:41 | 00,000,000 | ---D | C]
{3276BE95_AF08_429F_A64F_CA64CB79BCF6} -> %AllUsersProfile%\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} -> [2009/01/15 18:08:41 | 00,000,000 | ---D | C]
QuickTime -> %ProgramFiles%\QuickTime -> [2009/01/15 18:04:46 | 00,000,000 | ---D | C]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [2009/01/15 17:55:02 | 00,000,284 | ---- | C] ()
Apple Software Update -> %ProgramFiles%\Apple Software Update -> [2009/01/15 17:54:55 | 00,000,000 | ---D | C]
Adobe AIR -> %CommonProgramFiles%\Adobe AIR -> [2009/01/14 19:17:43 | 00,000,000 | ---D | C]
Adobe -> %AllUsersProfile%\Application Data\Adobe -> [2009/01/14 19:15:30 | 00,000,000 | ---D | C]
NOS -> %AllUsersProfile%\Application Data\NOS -> [2009/01/14 19:09:53 | 00,000,000 | ---D | C]
NOS -> %ProgramFiles%\NOS -> [2009/01/14 19:09:52 | 00,000,000 | ---D | C]
RECYCLER -> %SystemDrive%\RECYCLER -> [2009/01/14 19:06:57 | 00,000,000 | -HSD | C]
mucltui.dll -> %SystemRoot%\System32\mucltui.dll -> [2009/01/14 16:24:24 | 00,268,648 | ---- | C] (Microsoft Corporation)
mucltui.dll.mui -> %SystemRoot%\System32\mucltui.dll.mui -> [2009/01/14 16:24:24 | 00,027,496 | ---- | C] (Microsoft Corporation)
Trend Micro -> %ProgramFiles%\Trend Micro -> [2009/01/14 15:44:13 | 00,000,000 | ---D | C]
pss -> %SystemRoot%\pss -> [2009/01/14 11:08:42 | 00,000,000 | ---D | C]
Malwarebytes -> %AppData%\Malwarebytes -> [2009/01/14 08:05:21 | 00,000,000 | ---D | C]
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2009/01/14 08:05:16 | 00,015,504 | ---- | C] (Malwarebytes Corporation)
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2009/01/14 08:05:14 | 00,038,496 | ---- | C] (Malwarebytes Corporation)
Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [2009/01/14 08:05:12 | 00,000,000 | ---D | C]
Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware -> [2009/01/14 08:05:11 | 00,000,000 | ---D | C]
32788R22FWJFW -> %SystemDrive%\32788R22FWJFW -> [2009/01/14 07:50:27 | 00,000,000 | ---D | C]
Prefetch -> %SystemRoot%\Prefetch -> [2009/01/14 03:07:31 | 00,000,000 | ---D | C]
en-us -> %SystemRoot%\System32\en-us -> [2009/01/14 00:24:46 | 00,000,000 | ---D | C]
scripting -> %SystemRoot%\System32\scripting -> [2009/01/14 00:24:44 | 00,000,000 | ---D | C]
l2schemas -> %SystemRoot%\l2schemas -> [2009/01/14 00:24:42 | 00,000,000 | ---D | C]
en -> %SystemRoot%\System32\en -> [2009/01/14 00:24:41 | 00,000,000 | ---D | C]
bits -> %SystemRoot%\System32\bits -> [2009/01/14 00:24:40 | 00,000,000 | ---D | C]
ServicePackFiles -> %SystemRoot%\ServicePackFiles -> [2009/01/14 00:19:41 | 00,000,000 | ---D | C]
$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [2009/01/14 00:07:51 | 00,000,000 | -H-D | C]
AOL OCP -> %UserProfile%\Local Settings\Application Data\AOL OCP -> [2009/01/13 23:45:38 | 00,000,000 | ---D | C]
Software Update Utility -> %CommonProgramFiles%\Software Update Utility -> [2009/01/13 23:45:37 | 00,000,000 | ---D | C]
AIM Search -> %ProgramFiles%\AIM Search -> [2009/01/13 23:44:58 | 00,000,000 | ---D | C]
acccore -> %AllUsersProfile%\Application Data\acccore -> [2009/01/13 23:44:46 | 00,000,000 | ---D | C]
AIM 6.lnk -> %AllUsersProfile%\Desktop\AIM 6.lnk -> [2009/01/13 23:44:43 | 00,001,674 | ---- | C] ()
AOL OCP -> %AllUsersProfile%\Application Data\AOL OCP -> [2009/01/13 23:44:09 | 00,000,000 | ---D | C]
AIM6 -> %ProgramFiles%\AIM6 -> [2009/01/13 23:41:46 | 00,000,000 | ---D | C]
Spybot - Search & Destroy -> %ProgramFiles%\Spybot - Search & Destroy -> [2009/01/13 20:58:41 | 00,000,000 | ---D | C]
Spybot - Search & Destroy -> %AllUsersProfile%\Application Data\Spybot - Search & Destroy -> [2009/01/13 20:58:41 | 00,000,000 | ---D | C]
Boot.bak -> %SystemDrive%\Boot.bak -> [2009/01/13 20:36:43 | 00,000,209 | ---- | C] ()
cmldr -> %SystemDrive%\cmldr -> [2009/01/13 20:36:36 | 00,260,272 | ---- | C] ()
cmdcons -> %SystemDrive%\cmdcons -> [2009/01/13 20:36:32 | 00,000,000 | RHSD | C]
SWXCACLS.exe -> %SystemRoot%\SWXCACLS.exe -> [2009/01/13 20:33:13 | 00,212,480 | ---- | C] (SteelWerX)
SWREG.exe -> %SystemRoot%\SWREG.exe -> [2009/01/13 20:33:13 | 00,161,792 | ---- | C] (SteelWerX)
SWSC.exe -> %SystemRoot%\SWSC.exe -> [2009/01/13 20:33:13 | 00,136,704 | ---- | C] (SteelWerX)
sed.exe -> %SystemRoot%\sed.exe -> [2009/01/13 20:33:13 | 00,098,816 | ---- | C] ()
fdsv.exe -> %SystemRoot%\fdsv.exe -> [2009/01/13 20:33:13 | 00,089,504 | ---- | C] (Smallfrogs Studio)
grep.exe -> %SystemRoot%\grep.exe -> [2009/01/13 20:33:13 | 00,080,412 | ---- | C] ()
zip.exe -> %SystemRoot%\zip.exe -> [2009/01/13 20:33:13 | 00,068,096 | ---- | C] ()
VFIND.exe -> %SystemRoot%\VFIND.exe -> [2009/01/13 20:33:13 | 00,049,152 | ---- | C] ()
NIRCMD.exe -> %SystemRoot%\NIRCMD.exe -> [2009/01/13 20:33:13 | 00,029,696 | ---- | C] (NirSoft)
ERDNT -> %SystemRoot%\ERDNT -> [2009/01/13 20:32:19 | 00,000,000 | ---D | C]
Qoobox -> %SystemDrive%\Qoobox -> [2009/01/13 20:32:18 | 00,000,000 | ---D | C]
network diagnostic -> %SystemRoot%\network diagnostic -> [2009/01/13 18:29:48 | 00,000,000 | ---D | C]
custsat.dll -> %SystemRoot%\System32\dllcache\custsat.dll -> [2009/01/13 18:29:34 | 00,033,792 | ---- | C] (Microsoft Corporation)
c6c09be9c96fcda5042230d4669d60 -> %SystemDrive%\c6c09be9c96fcda5042230d4669d60 -> [2009/01/13 18:22:15 | 00,000,000 | ---D | C]

[Files/Folders - Modified Within 30 Days]
1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
9 C:\Documents and Settings\Lindsey\My Documents\*.tmp files -> C:\Documents and Settings\Lindsey\My Documents\*.tmp ->
1 C:\Documents and Settings\Lindsey\Local Settings\temp\*.tmp files -> C:\Documents and Settings\Lindsey\Local Settings\temp\*.tmp ->
1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp ->
NTUSER.DAT -> %UserProfile%\NTUSER.DAT -> [2009/01/21 06:34:58 | 06,815,744 | -H-- | M] ()
Windows Media Player.lnk -> %UserProfile%\Desktop\Windows Media Player.lnk -> [2009/01/20 06:41:24 | 00,000,782 | ---- | M] ()
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2009/01/20 06:39:46 | 00,002,206 | ---- | M] ()
qmgr1.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2009/01/20 06:37:59 | 00,012,002 | ---- | M] ()
qmgr0.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2009/01/20 06:37:59 | 00,012,002 | ---- | M] ()
Config.MPF -> %SystemRoot%\System32\Config.MPF -> [2009/01/20 06:37:54 | 00,021,392 | ---- | M] ()
Perflib_Perfdata_c9c.dat -> %AllUsersProfile%\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Perflib_Perfdata_c9c.dat -> [2009/01/20 06:36:13 | 00,000,000 | ---- | M] ()
Perflib_Perfdata_254.dat -> %SystemRoot%\Temp\Perflib_Perfdata_254.dat -> [2009/01/20 06:34:55 | 00,016,384 | ---- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2009/01/20 06:34:40 | 00,000,006 | -H-- | M] ()
bootstat.dat -> %SystemRoot%\bootstat.dat -> [2009/01/20 06:34:24 | 00,002,048 | --S- | M] ()
ntuser.ini -> %UserProfile%\ntuser.ini -> [2009/01/20 06:33:11 | 00,000,278 | -HS- | M] ()
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2009/01/17 13:33:29 | 00,489,240 | ---- | M] ()
perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2009/01/17 13:33:29 | 00,429,282 | ---- | M] ()
perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2009/01/17 13:33:29 | 00,071,656 | ---- | M] ()
imsins.BAK -> %SystemRoot%\imsins.BAK -> [2009/01/17 13:25:38 | 00,001,374 | ---- | M] ()
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [2009/01/17 13:17:09 | 00,000,284 | ---- | M] ()
Windows Search.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Windows Search.lnk -> [2009/01/16 20:47:59 | 00,001,787 | ---- | M] ()
nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [2009/01/16 20:45:34 | 00,023,392 | ---- | M] ()
amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [2009/01/16 20:45:34 | 00,016,832 | ---- | M] ()
win.ini -> %SystemRoot%\win.ini -> [2009/01/16 20:45:12 | 00,000,603 | ---- | M] ()
MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [2009/01/16 20:40:40 | 00,000,000 | -H-- | M] ()
desktop.ini -> %UserProfile%\My Documents\desktop.ini -> [2009/01/16 17:37:22 | 00,000,078 | -HS- | M] ()
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2009/01/16 03:13:45 | 00,284,520 | ---- | M] ()
iTunes.lnk -> %AllUsersProfile%\Desktop\iTunes.lnk -> [2009/01/15 18:09:53 | 00,001,804 | ---- | M] ()
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [2009/01/15 05:50:58 | 00,054,156 | -H-- | M] ()
McDefragTask.job -> %SystemRoot%\tasks\McDefragTask.job -> [2009/01/15 01:11:42 | 00,000,354 | ---- | M] ()
boot.ini -> %SystemDrive%\boot.ini -> [2009/01/14 14:30:18 | 00,000,279 | RHS- | M] ()
system.ini -> %SystemRoot%\system.ini -> [2009/01/14 14:30:18 | 00,000,227 | ---- | M] ()
hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [2009/01/14 09:11:27 | 00,290,515 | R--- | M] ()
GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2009/01/14 03:13:48 | 00,069,872 | ---- | M] ()
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [2009/01/14 03:12:05 | 00,316,640 | ---- | M] ()
IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [2009/01/14 03:05:27 | 04,813,004 | -H-- | M] ()
ntldr -> %SystemDrive%\ntldr -> [2009/01/14 00:14:26 | 00,250,048 | RHS- | M] ()
IPH.PH -> %SystemDrive%\IPH.PH -> [2009/01/13 23:46:18 | 00,001,403 | -H-- | M] ()
AIM 6.lnk -> %AllUsersProfile%\Desktop\AIM 6.lnk -> [2009/01/13 23:44:43 | 00,001,674 | ---- | M] ()
wininit.ini -> %SystemRoot%\wininit.ini -> [2009/01/13 22:13:38 | 00,000,341 | ---- | M] ()
hosts.20090114-091127.backup -> %SystemRoot%\System32\drivers\etc\hosts.20090114-091127.backup -> [2009/01/13 21:02:10 | 00,290,065 | R--- | M] ()
hosts.20090113-210210.backup -> %SystemRoot%\System32\drivers\etc\hosts.20090113-210210.backup -> [2009/01/13 20:48:37 | 00,000,027 | ---- | M] ()
MRT.exe -> %SystemRoot%\System32\MRT.exe -> [2009/01/09 17:35:30 | 20,853,704 | ---- | M] (Microsoft Corporation)
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2009/01/04 18:38:22 | 00,038,496 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2009/01/04 18:38:18 | 00,015,504 | ---- | M] (Malwarebytes Corporation)
vmpremov.exe -> %UserProfile%\Local Settings\temp\vmpremov.exe -> [2008/02/06 19:57:07 | 00,114,688 | ---- | M] (Viewpoint Corporation)
opa11.dat -> %AllUsersProfile%\Application Data\Microsoft\OFFICE\DATA\opa11.dat -> [2005/11/25 11:19:07 | 00,008,422 | ---- | M] ()

[Alternate Data Streams]
@Alternate Data Stream - 0 bytes -> %UserProfile%\My Documents\Thumbs.db:encryptable
[CatchMe Rootkit Scan by GMER]
< Windows folder & sub-folders >
< Document and Settings folder & sub folders >

< End of report >

Logfile of random's system information tool 1.05 (written by random/random)
Run by Lindsey at 2009-01-18 18:48:00
Microsoft Windows XP Professional Service Pack 3
System drive C: has 15 GB (45%) free of 33 GB
Total RAM: 503 MB (18% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:48:31 PM, on 1/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell Photo AIO Printer 942\memcard.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Lindsey\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Lindsey.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=20008&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=20008&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DellMCM] "C:\Program Files\Dell Photo AIO Printer 942\memcard.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Dell Photo AIO Printer 942] "C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - ?p=ZCxdm565YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1231901144156
O17 - HKLM\System\CCS\Services\Tcpip\..\{B808F886-1A5C-49D0-8FC8-A6D54E8A2598}: NameServer = 192.168.1.1,4.2.2.2
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlbu_device - - C:\WINDOWS\system32\dlbucoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 11174 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\McDefragTask.job
C:\WINDOWS\tasks\McQcTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{089FD14D-132B-48FC-8861-0048AE113215}]
C:\Program Files\SiteAdvisor\6261\SiteAdv.dll [2008-05-16 927008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mcapbho.dll [2007-11-26 324936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06 118842]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-13 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-11-09 58688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-13 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-13 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0} - McAfee SiteAdvisor - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll [2008-05-16 927008]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RealTray"=C:\Program Files\Real\RealPlayer\RealPlay.exe [2005-11-04 26112]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-11-01 582992]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-06-10 81920]
"ISUSPM Startup"=c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-06-10 249856]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2004-10-30 385024]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"DVDLauncher"=C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [2005-02-23 53248]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2004-12-06 127035]
"DellMCM"=C:\Program Files\Dell Photo AIO Printer 942\memcard.exe [2004-07-27 262144]
"Dell QuickSet"=C:\Program Files\Dell\QuickSet\quickset.exe [2005-03-04 606208]
"Dell Photo AIO Printer 942"=C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe [2004-08-31 294912]
"Corel Photo Downloader"=C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe [2005-11-16 106496]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2004-09-13 155648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-10-14 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-10-14 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-10-14 114688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"DellSupport"=C:\Program Files\DellSupport\DSAgnt.exe [2007-03-15 460784]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-10-14 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2004-09-07 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\1132031662\ee\AOLServiceHost.exe"="C:\Program Files\Common Files\AOL\1132031662\ee\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23a4d106-beb1-11da-8b98-001422df06ba}]
shell\AutoRun\command - E:\JDSecure\Windows\JDSecure31.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
shell\AutoRun\command - E:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63e189ee-93c1-11dc-8de7-001422df06ba}]
shell\AutoRun\command - E:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd86c87a-b3b3-11da-8b87-001422df06ba}]
shell\AutoRun\command - E:\JDSecure\Windows\JDSecure31.exe


======List of files/folders created in the last 1 months======

2009-01-18 18:48:00 ----D---- C:\rsit
2009-01-17 13:48:52 ----A---- C:\WINDOWS\system32\igfxres.dll
2009-01-17 13:27:17 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-01-17 13:25:20 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-01-17 13:23:36 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2009-01-17 13:22:05 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-01-17 13:20:48 ----A---- C:\WINDOWS\ModemLog_Conexant D110 MDC V.92 Modem.txt
2009-01-17 12:46:13 ----D---- C:\Documents and Settings\Lindsey\Application Data\MSNInstaller
2009-01-16 20:50:50 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$
2009-01-16 20:50:34 ----D---- C:\Program Files\Microsoft Silverlight
2009-01-16 20:49:57 ----D---- C:\Documents and Settings\Lindsey\Application Data\Windows Desktop Search
2009-01-16 20:47:40 ----D---- C:\WINDOWS\system32\GroupPolicy
2009-01-16 20:47:40 ----D---- C:\Program Files\Windows Desktop Search
2009-01-16 20:47:19 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2009-01-16 20:47:11 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-01-16 20:45:54 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-01-16 20:45:53 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-01-16 20:44:35 ----D---- C:\Program Files\Windows Media Connect 2
2009-01-16 20:44:19 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-01-16 20:42:19 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-01-16 20:40:19 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-01-16 20:37:15 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2009-01-16 17:30:56 ----D---- C:\WINDOWS\ie7updates
2009-01-16 17:29:15 ----D---- C:\WINDOWS\WBEM
2009-01-16 17:27:20 ----HDC---- C:\WINDOWS\ie7
2009-01-16 17:26:50 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-01-16 17:26:01 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-01-15 18:11:21 ----D---- C:\Program Files\Bonjour
2009-01-15 18:08:41 ----D---- C:\Program Files\iTunes
2009-01-15 18:08:41 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-15 18:04:46 ----D---- C:\Program Files\QuickTime
2009-01-15 17:54:55 ----D---- C:\Program Files\Apple Software Update
2009-01-15 03:03:21 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-01-15 03:02:59 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2009-01-15 03:02:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-01-15 03:02:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2009-01-15 03:02:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-15 03:02:03 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-01-15 03:01:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-01-15 03:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-01-15 03:01:18 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-01-14 19:17:43 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-01-14 19:15:30 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-01-14 19:09:53 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-01-14 19:09:52 ----D---- C:\Program Files\NOS
2009-01-14 19:06:57 ----SHD---- C:\RECYCLER
2009-01-14 16:24:24 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-01-14 16:24:24 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-01-14 15:44:13 ----D---- C:\Program Files\Trend Micro
2009-01-14 11:08:42 ----D---- C:\WINDOWS\pss
2009-01-14 08:05:21 ----D---- C:\Documents and Settings\Lindsey\Application Data\Malwarebytes
2009-01-14 08:05:12 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-14 08:05:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-14 08:03:07 ----A---- C:\ComboFix.txt
2009-01-14 07:50:27 ----D---- C:\32788R22FWJFW
2009-01-14 03:07:31 ----D---- C:\WINDOWS\Prefetch
2009-01-14 00:36:55 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-01-14 00:36:45 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-01-14 00:36:37 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-01-14 00:36:24 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-01-14 00:36:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-01-14 00:35:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2009-01-14 00:35:46 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-01-14 00:35:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-01-14 00:35:19 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2009-01-14 00:35:08 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-01-14 00:34:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-01-14 00:34:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-14 00:34:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-01-14 00:34:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-01-14 00:34:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2009-01-14 00:34:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-01-14 00:33:58 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-01-14 00:33:48 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-01-14 00:33:35 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
2009-01-14 00:33:26 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-01-14 00:33:17 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-01-14 00:24:46 ----D---- C:\WINDOWS\system32\en-us
2009-01-14 00:24:44 ----D---- C:\WINDOWS\system32\scripting
2009-01-14 00:24:42 ----D---- C:\WINDOWS\l2schemas
2009-01-14 00:24:41 ----D---- C:\WINDOWS\system32\en
2009-01-14 00:24:40 ----D---- C:\WINDOWS\system32\bits
2009-01-14 00:19:41 ----D---- C:\WINDOWS\ServicePackFiles
2009-01-14 00:07:51 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-01-13 23:45:37 ----D---- C:\Program Files\Common Files\Software Update Utility
2009-01-13 23:44:58 ----D---- C:\Program Files\AIM Search
2009-01-13 23:44:46 ----D---- C:\Documents and Settings\All Users\Application Data\acccore
2009-01-13 23:44:09 ----D---- C:\Documents and Settings\All Users\Application Data\AOL OCP
2009-01-13 23:41:46 ----D---- C:\Program Files\AIM6
2009-01-13 20:58:41 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-01-13 20:58:41 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-13 20:36:43 ----A---- C:\Boot.bak
2009-01-13 20:36:32 ----RASHD---- C:\cmdcons
2009-01-13 20:33:13 ----A---- C:\WINDOWS\zip.exe
2009-01-13 20:33:13 ----A---- C:\WINDOWS\VFIND.exe
2009-01-13 20:33:13 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-01-13 20:33:13 ----A---- C:\WINDOWS\SWSC.exe
2009-01-13 20:33:13 ----A---- C:\WINDOWS\SWREG.exe
2009-01-13 20:33:13 ----A---- C:\WINDOWS\sed.exe
2009-01-13 20:33:13 ----A---- C:\WINDOWS\NIRCMD.exe
2009-01-13 20:33:13 ----A---- C:\WINDOWS\grep.exe
2009-01-13 20:33:13 ----A---- C:\WINDOWS\fdsv.exe
2009-01-13 20:32:19 ----D---- C:\WINDOWS\ERDNT
2009-01-13 20:32:18 ----D---- C:\Qoobox
2009-01-13 19:00:32 ----A---- C:\WINDOWS\system32\javaws.exe
2009-01-13 19:00:32 ----A---- C:\WINDOWS\system32\javaw.exe
2009-01-13 19:00:32 ----A---- C:\WINDOWS\system32\java.exe
2009-01-13 19:00:32 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-01-13 18:29:48 ----D---- C:\WINDOWS\network diagnostic
2009-01-13 18:29:42 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2009-01-13 18:29:03 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2009-01-13 18:22:15 ----D---- C:\c6c09be9c96fcda5042230d4669d60

======List of files/folders modified in the last 1 months======

2009-01-18 18:48:09 ----D---- C:\WINDOWS\Temp
2009-01-17 13:53:51 ----D---- C:\WINDOWS\Microsoft.NET
2009-01-17 13:53:49 ----RSD---- C:\WINDOWS\assembly
2009-01-17 13:49:08 ----D---- C:\WINDOWS
2009-01-17 13:48:52 ----D---- C:\WINDOWS\system32
2009-01-17 13:47:46 ----D---- C:\WINDOWS\Registration
2009-01-17 13:45:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-17 13:42:22 ----D---- C:\WINDOWS\system32\drivers
2009-01-17 13:42:17 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-01-17 13:41:11 ----HD---- C:\WINDOWS\inf
2009-01-17 13:34:39 ----SHD---- C:\WINDOWS\Installer
2009-01-17 13:33:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-17 13:33:06 ----D---- C:\WINDOWS\WinSxS
2009-01-17 13:31:17 ----D---- C:\Program Files\Internet Explorer
2009-01-17 13:25:38 ----A---- C:\WINDOWS\imsins.BAK
2009-01-17 13:24:24 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-17 13:20:41 ----A---- C:\WINDOWS\ModemLog_Conexant D110 MDC V.9x Modem.txt
2009-01-17 13:20:23 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-17 12:47:49 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-17 12:47:49 ----D---- C:\Program Files
2009-01-17 12:46:17 ----D---- C:\Program Files\MSN
2009-01-17 12:44:00 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-17 12:43:07 ----D---- C:\Program Files\AIM
2009-01-17 12:42:54 ----D---- C:\Documents and Settings\Lindsey\Application Data\Aim
2009-01-17 03:02:05 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-01-17 00:46:58 ----D---- C:\WINDOWS\ehome
2009-01-16 20:51:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-16 20:50:55 ----D---- C:\WINDOWS\system32\wbem
2009-01-16 20:48:06 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-16 20:45:12 ----A---- C:\WINDOWS\win.ini
2009-01-16 20:44:34 ----D---- C:\Program Files\Windows Media Player
2009-01-16 20:44:27 ----D---- C:\WINDOWS\Help
2009-01-16 20:40:32 ----D---- C:\WINDOWS\system32\LogFiles
2009-01-16 17:29:23 ----D---- C:\WINDOWS\system32\config
2009-01-16 17:29:01 ----D---- C:\WINDOWS\Media
2009-01-16 03:14:07 ----D---- C:\Program Files\McAfee
2009-01-16 03:04:20 ----RSD---- C:\WINDOWS\Fonts
2009-01-16 03:03:05 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-01-15 18:09:41 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-01-15 18:09:00 ----D---- C:\Program Files\iPod
2009-01-15 18:08:59 ----D---- C:\Program Files\Common Files\Apple
2009-01-15 17:55:02 ----SD---- C:\WINDOWS\Tasks
2009-01-14 19:18:06 ----D---- C:\Program Files\Adobe
2009-01-14 19:17:43 ----D---- C:\Program Files\Common Files
2009-01-14 19:16:04 ----D---- C:\Program Files\Common Files\Adobe
2009-01-14 14:36:50 ----SHD---- C:\System Volume Information
2009-01-14 14:36:50 ----D---- C:\WINDOWS\system32\Restore
2009-01-14 14:30:18 ----RASH---- C:\boot.ini
2009-01-14 14:30:18 ----A---- C:\WINDOWS\system.ini
2009-01-14 07:56:03 ----D---- C:\WINDOWS\AppPatch
2009-01-14 03:09:21 ----A---- C:\WINDOWS\OEWABLog.txt
2009-01-14 03:07:35 ----A---- C:\WINDOWS\setuplog.txt
2009-01-14 03:06:55 ----D---- C:\Program Files\Messenger
2009-01-14 03:06:54 ----D---- C:\WINDOWS\system32\Setup
2009-01-14 00:38:53 ----D---- C:\WINDOWS\security
2009-01-14 00:25:13 ----D---- C:\WINDOWS\system32\inetsrv
2009-01-14 00:25:12 ----D---- C:\WINDOWS\ime
2009-01-14 00:24:46 ----D---- C:\WINDOWS\system32\usmt
2009-01-14 00:24:40 ----D---- C:\WINDOWS\PeerNet
2009-01-14 00:24:39 ----D---- C:\Program Files\Movie Maker
2009-01-14 00:19:19 ----D---- C:\WINDOWS\system32\npp
2009-01-14 00:19:19 ----D---- C:\WINDOWS\mui
2009-01-14 00:19:17 ----D---- C:\WINDOWS\msagent
2009-01-14 00:19:15 ----D---- C:\WINDOWS\srchasst
2009-01-14 00:19:13 ----D---- C:\Program Files\NetMeeting
2009-01-14 00:19:11 ----D---- C:\WINDOWS\system32\Com
2009-01-14 00:19:07 ----D---- C:\Program Files\Windows NT
2009-01-14 00:19:06 ----D---- C:\Program Files\Outlook Express
2009-01-14 00:19:00 ----D---- C:\Program Files\Common Files\System
2009-01-14 00:18:35 ----D---- C:\WINDOWS\system32\oobe
2009-01-14 00:18:31 ----D---- C:\WINDOWS\system
2009-01-13 23:44:55 ----D---- C:\Program Files\Viewpoint
2009-01-13 23:44:54 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2009-01-13 23:43:28 ----D---- C:\Program Files\Common Files\AOL
2009-01-13 22:13:38 ----A---- C:\WINDOWS\wininit.ini
2009-01-13 22:13:37 ----D---- C:\WINDOWS\wt
2009-01-13 21:44:51 ----D---- C:\WINDOWS\SoftwareDistribution
2009-01-13 19:21:02 ----D---- C:\Program Files\Common Files\SMART Technologies Inc
2009-01-13 18:59:58 ----D---- C:\Program Files\Java
2009-01-13 18:43:06 ----SHD---- C:\WINDOWS\CSC
2009-01-09 17:35:30 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2004-08-18 16128]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2007-11-22 201320]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2007-07-13 113952]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2004-02-13 17153]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-07-14 5627]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-07-14 23545]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.1.0.1; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2005-11-04 17056]
R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2005-11-04 8552]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-11-23 40480]
R2 dsunidrv;DellSupport UniDriver; C:\WINDOWS\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376]
R2 LxrJD31d;LxrJD31d; \??\C:\WINDOWS\system32\Drivers\LxrJD31d.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2004-08-31 11354]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2004-12-06 25883]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2004-12-06 34843]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2004-12-06 4123]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2004-12-06 2239]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2004-12-06 86586]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2004-12-06 15227]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2004-12-06 6363]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2004-12-06 98714]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2004-12-06 100603]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-11-16 108791]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2004-05-26 44928]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys []
R3 GearAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS [2005-05-03 1033728]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2005-05-03 208384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-10-14 1302812]
R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2007-11-22 79304]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2007-11-22 35240]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2007-12-02 40488]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2005-12-09 31680]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 STAC97;SigmaTel C-Major Audio; C:\WINDOWS\system32\drivers\STAC97.sys [2005-03-10 273168]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-05-03 705408]
S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys []
S3 catchme;catchme; \??\C:\Combo-Fix\catchme.sys []
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-17 1041536]
S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2007-11-22 33832]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-21 3210496]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2004-09-07 86016]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-13 152984]
R2 LxrJD31s;Lexar JD31; C:\WINDOWS\system32\LxrJD31s.exe [2006-03-28 71168]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:\program files\common files\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2007-07-24 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]
R2 MSK80Service;McAfee SpamKiller Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2007-11-26 23880]
R2 NICCONFIGSVC;NICCONFIGSVC; C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe [2005-03-04 356352]
R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2004-09-07 139264]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2004-09-07 360521]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 WLANKEEPER;WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2004-09-07 225353]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-12-05 695624]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 dlbu_device;dlbu_device; C:\WINDOWS\system32\dlbucoms.exe [2007-02-28 538096]
S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-07 76848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

-----------------EOF-----------------

Hi OleTomCat
Your logs doesn't show WildTangent......
I think that the reason is this
You have any of the WildTangent games on your computer that you play, it might keep coming back. WildTangent is a webdriver for many games that comes supplied on new HP and Compaq computers plus some of the online game sites use it and it will come on certain CD games that also use it. It is considered spyware because of their privacy policy.

Please read this thread (http://forums.spybot.info/showthread.php?t=2313)

Ok, got that done now what do I do?

Is he computer ready to go into service?

Hi OleTomCat

your computer is clean, Wild Tangent it´s not malware,

WildTangent (http://www.kephyr.com/spywarescanner/library/wildtangent/index.phtml)

Bundled Software (http://www.kephyr.com/spywarescanner/library/glossary/bundledsoftware.phtml)

Ok thank you very much for the help...

Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.