Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Problems not completely gone

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Problems not completely gone

Unread postby HerrLugner » September 11th, 2010, 5:45 pm

HI,

I had gotten some help about 6 weeks ago on this topic: viewtopic.php?f=11&t=52624&p=537535#p537535

Pop ups and such had stopped, but the machine was still running slower than previous. Recently it has gotten so slow as to be nearly unusable - taking as long as 5 minutes to open a browser window (but still no pop ups). I ran a MalwareBytes scan and it found and repaired this: HKEY_LOCAL_MACHINE\SOFTWARE\AnVi (Rogue.AnVi) -> Quarantined and deleted successfully. But the system still seems slow.

HJT and Uninstall listing are below


HJT Log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:35:18 PM, on 9/11/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\1148647217\ee\AOLSoftware.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\NoAds\NoAds.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\AOL\1148647217\ee\aolsoftware.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
C:\PROGRA~1\COMMON~1\McAfee\MSC\McUICnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1148647217\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [NoAds] "C:\Program Files\NoAds\NoAds.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Control Pad - {28D44DAD-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:\Program Files\Verizon Online\Verizon Online Control Pad\VerizonControlPad.Exe
O9 - Extra 'Tools' menuitem: Control Pad - {28D44DAD-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:\Program Files\Verizon Online\Verizon Online Control Pad\VerizonControlPad.Exe
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: 6th Street Omaha Poker by pogo - http://game1.pogo.com/applet-6.6.4.21/o ... -en_US.cab
O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.6.4.29/a ... -en_US.cab
O16 - DPF: Ali Baba Slots TM by pogo - http://game1.pogo.com/applet-6.6.2.21/s ... -en_US.cab
O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-6.3.3.27/b ... assets.cab
O16 - DPF: Battle Phlinx by pogo - http://game1.pogo.com/applet-6.4.0.34/b ... assets.cab
O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.6.0.34/b ... -en_US.cab
O16 - DPF: Bowling by pogo - http://game1.pogo.com/applet-6.6.4.29/b ... -en_US.cab
O16 - DPF: Bump by pogo - http://www.pogo.com/applet-6.5.2.33/bump/bump-en_US.cab
O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.5.4.34/c ... -en_US.cab
O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-6.5.3.37/c ... -en_US.cab
O16 - DPF: Chess by pogo - http://game1.pogo.com/applet-6.5.4.27/c ... -en_US.cab
O16 - DPF: Cribbage by pogo - http://game1.pogo.com/applet-6.5.5.36/c ... -en_US.cab
O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.6.2.21/c ... -en_US.cab
O16 - DPF: Dominoes by pogo - http://game1.pogo.com/applet-6.6.4.29/d ... -en_US.cab
O16 - DPF: Double Deuce Poker by pogo - http://game1.pogo.com/applet-6.4.0.34/v ... assets.cab
O16 - DPF: Euchre by pogo - http://game1.pogo.com/applet-6.6.0.27/e ... -en_US.cab
O16 - DPF: First Class Solitaire by pogo - http://game1.pogo.com/applet-6.6.2.21/f ... -en_US.cab
O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.6.2.21/s ... -en_US.cab
O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/applet-6.6.3.34/h ... -en_US.cab
O16 - DPF: Hearts by pogo - http://game1.pogo.com/applet-6.6.4.29/h ... -en_US.cab
O16 - DPF: High Stakes Poker by pogo - http://game1.pogo.com/applet-6.5.4.27/d ... -en_US.cab
O16 - DPF: High Stakes Pool by pogo - http://game1.pogo.com/applet-6.4.4.34/p ... assets.cab
O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-6.6.2.21/j ... -en_US.cab
O16 - DPF: Jokers Wild Poker by pogo - http://game1.pogo.com/applet-6.6.0.34/v ... -en_US.cab
O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.6.2.35/gin/gin-en_US.cab
O16 - DPF: Keno by pogo - http://game1.pogo.com/applet-6.6.0.34/k ... -en_US.cab
O16 - DPF: Lost Temple Poker by pogo - http://game1.pogo.com/applet-6.6.3.34/m ... -en_US.cab
O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.6.4.21/l ... -en_US.cab
O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.5.2.33/m ... -en_US.cab
O16 - DPF: Multiline Slots by pogo - http://game1.pogo.com/applet-6.4.4.34/m ... assets.cab
O16 - DPF: Pai Gow by pogo - http://game1.pogo.com/applet-6.4.4.34/p ... assets.cab
O16 - DPF: Payday FreeCell by pogo - http://game1.pogo.com/applet-6.5.3.37/f ... -en_US.cab
O16 - DPF: Penguin Blocks by pogo - http://game1.pogo.com/applet-6.6.3.34/p ... -en_US.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://game1.pogo.com/applet-6.6.0.27/w ... -en_US.cab
O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.6.1.37/f ... -en_US.cab
O16 - DPF: Pinochle by pogo - http://game1.pogo.com/applet-6.6.3.34/p ... -en_US.cab
O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.5.3.44/p ... -en_US.cab
O16 - DPF: PoppaZoppa by pogo - http://game1.pogo.com/applet-6.6.4.21/p ... -en_US.cab
O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.6.4.21/p ... -en_US.cab
O16 - DPF: Quick Quack by pogo - http://game1.pogo.com/applet-6.6.4.21/h ... -en_US.cab
O16 - DPF: Quick Shot by pogo - http://game1.pogo.com/applet-6.6.3.34/q ... -en_US.cab
O16 - DPF: QWERTY by pogo - http://game1.pogo.com/applet-6.6.2.35/s ... -en_US.cab
O16 - DPF: Ride The Tide by pogo - http://game1.pogo.com/applet-6.5.3.37/r ... -en_US.cab
O16 - DPF: SciFi Slots by pogo - http://game1.pogo.com/applet-6.6.1.37/s ... -en_US.cab
O16 - DPF: Showbiz Slots 2 by pogo - http://game1.pogo.com/applet-6.4.3.28/s ... assets.cab
O16 - DPF: Shuffle Bump by pogo - http://game1.pogo.com/applet-6.6.4.29/p ... -en_US.cab
O16 - DPF: Spades 2 by pogo - http://game1.pogo.com/applet-6.6.1.29/s ... -en_US.cab
O16 - DPF: Spider Solitaire by pogo - http://game1.pogo.com/applet-6.6.2.21/s ... -en_US.cab
O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.6.4.21/s ... -en_US.cab
O16 - DPF: Stax by pogo - http://game1.pogo.com/applet-6.6.4.21/s ... -en_US.cab
O16 - DPF: Stellar Sweeper by pogo - http://game1.pogo.com/applet-6.5.5.36/s ... -en_US.cab
O16 - DPF: Sweet Tooth TM by pogo - http://game1.pogo.com/applet-6.6.2.21/s ... -en_US.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://game1.pogo.com/applet-6.5.1.24/h ... -en_US.cab
O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.6.4.21/p ... -en_US.cab
O16 - DPF: Tumble Bees by pogo - http://game1.pogo.com/applet-6.6.2.21/j ... -en_US.cab
O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.5.1.24/t ... -en_US.cab
O16 - DPF: Video Poker by pogo - http://game1.pogo.com/applet-6.4.0.41/v ... assets.cab
O16 - DPF: Wonderland Memories by pogo - http://game1.pogo.com/applet-6.6.4.21/m ... -en_US.cab
O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.6.4.21/w ... -en_US.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.6.3.34/w ... -en_US.cab
O16 - DPF: WordJong by pogo - http://game1.pogo.com/applet-6.6.1.29/w ... -en_US.cab
O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.6.3.34/w ... -en_US.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/c ... /tt3_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/c ... jst4_x.cab
O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/games/c ... pyt1_x.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.4.1.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mci ... insctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcg ... cgdmgr.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 19779 bytes







Uninstall List

Acrobat.com
Acrobat.com
Adobe Acrobat 9 Standard - English, Français, Deutsch
Adobe Acrobat 9 Standard - English, Français, Deutsch
Adobe Acrobat 5.0
Adobe Acrobat 9.2.0 - CPSID_50026
Adobe AIR
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Reader 9.3.3
Adobe Shockwave Player
AnswerWorks 5.0 English Runtime
AOL Uninstaller (Choose which Products to Remove)
Apple Mobile Device Support
Apple Software Update
ArcSoft Funhouse
BlackBerry Desktop Software 4.6
BlackBerry Desktop Software 4.6
BlackBerry Device Software Updater
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DSLR 5 for ZoomBrowser EX
Canon Camera Window MC 5 for ZoomBrowser EX
Canon EOS Kiss_N REBEL_XT 350D WIA Driver
Canon i960
Canon PhotoRecord
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities Digital Photo Professional 2.0
Canon Utilities Easy-PhotoPrint
Canon Utilities Easy-PhotoPrint Plus
Canon Utilities EOS Capture 1.5
Canon Utilities PhotoStitch 3.1
Canon ZoomBrowser EX (E)
CCHelp
CCScore
Citrix Web Client
Classic PhoneTools
Compatibility Pack for the 2007 Office system
Conexant HSF V92 56K RTAD Speakerphone PCI Modem
Critical Update for Windows Media Player 11 (KB959772)
DAO 3.5
Dell Modem-On-Hold
Dell Picture Studio - Dell Image Expert
Dell Solution Center
Dell Support Center
DellSupport
Digital Line Detect
DVDSentry
Dynomite 2.00y
Easy CD Creator 5 Basic
Easy-WebPrint
ESSAdpt
ESSANUP
ESSCAM
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSSONIC
ESSvpaht
ESSvpot
FinePixViewer Ver.4.0
FUJIFILM USB Driver
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
HaxFix 4.14
HiJackThis
HijackThis 2.0.2
HLPIndex
HLPRFO
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
hp instant support
HP Photo and Imaging 1.2 - Scanjet 4570c Series
ImageMixer VCD for FinePix
Intel(R) PRO Ethernet Adapter and Software
Intel(R) PROSet II
iTunes
Jasc Paint Shop Pro 8 Dell Edition
Java(TM) 6 Update 21
Kaspersky Online Scanner
Kodak EasyShare software
KSU
LiveReg (Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation)
Lottso! Deluxe
Mahjong Garden Deluxe
Malwarebytes' Anti-Malware
McAfee SecurityCenter
Microsoft .NET Framework (English)
Microsoft .NET Framework (English) v1.0.3705
Microsoft .NET Framework 1.0 Hotfix (KB928367)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Interactive Training
Microsoft Office PowerPoint Viewer 2003
Microsoft Office XP Media Content
Microsoft Office XP Small Business
Microsoft Train Simulator
Microsoft User-Mode Driver Framework Feature Pack 1.0
MicroStaff WINASPI NT
Modem Helper
Mozilla Firefox (3.5.12)
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MUSICMATCH Jukebox
NoAds
Notifier
NVIDIA Display Driver
NVIDIA Drivers
OpenMG Limited Patch 4.1-05-13-31-01
OpenMG Secure Module 4.1.00
Operation Mania
OTtBP
OTtBPSDK
Panda ActiveScan
Panda ActiveScan 2.0
PCDADDIN
PCDHELP
PCDLNCH
PICTUREKA! MUSEUM MAYHEM
PowerDVD
Quicken 2010
Quicken WillMaker Plus 2004
QuickTime
RAW FILE CONVERTER LE
RealPlayer Basic
Roxio Media Manager
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 8 (KB917734)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
SFR
SFR2
Shockwave
Sid Meier's Railroad Tycoon
Sound Blaster Live!
SpywareBlaster 4.3
Symantec pcAnywhere
System Requirements Lab
TBS WMP Plug-in
The Poppit! Show
The Right Track (R) Software
The Right Track Software
Trainz Driver - North American Edition
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Verizon Help and Support Tool
Verizon Online
Verizon Online Control Pad
Verizon Online DSL
Verizon Online Help and Support
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual IP InSight(Verizon Online)
VPRINTOL
Vz In Home Agent
WD Diagnostics
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 3
WinPatrol
Word Whomp( TM) Underground
Yahoo! Messenger
Yahoo! Messenger Explorer Bar



Thanks
Paul
HerrLugner
Regular Member
 
Posts: 69
Joined: September 5th, 2006, 10:23 pm
Advertisement
Register to Remove

Re: Problems not completely gone

Unread postby muppy03 » September 13th, 2010, 6:16 am

Hello and welcome to Malware Removal Forums

IMPORTANT

Whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
To make cleaning this machine easier:-
  • Continue to respond to this thread until I give you the All Clean!
  • Please DO NOT uninstall/install any programs unless asked to. It is more difficult when files/programs appear or disappear from the logs.
  • Please do not run any scans other than those requested and do not post any logs/reports unless specifically requested to do so.
  • Please follow all instructions in the order posted.
  • If you have any questions or do not understand instructions, please ask before continuing.
  • Please reply to this thread. Do not start a new topic.

Go to Start-Settings-Control Panel, click on Add remove Programs. If any of the following programs are listed there, click on the program to highlight it, and click on remove. Then close the Control Panel.

    HaxFix 4.14
    LiveReg (Symantec Corporation)
    LiveUpdate 3.0 (Symantec Corporation)
    Panda ActiveScan
    Panda ActiveScan 2.0
    Symantec pcAnywhere
    Viewpoint Media Player

NEXT Download and Run: RSIT

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Please reply with:-
  • RSIT logs ( info.txt and log.txt)
User avatar
muppy03
MRU Emeritus
MRU Emeritus
 
Posts: 4798
Joined: December 4th, 2007, 5:30 am
Location: Australia

Re: Problems not completely gone

Unread postby HerrLugner » September 13th, 2010, 6:58 am

Muppy,

I use PCAnywhere for work - is it necessary to remove it?

Paul
HerrLugner
Regular Member
 
Posts: 69
Joined: September 5th, 2006, 10:23 pm

Re: Problems not completely gone

Unread postby HerrLugner » September 13th, 2010, 7:00 am

Also, LiveReg and LiveUpdate won't uninstall without removing PCAnywhere.
HerrLugner
Regular Member
 
Posts: 69
Joined: September 5th, 2006, 10:23 pm

Re: Problems not completely gone

Unread postby HerrLugner » September 13th, 2010, 7:03 am

Here is the RSIT Log without having removed the Symantec files. If I have to remove them, I will do it later as I have to leave for work now


Logfile of random's system information tool 1.08 (written by random/random)
Run by at 2010-09-13 07:01:42
Microsoft Windows XP Professional Service Pack 3
System drive C: has 55 GB (48%) free of 114 GB
Total RAM: 511 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:01:57 AM, on 9/13/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\1148647217\ee\AOLSoftware.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\NoAds\NoAds.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
C:\PROGRA~1\COMMON~1\McAfee\MSC\McUICnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Common Files\AOL\1148647217\ee\aolsoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Paul Graf\My Documents\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Paul Graf.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1148647217\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [NoAds] "C:\Program Files\NoAds\NoAds.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O16 - DPF: 6th Street Omaha Poker by pogo - http://game1.pogo.com/applet-6.6.4.21/o ... -en_US.cab
O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.6.4.29/a ... -en_US.cab
O16 - DPF: Ali Baba Slots TM by pogo - http://game1.pogo.com/applet-6.6.2.21/s ... -en_US.cab
O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-6.3.3.27/b ... assets.cab
O16 - DPF: Battle Phlinx by pogo - http://game1.pogo.com/applet-6.4.0.34/b ... assets.cab
O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.6.0.34/b ... -en_US.cab
O16 - DPF: Bowling by pogo - http://game1.pogo.com/applet-6.6.4.29/b ... -en_US.cab
O16 - DPF: Bump by pogo - http://www.pogo.com/applet-6.5.2.33/bump/bump-en_US.cab
O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.5.4.34/c ... -en_US.cab
O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-6.5.3.37/c ... -en_US.cab
O16 - DPF: Chess by pogo - http://game1.pogo.com/applet-6.5.4.27/c ... -en_US.cab
O16 - DPF: Cribbage by pogo - http://game1.pogo.com/applet-6.5.5.36/c ... -en_US.cab
O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.6.2.21/c ... -en_US.cab
O16 - DPF: Dominoes by pogo - http://game1.pogo.com/applet-6.6.4.29/d ... -en_US.cab
O16 - DPF: Double Deuce Poker by pogo - http://game1.pogo.com/applet-6.4.0.34/v ... assets.cab
O16 - DPF: Euchre by pogo - http://game1.pogo.com/applet-6.6.0.27/e ... -en_US.cab
O16 - DPF: First Class Solitaire by pogo - http://game1.pogo.com/applet-6.6.2.21/f ... -en_US.cab
O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.6.2.21/s ... -en_US.cab
O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/applet-6.6.3.34/h ... -en_US.cab
O16 - DPF: Hearts by pogo - http://game1.pogo.com/applet-6.6.4.29/h ... -en_US.cab
O16 - DPF: High Stakes Poker by pogo - http://game1.pogo.com/applet-6.5.4.27/d ... -en_US.cab
O16 - DPF: High Stakes Pool by pogo - http://game1.pogo.com/applet-6.4.4.34/p ... assets.cab
O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-6.6.2.21/j ... -en_US.cab
O16 - DPF: Jokers Wild Poker by pogo - http://game1.pogo.com/applet-6.6.0.34/v ... -en_US.cab
O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.6.2.35/gin/gin-en_US.cab
O16 - DPF: Keno by pogo - http://game1.pogo.com/applet-6.6.0.34/k ... -en_US.cab
O16 - DPF: Lost Temple Poker by pogo - http://game1.pogo.com/applet-6.6.3.34/m ... -en_US.cab
O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.6.4.21/l ... -en_US.cab
O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.5.2.33/m ... -en_US.cab
O16 - DPF: Multiline Slots by pogo - http://game1.pogo.com/applet-6.4.4.34/m ... assets.cab
O16 - DPF: Pai Gow by pogo - http://game1.pogo.com/applet-6.4.4.34/p ... assets.cab
O16 - DPF: Payday FreeCell by pogo - http://game1.pogo.com/applet-6.5.3.37/f ... -en_US.cab
O16 - DPF: Penguin Blocks by pogo - http://game1.pogo.com/applet-6.6.3.34/p ... -en_US.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://game1.pogo.com/applet-6.6.0.27/w ... -en_US.cab
O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.6.1.37/f ... -en_US.cab
O16 - DPF: Pinochle by pogo - http://game1.pogo.com/applet-6.6.3.34/p ... -en_US.cab
O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.5.3.44/p ... -en_US.cab
O16 - DPF: PoppaZoppa by pogo - http://game1.pogo.com/applet-6.6.4.21/p ... -en_US.cab
O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.6.4.21/p ... -en_US.cab
O16 - DPF: Quick Quack by pogo - http://game1.pogo.com/applet-6.6.4.21/h ... -en_US.cab
O16 - DPF: Quick Shot by pogo - http://game1.pogo.com/applet-6.6.3.34/q ... -en_US.cab
O16 - DPF: QWERTY by pogo - http://game1.pogo.com/applet-6.6.2.35/s ... -en_US.cab
O16 - DPF: Ride The Tide by pogo - http://game1.pogo.com/applet-6.5.3.37/r ... -en_US.cab
O16 - DPF: SciFi Slots by pogo - http://game1.pogo.com/applet-6.6.1.37/s ... -en_US.cab
O16 - DPF: Showbiz Slots 2 by pogo - http://game1.pogo.com/applet-6.4.3.28/s ... assets.cab
O16 - DPF: Shuffle Bump by pogo - http://game1.pogo.com/applet-6.6.4.29/p ... -en_US.cab
O16 - DPF: Spades 2 by pogo - http://game1.pogo.com/applet-6.6.1.29/s ... -en_US.cab
O16 - DPF: Spider Solitaire by pogo - http://game1.pogo.com/applet-6.6.2.21/s ... -en_US.cab
O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.6.4.21/s ... -en_US.cab
O16 - DPF: Stax by pogo - http://game1.pogo.com/applet-6.6.4.21/s ... -en_US.cab
O16 - DPF: Stellar Sweeper by pogo - http://game1.pogo.com/applet-6.5.5.36/s ... -en_US.cab
O16 - DPF: Sweet Tooth TM by pogo - http://game1.pogo.com/applet-6.6.2.21/s ... -en_US.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://game1.pogo.com/applet-6.5.1.24/h ... -en_US.cab
O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.6.4.21/p ... -en_US.cab
O16 - DPF: Tumble Bees by pogo - http://game1.pogo.com/applet-6.6.2.21/j ... -en_US.cab
O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.5.1.24/t ... -en_US.cab
O16 - DPF: Video Poker by pogo - http://game1.pogo.com/applet-6.4.0.41/v ... assets.cab
O16 - DPF: Wonderland Memories by pogo - http://game1.pogo.com/applet-6.6.4.21/m ... -en_US.cab
O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.6.4.21/w ... -en_US.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.6.3.34/w ... -en_US.cab
O16 - DPF: WordJong by pogo - http://game1.pogo.com/applet-6.6.1.29/w ... -en_US.cab
O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.6.3.34/w ... -en_US.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/c ... /tt3_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/c ... jst4_x.cab
O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/games/c ... pyt1_x.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mci ... insctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcg ... cgdmgr.cab
O23 - Service: McAfee Application Installer Cleanup (0103371284341124) (0103371284341124mcinstcleanup) - McAfee, Inc. - C:\DOCUME~1\PAULGR~1\LOCALS~1\Temp\010337~1.EXE
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 17788 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\progra~1\mcafee\msk\mskapbho.dll [2010-05-03 245272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27 349576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-03 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27 349576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27 349576]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HostManager"=C:\Program Files\Common Files\AOL\1148647217\ee\AOLSoftware.exe [2007-10-08 41824]
"Verizon_McciTrayApp"=C:\Program Files\Verizon\McciTrayApp.exe [2010-03-17 1565696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
""= []
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2008-06-26 236016]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-19 35760]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"WinPatrol"=C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [2010-05-31 323976]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2010-07-01 1193848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NoAds"=C:\Program Files\NoAds\NoAds.exe [2004-03-04 122880]
"DellSupport"=C:\Program Files\DellSupport\DSAgnt.exe [2007-03-15 460784]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\PCANotify]
C:\WINDOWS\system32\PCANotify.dll [2006-04-25 8704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll [2006-06-16 73728]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\klmdb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\klmdb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=323
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Yahoo!\Messenger\YPager.exe"="C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL Connectivity Service"
"C:\Program Files\Common Files\AOL\1148647217\ee\aolsoftware.exe"="C:\Program Files\Common Files\AOL\1148647217\ee\aolsoftware.exe:*:Enabled:AOL Shared Components"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe"="C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\Common Files\AOL\System Information\sinf.exe"="C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information"
"C:\ani\winvnc.exe"="C:\ani\winvnc.exe:*:Enabled:VNC server for Win32"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe"="C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-09-13 07:01:42 ----D---- C:\rsit
2010-09-12 21:24:53 ----D---- C:\WINDOWS\LastGood
2010-09-07 17:00:41 ----A---- C:\WINDOWS\system32\drivers\mfeclnk.sys
2010-09-07 17:00:16 ----A---- C:\WINDOWS\system32\drivers\mfetdi2k.sys
2010-09-07 17:00:16 ----A---- C:\WINDOWS\system32\drivers\mferkdet.sys
2010-09-07 17:00:16 ----A---- C:\WINDOWS\system32\drivers\mfendisk.sys
2010-09-07 17:00:15 ----A---- C:\WINDOWS\system32\drivers\mfehidk.sys
2010-09-07 17:00:15 ----A---- C:\WINDOWS\system32\drivers\mfefirek.sys
2010-09-07 17:00:15 ----A---- C:\WINDOWS\system32\drivers\mfebopk.sys
2010-09-07 17:00:14 ----A---- C:\WINDOWS\system32\drivers\mfeavfk.sys
2010-09-07 17:00:14 ----A---- C:\WINDOWS\system32\drivers\mfeapfk.sys
2010-09-07 17:00:14 ----A---- C:\WINDOWS\system32\drivers\cfwids.sys

======List of files/folders modified in the last 1 months======

2010-09-13 07:01:58 ----D---- C:\WINDOWS\Prefetch
2010-09-13 06:59:27 ----D---- C:\Program Files\Panda Security
2010-09-13 06:59:25 ----D---- C:\WINDOWS\system32\DRIVERS
2010-09-13 06:58:46 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2010-09-13 06:58:45 ----D---- C:\Program Files
2010-09-13 06:57:21 ----D---- C:\WINDOWS\SYSTEM32
2010-09-13 06:49:29 ----D---- C:\WINDOWS\Temp
2010-09-13 06:25:36 ----D---- C:\Program Files\Mozilla Firefox
2010-09-12 21:32:16 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-09-12 21:32:13 ----D---- C:\WINDOWS
2010-09-12 21:25:21 ----HD---- C:\WINDOWS\INF
2010-09-12 21:25:01 ----D---- C:\Program Files\McAfee
2010-09-12 18:26:06 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-11 19:45:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-10 22:59:18 ----A---- C:\WINDOWS\ModemLog_Conexant HSF V92 56K RTAD Speakerphone PCI Modem.txt
2010-09-10 22:58:35 ----A---- C:\WINDOWS\ModemLog_Standard Modem.txt
2010-09-08 16:51:25 ----D---- C:\Program Files\McAfee.com
2010-09-07 18:07:23 ----D---- C:\Program Files\Common Files\McAfee
2010-09-07 16:59:30 ----SD---- C:\WINDOWS\Tasks
2010-08-26 22:59:52 ----D---- C:\WINDOWS\system32\FxsTmp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 Gernuwa;Gernuwa; C:\WINDOWS\system32\drivers\Gernuwa.sys [2003-04-21 13898]
R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2010-05-31 385880]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [2007-05-01 43528]
R0x01000000 papycpu2;papycpu2; C:\WINDOWS\System32\DRIVERS\papycpu2.sys [2003-01-17 1984]
R0x01000000 papyjoy;papyjoy; C:\WINDOWS\System32\DRIVERS\papyjoy.sys [2003-01-17 1856]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-10-07 35840]
R1 AW_HOST;AW_HOST; C:\WINDOWS\system32\drivers\aw_host5.sys [2005-11-21 11008]
R1 awecho;awecho; C:\WINDOWS\system32\drivers\awechomd.sys [2005-10-10 7552]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2007-02-02 9336]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2007-02-02 9464]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2002-04-10 236032]
R1 ewido anti-spyware 4.0 driver;ewido anti-spyware 4.0 driver; \??\C:\Program Files\ewido anti-spyware 4.0\guard.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 mfetdi2k;McAfee Inc. mfetdi2k; C:\WINDOWS\system32\drivers\mfetdi2k.sys [2010-05-31 82952]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\System32\DRIVERS\omci.sys [2002-07-19 17153]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2002-04-10 117898]
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2002-04-10 206336]
R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2003-01-15 8552]
R2 dsunidrv;DellSupport UniDriver; C:\WINDOWS\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376]
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2002-06-21 8224]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2001-10-22 9855]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\System32\PfModNT.sys []
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
R2 SpeakerPhone;SpeakerPhone; C:\WINDOWS\System32\DRIVERS\HSF_SPKP.sys [2001-08-17 73279]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\System32\drivers\tmcomm.sys []
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
R3 cfwids;McAfee Inc. cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [2010-05-31 55456]
R3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys []
R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2002-04-10 24554]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2002-04-30 139776]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2002-06-30 1172416]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [2002-06-30 167155]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\WINDOWS\system32\drivers\mfeapfk.sys [2010-05-31 95568]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2010-05-31 152320]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2010-05-31 51688]
R3 mfefirek;McAfee Inc. mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [2010-05-31 312616]
R3 mfendiskmp;mfendiskmp; C:\WINDOWS\system32\DRIVERS\mfendisk.sys [2010-05-31 88480]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2003-01-15 28164]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 P16X;Creative SB Live! Series (WDM); C:\WINDOWS\system32\drivers\P16X.sys [2002-08-30 1293440]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-11-08 21760]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-01-18 26496]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-08-29 5888]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\System32\DRIVERS\wanatw4.sys [2003-01-10 33588]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2002-06-30 594832]
S0 IPVNMon;Visual NDMonitor; C:\WINDOWS\system32\drivers\IPVNMon.sys [2002-03-18 98108]
S1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-13 42752]
S3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys []
S3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 hidgame;Microsoft Hid to Joystick Port Enabler; C:\WINDOWS\System32\DRIVERS\hidgame.sys [2001-08-17 8576]
S3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
S3 i81x;i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [2004-08-04 161020]
S3 iAimFP0;iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [2004-08-04 12415]
S3 iAimFP1;iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [2004-08-04 12127]
S3 iAimFP2;iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [2004-08-04 11775]
S3 iAimFP3;iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [2004-08-04 12063]
S3 iAimFP4;iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [2004-08-04 19455]
S3 iAimTV0;iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [2004-08-04 29311]
S3 iAimTV1;iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [2004-08-04 19551]
S3 iAimTV2;iAimTV2; C:\WINDOWS\System32\DRIVERS\wATV03nt.sys []
S3 iAimTV3;iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [2004-08-04 33599]
S3 iAimTV4;iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [2004-08-04 23615]
S3 mfeavfk01;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk01.sys []
S3 mfendisk;McAfee Core NDIS Intermediate Filter; C:\WINDOWS\system32\DRIVERS\mfendisk.sys [2010-05-31 88480]
S3 mferkdet;McAfee Inc. mferkdet; C:\WINDOWS\system32\drivers\mferkdet.sys [2010-05-31 83496]
S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2002-04-10 29638]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 NMSCFG;NIC Management Service Configuration Driver; \??\C:\WINDOWS\System32\drivers\NMSCFG.SYS []
S3 RimUsb;BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys [2008-05-20 22784]
S3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
S3 USB_RNDIS_XP;Westell WireSpeed Dual Connect Modem; C:\WINDOWS\System32\DRIVERS\usb8023.sys [2008-04-13 12800]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\System32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\System32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe [2006-10-23 46640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-07-09 106496]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\System32\CTsvcCDA.exe [1999-12-13 44032]
R2 ewido anti-spyware 4.0 guard;ewido anti-spyware 4.0 guard; C:\Program Files\ewido anti-spyware 4.0\guard.exe [2006-06-16 172032]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-08-03 153376]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2010-03-17 319488]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
R2 mcmscsvc;McAfee Services; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 271480]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 271480]
R2 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 271480]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 271480]
R2 McShield;McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2010-05-31 170144]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-05-31 188136]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-05-31 141792]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 WANMiniportService;WAN Miniport (ATW) Service; C:\WINDOWS\wanmpsvc.exe [2003-08-27 65536]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [2000-06-26 53520]
S2 0103371284341124mcinstcleanup;McAfee Application Installer Cleanup (0103371284341124); C:\DOCUME~1\PAULGR~1\LOCALS~1\Temp\010337~1.EXE [2010-04-28 820488]
S2 AOLService;AOL Spyware Protection Service; C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe []
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-02 135664]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-12-06 362992]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2008-06-26 313840]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2008-06-26 170480]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 awhost32;Symantec pcAnywhere Host Service; C:\Program Files\Symantec\pcAnywhere\awhost32.exe [2006-04-25 106496]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-07 76848]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-03 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-10 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2007-07-10 501048]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-01-19 2041536]
S3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2010-04-15 364216]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2005-01-26 53337]
S3 NMSSvc;Intel(R) NMS; C:\WINDOWS\System32\NMSSvc.exe [2002-05-03 1118208]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2005-01-26 53337]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-12-06 88560]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2008-06-26 1108464]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2005-01-26 69718]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 AutoSyncService;Memeo AutoSync ; C:\Program Files\Memeo\AutoSync\MemeoService.exe [2007-07-06 31768]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
HerrLugner
Regular Member
 
Posts: 69
Joined: September 5th, 2006, 10:23 pm

Re: Problems not completely gone

Unread postby HerrLugner » September 13th, 2010, 7:04 am

Logfile of random's system information tool 1.08 (written by random/random)
Run by Paul Graf at 2010-09-13 07:01:42
Microsoft Windows XP Professional Service Pack 3
System drive C: has 55 GB (48%) free of 114 GB
Total RAM: 511 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:01:57 AM, on 9/13/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\1148647217\ee\AOLSoftware.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\NoAds\NoAds.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
C:\PROGRA~1\COMMON~1\McAfee\MSC\McUICnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Common Files\AOL\1148647217\ee\aolsoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Paul Graf\My Documents\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Paul Graf.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1148647217\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [NoAds] "C:\Program Files\NoAds\NoAds.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O16 - DPF: 6th Street Omaha Poker by pogo - http://game1.pogo.com/applet-6.6.4.21/o ... -en_US.cab
O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.6.4.29/a ... -en_US.cab
O16 - DPF: Ali Baba Slots TM by pogo - http://game1.pogo.com/applet-6.6.2.21/s ... -en_US.cab
O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-6.3.3.27/b ... assets.cab
O16 - DPF: Battle Phlinx by pogo - http://game1.pogo.com/applet-6.4.0.34/b ... assets.cab
O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.6.0.34/b ... -en_US.cab
O16 - DPF: Bowling by pogo - http://game1.pogo.com/applet-6.6.4.29/b ... -en_US.cab
O16 - DPF: Bump by pogo - http://www.pogo.com/applet-6.5.2.33/bump/bump-en_US.cab
O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.5.4.34/c ... -en_US.cab
O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-6.5.3.37/c ... -en_US.cab
O16 - DPF: Chess by pogo - http://game1.pogo.com/applet-6.5.4.27/c ... -en_US.cab
O16 - DPF: Cribbage by pogo - http://game1.pogo.com/applet-6.5.5.36/c ... -en_US.cab
O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.6.2.21/c ... -en_US.cab
O16 - DPF: Dominoes by pogo - http://game1.pogo.com/applet-6.6.4.29/d ... -en_US.cab
O16 - DPF: Double Deuce Poker by pogo - http://game1.pogo.com/applet-6.4.0.34/v ... assets.cab
O16 - DPF: Euchre by pogo - http://game1.pogo.com/applet-6.6.0.27/e ... -en_US.cab
O16 - DPF: First Class Solitaire by pogo - http://game1.pogo.com/applet-6.6.2.21/f ... -en_US.cab
O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.6.2.21/s ... -en_US.cab
O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/applet-6.6.3.34/h ... -en_US.cab
O16 - DPF: Hearts by pogo - http://game1.pogo.com/applet-6.6.4.29/h ... -en_US.cab
O16 - DPF: High Stakes Poker by pogo - http://game1.pogo.com/applet-6.5.4.27/d ... -en_US.cab
O16 - DPF: High Stakes Pool by pogo - http://game1.pogo.com/applet-6.4.4.34/p ... assets.cab
O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-6.6.2.21/j ... -en_US.cab
O16 - DPF: Jokers Wild Poker by pogo - http://game1.pogo.com/applet-6.6.0.34/v ... -en_US.cab
O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.6.2.35/gin/gin-en_US.cab
O16 - DPF: Keno by pogo - http://game1.pogo.com/applet-6.6.0.34/k ... -en_US.cab
O16 - DPF: Lost Temple Poker by pogo - http://game1.pogo.com/applet-6.6.3.34/m ... -en_US.cab
O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.6.4.21/l ... -en_US.cab
O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.5.2.33/m ... -en_US.cab
O16 - DPF: Multiline Slots by pogo - http://game1.pogo.com/applet-6.4.4.34/m ... assets.cab
O16 - DPF: Pai Gow by pogo - http://game1.pogo.com/applet-6.4.4.34/p ... assets.cab
O16 - DPF: Payday FreeCell by pogo - http://game1.pogo.com/applet-6.5.3.37/f ... -en_US.cab
O16 - DPF: Penguin Blocks by pogo - http://game1.pogo.com/applet-6.6.3.34/p ... -en_US.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://game1.pogo.com/applet-6.6.0.27/w ... -en_US.cab
O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.6.1.37/f ... -en_US.cab
O16 - DPF: Pinochle by pogo - http://game1.pogo.com/applet-6.6.3.34/p ... -en_US.cab
O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.5.3.44/p ... -en_US.cab
O16 - DPF: PoppaZoppa by pogo - http://game1.pogo.com/applet-6.6.4.21/p ... -en_US.cab
O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.6.4.21/p ... -en_US.cab
O16 - DPF: Quick Quack by pogo - http://game1.pogo.com/applet-6.6.4.21/h ... -en_US.cab
O16 - DPF: Quick Shot by pogo - http://game1.pogo.com/applet-6.6.3.34/q ... -en_US.cab
O16 - DPF: QWERTY by pogo - http://game1.pogo.com/applet-6.6.2.35/s ... -en_US.cab
O16 - DPF: Ride The Tide by pogo - http://game1.pogo.com/applet-6.5.3.37/r ... -en_US.cab
O16 - DPF: SciFi Slots by pogo - http://game1.pogo.com/applet-6.6.1.37/s ... -en_US.cab
O16 - DPF: Showbiz Slots 2 by pogo - http://game1.pogo.com/applet-6.4.3.28/s ... assets.cab
O16 - DPF: Shuffle Bump by pogo - http://game1.pogo.com/applet-6.6.4.29/p ... -en_US.cab
O16 - DPF: Spades 2 by pogo - http://game1.pogo.com/applet-6.6.1.29/s ... -en_US.cab
O16 - DPF: Spider Solitaire by pogo - http://game1.pogo.com/applet-6.6.2.21/s ... -en_US.cab
O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.6.4.21/s ... -en_US.cab
O16 - DPF: Stax by pogo - http://game1.pogo.com/applet-6.6.4.21/s ... -en_US.cab
O16 - DPF: Stellar Sweeper by pogo - http://game1.pogo.com/applet-6.5.5.36/s ... -en_US.cab
O16 - DPF: Sweet Tooth TM by pogo - http://game1.pogo.com/applet-6.6.2.21/s ... -en_US.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://game1.pogo.com/applet-6.5.1.24/h ... -en_US.cab
O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.6.4.21/p ... -en_US.cab
O16 - DPF: Tumble Bees by pogo - http://game1.pogo.com/applet-6.6.2.21/j ... -en_US.cab
O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.5.1.24/t ... -en_US.cab
O16 - DPF: Video Poker by pogo - http://game1.pogo.com/applet-6.4.0.41/v ... assets.cab
O16 - DPF: Wonderland Memories by pogo - http://game1.pogo.com/applet-6.6.4.21/m ... -en_US.cab
O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.6.4.21/w ... -en_US.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.6.3.34/w ... -en_US.cab
O16 - DPF: WordJong by pogo - http://game1.pogo.com/applet-6.6.1.29/w ... -en_US.cab
O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.6.3.34/w ... -en_US.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/c ... /tt3_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/c ... jst4_x.cab
O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/games/c ... pyt1_x.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mci ... insctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcg ... cgdmgr.cab
O23 - Service: McAfee Application Installer Cleanup (0103371284341124) (0103371284341124mcinstcleanup) - McAfee, Inc. - C:\DOCUME~1\PAULGR~1\LOCALS~1\Temp\010337~1.EXE
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 17788 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\progra~1\mcafee\msk\mskapbho.dll [2010-05-03 245272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27 349576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-03 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27 349576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27 349576]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HostManager"=C:\Program Files\Common Files\AOL\1148647217\ee\AOLSoftware.exe [2007-10-08 41824]
"Verizon_McciTrayApp"=C:\Program Files\Verizon\McciTrayApp.exe [2010-03-17 1565696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
""= []
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2008-06-26 236016]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-19 35760]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"WinPatrol"=C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [2010-05-31 323976]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2010-07-01 1193848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NoAds"=C:\Program Files\NoAds\NoAds.exe [2004-03-04 122880]
"DellSupport"=C:\Program Files\DellSupport\DSAgnt.exe [2007-03-15 460784]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\PCANotify]
C:\WINDOWS\system32\PCANotify.dll [2006-04-25 8704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll [2006-06-16 73728]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\klmdb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\klmdb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=323
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Yahoo!\Messenger\YPager.exe"="C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL Connectivity Service"
"C:\Program Files\Common Files\AOL\1148647217\ee\aolsoftware.exe"="C:\Program Files\Common Files\AOL\1148647217\ee\aolsoftware.exe:*:Enabled:AOL Shared Components"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe"="C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\Common Files\AOL\System Information\sinf.exe"="C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information"
"C:\ani\winvnc.exe"="C:\ani\winvnc.exe:*:Enabled:VNC server for Win32"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe"="C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-09-13 07:01:42 ----D---- C:\rsit
2010-09-12 21:24:53 ----D---- C:\WINDOWS\LastGood
2010-09-07 17:00:41 ----A---- C:\WINDOWS\system32\drivers\mfeclnk.sys
2010-09-07 17:00:16 ----A---- C:\WINDOWS\system32\drivers\mfetdi2k.sys
2010-09-07 17:00:16 ----A---- C:\WINDOWS\system32\drivers\mferkdet.sys
2010-09-07 17:00:16 ----A---- C:\WINDOWS\system32\drivers\mfendisk.sys
2010-09-07 17:00:15 ----A---- C:\WINDOWS\system32\drivers\mfehidk.sys
2010-09-07 17:00:15 ----A---- C:\WINDOWS\system32\drivers\mfefirek.sys
2010-09-07 17:00:15 ----A---- C:\WINDOWS\system32\drivers\mfebopk.sys
2010-09-07 17:00:14 ----A---- C:\WINDOWS\system32\drivers\mfeavfk.sys
2010-09-07 17:00:14 ----A---- C:\WINDOWS\system32\drivers\mfeapfk.sys
2010-09-07 17:00:14 ----A---- C:\WINDOWS\system32\drivers\cfwids.sys

======List of files/folders modified in the last 1 months======

2010-09-13 07:01:58 ----D---- C:\WINDOWS\Prefetch
2010-09-13 06:59:27 ----D---- C:\Program Files\Panda Security
2010-09-13 06:59:25 ----D---- C:\WINDOWS\system32\DRIVERS
2010-09-13 06:58:46 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2010-09-13 06:58:45 ----D---- C:\Program Files
2010-09-13 06:57:21 ----D---- C:\WINDOWS\SYSTEM32
2010-09-13 06:49:29 ----D---- C:\WINDOWS\Temp
2010-09-13 06:25:36 ----D---- C:\Program Files\Mozilla Firefox
2010-09-12 21:32:16 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-09-12 21:32:13 ----D---- C:\WINDOWS
2010-09-12 21:25:21 ----HD---- C:\WINDOWS\INF
2010-09-12 21:25:01 ----D---- C:\Program Files\McAfee
2010-09-12 18:26:06 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-11 19:45:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-10 22:59:18 ----A---- C:\WINDOWS\ModemLog_Conexant HSF V92 56K RTAD Speakerphone PCI Modem.txt
2010-09-10 22:58:35 ----A---- C:\WINDOWS\ModemLog_Standard Modem.txt
2010-09-08 16:51:25 ----D---- C:\Program Files\McAfee.com
2010-09-07 18:07:23 ----D---- C:\Program Files\Common Files\McAfee
2010-09-07 16:59:30 ----SD---- C:\WINDOWS\Tasks
2010-08-26 22:59:52 ----D---- C:\WINDOWS\system32\FxsTmp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 Gernuwa;Gernuwa; C:\WINDOWS\system32\drivers\Gernuwa.sys [2003-04-21 13898]
R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2010-05-31 385880]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [2007-05-01 43528]
R0x01000000 papycpu2;papycpu2; C:\WINDOWS\System32\DRIVERS\papycpu2.sys [2003-01-17 1984]
R0x01000000 papyjoy;papyjoy; C:\WINDOWS\System32\DRIVERS\papyjoy.sys [2003-01-17 1856]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-10-07 35840]
R1 AW_HOST;AW_HOST; C:\WINDOWS\system32\drivers\aw_host5.sys [2005-11-21 11008]
R1 awecho;awecho; C:\WINDOWS\system32\drivers\awechomd.sys [2005-10-10 7552]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2007-02-02 9336]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2007-02-02 9464]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2002-04-10 236032]
R1 ewido anti-spyware 4.0 driver;ewido anti-spyware 4.0 driver; \??\C:\Program Files\ewido anti-spyware 4.0\guard.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 mfetdi2k;McAfee Inc. mfetdi2k; C:\WINDOWS\system32\drivers\mfetdi2k.sys [2010-05-31 82952]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\System32\DRIVERS\omci.sys [2002-07-19 17153]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2002-04-10 117898]
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2002-04-10 206336]
R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2003-01-15 8552]
R2 dsunidrv;DellSupport UniDriver; C:\WINDOWS\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376]
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2002-06-21 8224]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2001-10-22 9855]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\System32\PfModNT.sys []
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
R2 SpeakerPhone;SpeakerPhone; C:\WINDOWS\System32\DRIVERS\HSF_SPKP.sys [2001-08-17 73279]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\System32\drivers\tmcomm.sys []
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
R3 cfwids;McAfee Inc. cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [2010-05-31 55456]
R3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys []
R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2002-04-10 24554]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2002-04-30 139776]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2002-06-30 1172416]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [2002-06-30 167155]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\WINDOWS\system32\drivers\mfeapfk.sys [2010-05-31 95568]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2010-05-31 152320]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2010-05-31 51688]
R3 mfefirek;McAfee Inc. mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [2010-05-31 312616]
R3 mfendiskmp;mfendiskmp; C:\WINDOWS\system32\DRIVERS\mfendisk.sys [2010-05-31 88480]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2003-01-15 28164]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 P16X;Creative SB Live! Series (WDM); C:\WINDOWS\system32\drivers\P16X.sys [2002-08-30 1293440]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-11-08 21760]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-01-18 26496]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-08-29 5888]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\System32\DRIVERS\wanatw4.sys [2003-01-10 33588]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2002-06-30 594832]
S0 IPVNMon;Visual NDMonitor; C:\WINDOWS\system32\drivers\IPVNMon.sys [2002-03-18 98108]
S1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-13 42752]
S3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys []
S3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 hidgame;Microsoft Hid to Joystick Port Enabler; C:\WINDOWS\System32\DRIVERS\hidgame.sys [2001-08-17 8576]
S3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
S3 i81x;i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [2004-08-04 161020]
S3 iAimFP0;iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [2004-08-04 12415]
S3 iAimFP1;iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [2004-08-04 12127]
S3 iAimFP2;iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [2004-08-04 11775]
S3 iAimFP3;iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [2004-08-04 12063]
S3 iAimFP4;iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [2004-08-04 19455]
S3 iAimTV0;iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [2004-08-04 29311]
S3 iAimTV1;iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [2004-08-04 19551]
S3 iAimTV2;iAimTV2; C:\WINDOWS\System32\DRIVERS\wATV03nt.sys []
S3 iAimTV3;iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [2004-08-04 33599]
S3 iAimTV4;iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [2004-08-04 23615]
S3 mfeavfk01;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk01.sys []
S3 mfendisk;McAfee Core NDIS Intermediate Filter; C:\WINDOWS\system32\DRIVERS\mfendisk.sys [2010-05-31 88480]
S3 mferkdet;McAfee Inc. mferkdet; C:\WINDOWS\system32\drivers\mferkdet.sys [2010-05-31 83496]
S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2002-04-10 29638]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 NMSCFG;NIC Management Service Configuration Driver; \??\C:\WINDOWS\System32\drivers\NMSCFG.SYS []
S3 RimUsb;BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys [2008-05-20 22784]
S3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
S3 USB_RNDIS_XP;Westell WireSpeed Dual Connect Modem; C:\WINDOWS\System32\DRIVERS\usb8023.sys [2008-04-13 12800]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\System32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\System32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe [2006-10-23 46640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-07-09 106496]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\System32\CTsvcCDA.exe [1999-12-13 44032]
R2 ewido anti-spyware 4.0 guard;ewido anti-spyware 4.0 guard; C:\Program Files\ewido anti-spyware 4.0\guard.exe [2006-06-16 172032]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-08-03 153376]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2010-03-17 319488]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
R2 mcmscsvc;McAfee Services; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 271480]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 271480]
R2 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 271480]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 271480]
R2 McShield;McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2010-05-31 170144]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-05-31 188136]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-05-31 141792]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 WANMiniportService;WAN Miniport (ATW) Service; C:\WINDOWS\wanmpsvc.exe [2003-08-27 65536]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [2000-06-26 53520]
S2 0103371284341124mcinstcleanup;McAfee Application Installer Cleanup (0103371284341124); C:\DOCUME~1\PAULGR~1\LOCALS~1\Temp\010337~1.EXE [2010-04-28 820488]
S2 AOLService;AOL Spyware Protection Service; C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe []
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-02 135664]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-12-06 362992]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2008-06-26 313840]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2008-06-26 170480]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 awhost32;Symantec pcAnywhere Host Service; C:\Program Files\Symantec\pcAnywhere\awhost32.exe [2006-04-25 106496]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-07 76848]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-03 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-10 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2007-07-10 501048]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-01-19 2041536]
S3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2010-04-15 364216]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2005-01-26 53337]
S3 NMSSvc;Intel(R) NMS; C:\WINDOWS\System32\NMSSvc.exe [2002-05-03 1118208]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2005-01-26 53337]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-12-06 88560]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2008-06-26 1108464]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2005-01-26 69718]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 AutoSyncService;Memeo AutoSync ; C:\Program Files\Memeo\AutoSync\MemeoService.exe [2007-07-06 31768]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
HerrLugner
Regular Member
 
Posts: 69
Joined: September 5th, 2006, 10:23 pm

Re: Problems not completely gone

Unread postby muppy03 » September 13th, 2010, 7:08 am

HerrLugner wrote:Muppy,

I use PCAnywhere for work - is it necessary to remove it?

Paul


No not necessary at all you can leave them.

Do you use this computer for business purposes then?
User avatar
muppy03
MRU Emeritus
MRU Emeritus
 
Posts: 4798
Joined: December 4th, 2007, 5:30 am
Location: Australia

Re: Problems not completely gone

Unread postby HerrLugner » September 13th, 2010, 8:55 am

The computer is only used for business purposes in an emergency. The PCAnywhere is used to access my office computer from home.
HerrLugner
Regular Member
 
Posts: 69
Joined: September 5th, 2006, 10:23 pm

Re: Problems not completely gone

Unread postby muppy03 » September 13th, 2010, 4:57 pm

The computer is only used for business purposes in an emergency. The PCAnywhere is used to access my office computer from home.


Unfortunately with that being said I am going to have to close this thread. Please read this page which quite clearly states our Forum rules regarding working on any kind of machine that is used for any form of business.

With that being said I will point out that your computer is running with Total RAM: 511 MB. This is very low and you would notice better speeds and performance if it was doubled.

This Topic is now closed.
User avatar
muppy03
MRU Emeritus
MRU Emeritus
 
Posts: 4798
Joined: December 4th, 2007, 5:30 am
Location: Australia
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 293 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware