thank you for your help. Here is the info.
Malwarebytes Results
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:03:54 PM, on 8/26/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\ehome\RMSvc.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Documents and Settings\Administrator\sccs.exe
C:\Documents and Settings\Administrator\css.exe
C:\Documents and Settings\Administrator\ppxcs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\DesktopX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://google.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Sccs] C:\Documents and Settings\Administrator\sccs.exe
O4 - HKLM\..\Run: [Css] C:\Documents and Settings\Administrator\css.exe
O4 - HKLM\..\Run: [ppxcs] C:\Documents and Settings\Administrator\ppxcs.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DesktopX] "C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\DesktopX.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/microso ... 1016865374O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microso ... 1016857874O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Belkin 54g Wireless USB Network Adapter (Belkin 54g Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
FileLister:
+++++++++++++++++++++++++++++++++
+
+ File Lister
+
+ Version 1.0.4
+
+ By bamajim / bamajim.com
+
+++++++++++++++++++++++++++++++++
Report ran on --->>> 8/26/2008 9:43:15 PM
====== Values under HKLM\~\Run ======
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
"SunKistEM"="C:\\Program Files\\Digital Media Reader\\shwiconem.exe"
@=""
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_05\\bin\\jusched.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"Zune Launcher"="\"c:\\Program Files\\Zune\\ZuneLauncher.exe\""
"Start WingMan Profiler"="C:\\Program Files\\Logitech\\Gaming Software\\LWEMon.exe /noui"
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"NBKeyScan"="\"C:\\Program Files\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
====== Values under HKCU\~\Run ======
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"DesktopX"="\"C:\\PROGRA~1\\Stardock\\OBJECT~1\\DesktopX\\DesktopX.exe\""
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
====== Folders and Files from "%\" and "%\Windows" Created Last 30 Days ======
8/23/2008 10:17:59 AM 243969 32 C:\capture.xcf
8/26/2008 9:43:15 PM 1477 32 C:\Files.txt
8/24/2008 11:45:57 AM 383538146 C:\WINDOWS\$NtServicePackUninstall$
8/24/2008 11:45:57 AM 2496111 C:\WINDOWS\$NtServicePackUninstall$\spuninst
8/24/2008 12:02:24 PM 716133 C:\WINDOWS\$NtUninstallKB946648$
8/24/2008 12:02:24 PM 620758 C:\WINDOWS\$NtUninstallKB946648$\spuninst
8/15/2008 11:49:12 PM 709027 C:\WINDOWS\$NtUninstallKB946648_0$
8/15/2008 11:49:12 PM 626083 C:\WINDOWS\$NtUninstallKB946648_0$\spuninst
8/24/2008 12:02:33 PM 836165 C:\WINDOWS\$NtUninstallKB950762$
8/24/2008 12:02:33 PM 621110 C:\WINDOWS\$NtUninstallKB950762$\spuninst
8/24/2008 12:02:40 PM 879711 C:\WINDOWS\$NtUninstallKB950974$
8/24/2008 12:02:40 PM 621008 C:\WINDOWS\$NtUninstallKB950974$\spuninst
8/15/2008 11:49:00 PM 869416 C:\WINDOWS\$NtUninstallKB950974_0$
8/15/2008 11:49:00 PM 626216 C:\WINDOWS\$NtUninstallKB950974_0$\spuninst
8/24/2008 12:02:46 PM 1325193 C:\WINDOWS\$NtUninstallKB951066$
8/24/2008 12:02:46 PM 621050 C:\WINDOWS\$NtUninstallKB951066$\spuninst
8/15/2008 11:46:55 PM 1309725 C:\WINDOWS\$NtUninstallKB951066_0$
8/15/2008 11:46:55 PM 626205 C:\WINDOWS\$NtUninstallKB951066_0$\spuninst
8/15/2008 11:47:38 PM 687462 C:\WINDOWS\$NtUninstallKB951072-v2$
8/15/2008 11:47:38 PM 627046 C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst
8/24/2008 12:02:55 PM 906901 C:\WINDOWS\$NtUninstallKB951376$
8/24/2008 12:02:55 PM 621446 C:\WINDOWS\$NtUninstallKB951376$\spuninst
8/24/2008 12:03:01 PM 906192 C:\WINDOWS\$NtUninstallKB951376-v2$
8/24/2008 12:03:01 PM 621633 C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst
8/24/2008 12:03:08 PM 1921659 C:\WINDOWS\$NtUninstallKB951698$
8/24/2008 12:03:08 PM 621036 C:\WINDOWS\$NtUninstallKB951698$\spuninst
8/24/2008 12:03:17 PM 1759770 C:\WINDOWS\$NtUninstallKB951748$
8/24/2008 12:03:17 PM 622649 C:\WINDOWS\$NtUninstallKB951748$\spuninst
8/25/2008 7:34:15 PM 2446240 C:\WINDOWS\$NtUninstallKB951978$
8/25/2008 7:34:15 PM 627616 C:\WINDOWS\$NtUninstallKB951978$\spuninst
8/24/2008 12:03:27 PM 965446 C:\WINDOWS\$NtUninstallKB952287$
8/24/2008 12:03:27 PM 621239 C:\WINDOWS\$NtUninstallKB952287$\spuninst
8/15/2008 11:47:31 PM 958102 C:\WINDOWS\$NtUninstallKB952287_0$
8/15/2008 11:47:31 PM 626326 C:\WINDOWS\$NtUninstallKB952287_0$\spuninst
8/24/2008 12:03:42 PM 707188 C:\WINDOWS\$NtUninstallKB952954$
8/24/2008 12:03:42 PM 621029 C:\WINDOWS\$NtUninstallKB952954$\spuninst
8/15/2008 11:49:18 PM 700639 C:\WINDOWS\$NtUninstallKB952954_0$
8/15/2008 11:49:18 PM 626399 C:\WINDOWS\$NtUninstallKB952954_0$\spuninst
8/15/2008 11:49:06 PM 714769 C:\WINDOWS\$NtUninstallKB953839$
8/15/2008 11:49:06 PM 624657 C:\WINDOWS\$NtUninstallKB953839$\spuninst
8/24/2008 11:55:08 AM 46127 C:\WINDOWS\l2schemas
8/25/2008 8:50:17 AM 0 C:\WINDOWS\LastGood
8/25/2008 8:50:17 AM 0 C:\WINDOWS\LastGood\INF
8/24/2008 12:11:31 PM 3436274 C:\WINDOWS\Prefetch
8/24/2008 11:52:44 AM 595270300 C:\WINDOWS\ServicePackFiles
8/24/2008 11:52:44 AM 592135051 C:\WINDOWS\ServicePackFiles\i386
8/24/2008 11:54:59 AM 49218301 C:\WINDOWS\ServicePackFiles\i386\lang
8/24/2008 11:55:34 AM 3135249 C:\WINDOWS\ServicePackFiles\ServicePackCache
8/24/2008 11:55:34 AM 3135249 C:\WINDOWS\ServicePackFiles\ServicePackCache\i386
8/25/2008 9:19:37 PM 0 32 C:\WINDOWS\0.log
8/24/2008 11:36:10 AM 19569 32 C:\WINDOWS\002954_.tmp
8/25/2008 7:34:31 PM 2059 32 C:\WINDOWS\comsetup.log
8/25/2008 7:34:33 PM 338 32 C:\WINDOWS\ehOCGen.log
8/25/2008 7:34:30 PM 6183 32 C:\WINDOWS\FaxSetup.log
8/25/2008 7:34:31 PM 6725 32 C:\WINDOWS\iis6.log
8/25/2008 7:34:32 PM 1374 32 C:\WINDOWS\imsins.log
7/27/2008 3:38:31 PM 52736 32 C:\WINDOWS\ipuninst.exe
8/18/2008 9:25:44 PM 0 32 C:\WINDOWS\Irremote.ini
8/25/2008 8:50:16 AM 22143 32 C:\WINDOWS\KB951978.log
8/25/2008 7:34:33 PM 430 32 C:\WINDOWS\MedCtrOC.log
8/25/2008 7:34:32 PM 309 32 C:\WINDOWS\msgsocm.log
8/25/2008 7:34:32 PM 1906 32 C:\WINDOWS\msmqinst.log
8/25/2008 7:34:34 PM 1083 32 C:\WINDOWS\netfxocm.log
8/25/2008 7:34:32 PM 1248 32 C:\WINDOWS\ntdtcsetup.log
8/25/2008 7:34:30 PM 2956 32 C:\WINDOWS\ocgen.log
8/25/2008 7:34:34 PM 342 32 C:\WINDOWS\ocmsn.log
8/25/2008 7:34:34 PM 689 32 C:\WINDOWS\plusoc.log
8/25/2008 7:34:31 PM 0 32 C:\WINDOWS\setupact.log
8/26/2008 2:58:34 PM 43777 32 C:\WINDOWS\setupapi.log
8/25/2008 7:34:31 PM 0 32 C:\WINDOWS\setuperr.log
8/24/2008 11:38:08 AM 32866 0 C:\WINDOWS\slrundll.exe
8/25/2008 7:34:33 PM 311 32 C:\WINDOWS\tabletoc.log
8/25/2008 7:34:32 PM 2821 32 C:\WINDOWS\tsoc.log
8/25/2008 7:34:18 PM 827 32 C:\WINDOWS\updspapi.log
8/18/2008 9:22:03 PM 0 C:\WINDOWS\system32\appmgmt
8/18/2008 9:22:03 PM 0 C:\WINDOWS\system32\appmgmt\MACHINE
8/18/2008 9:22:03 PM 0 C:\WINDOWS\system32\appmgmt\S-1-5-21-865472012-2122245555-603841189-500
8/24/2008 11:55:07 AM 409088 C:\WINDOWS\system32\bits
8/24/2008 11:55:07 AM 76288 C:\WINDOWS\system32\en
8/24/2008 11:55:08 AM 83456 C:\WINDOWS\system32\scripting
8/24/2008 11:34:41 AM 136192 0 C:\WINDOWS\system32\aaclient.dll
8/24/2008 11:34:50 AM 377984 0 C:\WINDOWS\system32\ati2dvaa.dll
8/24/2008 11:34:51 AM 870784 0 C:\WINDOWS\system32\ati3d1ag.dll
8/24/2008 11:34:52 AM 9728 0 C:\WINDOWS\system32\ativdaxx.ax
8/24/2008 11:34:52 AM 23040 0 C:\WINDOWS\system32\ativmvxx.ax
8/24/2008 11:34:52 AM 32768 0 C:\WINDOWS\system32\ativtmxx.dll
8/24/2008 11:34:54 AM 233472 0 C:\WINDOWS\system32\azroles.dll
8/24/2008 11:34:54 AM 7168 0 C:\WINDOWS\system32\bitsprx4.dll
8/24/2008 11:36:26 AM 9728 0 C:\WINDOWS\system32\comsdupd.exe
8/24/2008 11:35:08 AM 12800 0 C:\WINDOWS\system32\credssp.dll
8/24/2008 11:35:41 AM 48640 0 C:\WINDOWS\system32\dhcpqec.dll
8/24/2008 11:35:45 AM 19456 0 C:\WINDOWS\system32\dimsntfy.dll
8/24/2008 11:35:45 AM 39936 0 C:\WINDOWS\system32\dimsroam.dll
8/24/2008 11:35:53 AM 26112 0 C:\WINDOWS\system32\dot3api.dll
8/24/2008 11:35:53 AM 57856 0 C:\WINDOWS\system32\dot3cfg.dll
8/24/2008 11:35:53 AM 9216 0 C:\WINDOWS\system32\dot3dlg.dll
8/24/2008 11:35:53 AM 39936 0 C:\WINDOWS\system32\dot3gpclnt.dll
8/24/2008 11:35:54 AM 56320 0 C:\WINDOWS\system32\dot3msm.dll
8/24/2008 11:35:54 AM 132096 0 C:\WINDOWS\system32\dot3svc.dll
8/24/2008 11:35:55 AM 650752 0 C:\WINDOWS\system32\dot3ui.dll
8/24/2008 11:36:06 AM 30720 0 C:\WINDOWS\system32\eapolqec.dll
8/24/2008 11:36:06 AM 184832 0 C:\WINDOWS\system32\eapp3hst.dll
8/24/2008 11:36:06 AM 126976 0 C:\WINDOWS\system32\eappcfg.dll
8/24/2008 11:36:06 AM 94208 0 C:\WINDOWS\system32\eappgnui.dll
8/24/2008 11:36:06 AM 180224 0 C:\WINDOWS\system32\eapphost.dll
8/24/2008 11:36:06 AM 40960 0 C:\WINDOWS\system32\eappprxy.dll
8/24/2008 11:36:06 AM 59392 0 C:\WINDOWS\system32\eapqec.dll
8/24/2008 11:36:06 AM 33792 0 C:\WINDOWS\system32\eapsvc.dll
8/24/2008 11:36:10 AM 20992 0 C:\WINDOWS\system32\faxpatch.exe
8/24/2008 11:36:19 AM 32285 0 C:\WINDOWS\system32\hsfcisp2.dll
8/24/2008 11:36:47 AM 6144 0 C:\WINDOWS\system32\kbdbhc.dll
8/24/2008 11:36:48 AM 6144 0 C:\WINDOWS\system32\kbdiultn.dll
8/24/2008 11:36:48 AM 6144 0 C:\WINDOWS\system32\kbdnepr.dll
8/24/2008 11:36:49 AM 6144 0 C:\WINDOWS\system32\kbdpash.dll
8/24/2008 11:36:49 AM 61440 0 C:\WINDOWS\system32\kmsvc.dll
8/24/2008 11:36:50 AM 37376 0 C:\WINDOWS\system32\l2gpstore.dll
8/24/2008 11:37:07 AM 184320 0 C:\WINDOWS\system32\microsoft.managementconsole.dll
8/24/2008 11:37:08 AM 397312 0 C:\WINDOWS\system32\mmcex.dll
8/24/2008 11:37:08 AM 106496 0 C:\WINDOWS\system32\mmcfxcommon.dll
8/24/2008 11:37:08 AM 33792 0 C:\WINDOWS\system32\mmcperf.exe
8/24/2008 11:37:30 AM 155136 0 C:\WINDOWS\system32\mssha.dll
8/24/2008 11:37:30 AM 76800 0 C:\WINDOWS\system32\msshavmsg.dll
8/3/2008 11:33:55 AM 25088 32 C:\WINDOWS\system32\msxml3a.dll
8/24/2008 11:37:33 AM 1306624 0 C:\WINDOWS\system32\msxml6.dll
8/24/2008 11:37:33 AM 79872 0 C:\WINDOWS\system32\msxml6r.dll
8/24/2008 11:37:34 AM 1737856 0 C:\WINDOWS\system32\mtxparhd.dll
8/24/2008 11:37:34 AM 30208 0 C:\WINDOWS\system32\napipsec.dll
8/24/2008 11:37:34 AM 193024 0 C:\WINDOWS\system32\napmontr.dll
8/24/2008 11:37:34 AM 176640 0 C:\WINDOWS\system32\napstat.exe
8/24/2008 11:01:59 AM 774144 32 C:\WINDOWS\system32\NEROINSTAEC43759.DB
8/24/2008 11:37:47 AM 144384 0 C:\WINDOWS\system32\onex.dll
8/24/2008 11:37:51 AM 412160 0 C:\WINDOWS\system32\photometadatahandler.dll
8/24/2008 11:36:32 AM 974 0 C:\WINDOWS\system32\pid.inf
8/24/2008 11:37:53 AM 150528 0 C:\WINDOWS\system32\qagent.dll
8/24/2008 11:37:53 AM 291328 0 C:\WINDOWS\system32\qagentrt.dll
8/24/2008 11:37:54 AM 62464 0 C:\WINDOWS\system32\qcliprov.dll
8/24/2008 11:37:55 AM 76800 0 C:\WINDOWS\system32\qutil.dll
8/24/2008 11:37:56 AM 61952 0 C:\WINDOWS\system32\rasqec.dll
8/24/2008 11:37:58 AM 290304 0 C:\WINDOWS\system32\rhttpaa.dll
8/24/2008 11:36:32 AM 9728 0 C:\WINDOWS\system32\rwnh.dll
8/24/2008 11:38:00 AM 397056 0 C:\WINDOWS\system32\s3gnb.dll
8/24/2008 11:38:04 AM 32768 0 C:\WINDOWS\system32\setupn.exe
8/24/2008 11:01:59 AM 1414440 32 C:\WINDOWS\system32\ShellManager310E2D762.dll
8/24/2008 11:38:08 AM 73832 0 C:\WINDOWS\system32\slcoinst.dll
8/24/2008 11:38:08 AM 286792 0 C:\WINDOWS\system32\slextspk.dll
8/24/2008 11:38:08 AM 188508 0 C:\WINDOWS\system32\slgen.dll
8/24/2008 11:38:08 AM 32866 0 C:\WINDOWS\system32\slrundll.exe
8/24/2008 11:38:09 AM 73796 0 C:\WINDOWS\system32\slserv.exe
8/24/2008 11:36:32 AM 10752 0 C:\WINDOWS\system32\smtpapi.dll
8/24/2008 11:38:10 AM 7680 32 C:\WINDOWS\system32\spdwnwxp.exe
8/24/2008 11:38:12 AM 20992 0 C:\WINDOWS\system32\spupdwxp.exe
8/24/2008 12:15:20 PM 90 32 C:\WINDOWS\system32\spupdwxp.log
8/24/2008 11:38:24 AM 53248 0 C:\WINDOWS\system32\tsgqec.dll
8/24/2008 11:38:24 AM 50688 0 C:\WINDOWS\system32\tspkg.dll
8/24/2008 11:38:32 AM 28672 0 C:\WINDOWS\system32\vidcap.ax
8/24/2008 11:38:36 AM 712704 0 C:\WINDOWS\system32\windowscodecs.dll
8/24/2008 11:38:36 AM 346112 0 C:\WINDOWS\system32\windowscodecsext.dll
8/24/2008 11:38:39 AM 69120 0 C:\WINDOWS\system32\wlanapi.dll
8/24/2008 11:38:41 AM 276992 0 C:\WINDOWS\system32\wmphoto.dll
====== Files under "\Administrator\Startup" Last 30 Days======
====== Files under "\All Users\Startup" Last 30 Days======
====== Folders under "\Program Files" Last 30 Days======
7/27/2008 3:36:47 PM 580313664 C:\Program Files\BlackIsle
7/27/2008 3:36:47 PM 580313664 C:\Program Files\BlackIsle\Fallout2
7/27/2008 3:36:47 PM 78536840 C:\Program Files\BlackIsle\Fallout2\data
7/27/2008 3:36:47 PM 0 C:\Program Files\BlackIsle\Fallout2\data\maps
7/27/2008 3:39:01 PM 0 C:\Program Files\BlackIsle\Fallout2\data\proto
7/27/2008 3:39:01 PM 0 C:\Program Files\BlackIsle\Fallout2\data\proto\critters
7/27/2008 3:39:01 PM 0 C:\Program Files\BlackIsle\Fallout2\data\proto\items
7/27/2008 3:59:58 PM 142253 C:\Program Files\BlackIsle\Fallout2\data\SAVEGAME
7/27/2008 3:59:58 PM 142253 C:\Program Files\BlackIsle\Fallout2\data\SAVEGAME\SLOT01
7/27/2008 3:59:58 PM 3058 C:\Program Files\BlackIsle\Fallout2\data\SAVEGAME\SLOT01\proto
7/27/2008 3:59:58 PM 2999 C:\Program Files\BlackIsle\Fallout2\data\SAVEGAME\SLOT01\proto\critters
7/27/2008 3:59:58 PM 59 C:\Program Files\BlackIsle\Fallout2\data\SAVEGAME\SLOT01\proto\items
7/27/2008 3:36:47 PM 78385071 C:\Program Files\BlackIsle\Fallout2\data\sound
7/27/2008 3:36:47 PM 78385071 C:\Program Files\BlackIsle\Fallout2\data\sound\music
7/27/2008 3:36:47 PM 519703 C:\Program Files\BlackIsle\Fallout2\ereg
7/27/2008 3:39:00 PM 0 C:\Program Files\BlackIsle\Fallout2\sound
7/27/2008 3:39:00 PM 0 C:\Program Files\BlackIsle\Fallout2\sound\music
8/19/2008 2:32:55 PM 3863472 C:\Program Files\Malwarebytes' Anti-Malware
8/19/2008 2:32:55 PM 309968 C:\Program Files\Malwarebytes' Anti-Malware\Languages
8/26/2008 2:09:18 PM 71274802 C:\Program Files\Panda Security
8/26/2008 2:09:18 PM 71274802 C:\Program Files\Panda Security\ActiveScan 2.0
8/26/2008 2:58:57 PM 2104716 C:\Program Files\Panda Security\ActiveScan 2.0\psqstore
8/3/2008 11:33:51 AM 20986674 C:\Program Files\Stardock
8/3/2008 11:33:51 AM 20986674 C:\Program Files\Stardock\Object Desktop
8/3/2008 11:33:51 AM 19498355 C:\Program Files\Stardock\Object Desktop\DesktopX
8/3/2008 11:33:53 AM 108730 C:\Program Files\Stardock\Object Desktop\DesktopX\Docs
8/3/2008 11:33:52 AM 377926 C:\Program Files\Stardock\Object Desktop\DesktopX\Lang
8/3/2008 11:33:52 AM 4172 C:\Program Files\Stardock\Object Desktop\DesktopX\Lang\WidgetManager
8/3/2008 11:33:53 AM 3136063 C:\Program Files\Stardock\Object Desktop\DesktopX\Objects
8/23/2008 11:03:43 AM 844174 C:\Program Files\Stardock\Object Desktop\DesktopX\Objects\ThumbsCache
8/3/2008 11:33:53 AM 188108 C:\Program Files\Stardock\Object Desktop\DesktopX\Objects\Tutorials
8/3/2008 11:34:28 AM 0 C:\Program Files\Stardock\Object Desktop\DesktopX\Plugins
8/3/2008 11:33:53 AM 1721347 C:\Program Files\Stardock\Object Desktop\DesktopX\SDPlugins
8/3/2008 11:33:54 AM 3023546 C:\Program Files\Stardock\Object Desktop\DesktopX\Themes
8/3/2008 11:34:30 AM 83160 C:\Program Files\Stardock\Object Desktop\DesktopX\Themes\ThumbsCache
8/3/2008 11:33:55 AM 324966 C:\Program Files\Stardock\Object Desktop\DesktopX\url
8/3/2008 11:33:54 AM 6685184 C:\Program Files\Stardock\Object Desktop\DesktopX\Widgets
8/3/2008 11:33:58 AM 1488319 C:\Program Files\Stardock\Object Desktop\ObjectMedia
8/22/2008 10:55:39 PM 624783 C:\Program Files\Trend Micro
8/22/2008 10:55:39 PM 624783 C:\Program Files\Trend Micro\HijackThis
8/24/2008 11:11:35 AM 219358 C:\Program Files\Trend Micro\HijackThis\backups
====== Files under "\System32\Drivers" Last 30 Days======
8/24/2008 11:34:43 AM 4255 0 C:\WINDOWS\system32\drivers\adv01nt5.dll
8/24/2008 11:34:43 AM 3967 0 C:\WINDOWS\system32\drivers\adv02nt5.dll
8/24/2008 11:34:43 AM 3615 0 C:\WINDOWS\system32\drivers\adv05nt5.dll
8/24/2008 11:34:43 AM 3647 0 C:\WINDOWS\system32\drivers\adv07nt5.dll
8/24/2008 11:34:43 AM 3135 0 C:\WINDOWS\system32\drivers\adv08nt5.dll
8/24/2008 11:34:43 AM 3711 0 C:\WINDOWS\system32\drivers\adv09nt5.dll
8/24/2008 11:34:43 AM 3775 0 C:\WINDOWS\system32\drivers\adv11nt5.dll
8/24/2008 11:34:50 AM 56623 0 C:\WINDOWS\system32\drivers\ati1btxx.sys
8/24/2008 11:34:50 AM 11615 0 C:\WINDOWS\system32\drivers\ati1mdxx.sys
8/24/2008 11:34:50 AM 12047 0 C:\WINDOWS\system32\drivers\ati1pdxx.sys
8/24/2008 11:34:50 AM 30671 0 C:\WINDOWS\system32\drivers\ati1raxx.sys
8/24/2008 11:34:50 AM 63663 0 C:\WINDOWS\system32\drivers\ati1rvxx.sys
8/24/2008 11:34:50 AM 26367 0 C:\WINDOWS\system32\drivers\ati1snxx.sys
8/24/2008 11:34:50 AM 21343 0 C:\WINDOWS\system32\drivers\ati1ttxx.sys
8/24/2008 11:34:50 AM 36463 0 C:\WINDOWS\system32\drivers\ati1tuxx.sys
8/24/2008 11:34:50 AM 29455 0 C:\WINDOWS\system32\drivers\ati1xbxx.sys
8/24/2008 11:34:50 AM 34735 0 C:\WINDOWS\system32\drivers\ati1xsxx.sys
8/24/2008 11:34:51 AM 327040 0 C:\WINDOWS\system32\drivers\ati2mtaa.sys
8/24/2008 11:34:51 AM 57856 0 C:\WINDOWS\system32\drivers\atinbtxx.sys
8/24/2008 11:34:51 AM 13824 0 C:\WINDOWS\system32\drivers\atinmdxx.sys
8/24/2008 11:34:51 AM 14336 0 C:\WINDOWS\system32\drivers\atinpdxx.sys
8/24/2008 11:34:51 AM 52224 0 C:\WINDOWS\system32\drivers\atinraxx.sys
8/24/2008 11:34:51 AM 104960 0 C:\WINDOWS\system32\drivers\atinrvxx.sys
8/24/2008 11:34:51 AM 28672 0 C:\WINDOWS\system32\drivers\atinsnxx.sys
8/24/2008 11:34:51 AM 13824 0 C:\WINDOWS\system32\drivers\atinttxx.sys
8/24/2008 11:34:51 AM 73216 0 C:\WINDOWS\system32\drivers\atintuxx.sys
8/24/2008 11:34:51 AM 31744 0 C:\WINDOWS\system32\drivers\atinxbxx.sys
8/24/2008 11:34:52 AM 63488 0 C:\WINDOWS\system32\drivers\atinxsxx.sys
8/24/2008 11:34:52 AM 64352 0 C:\WINDOWS\system32\drivers\ativmc20.cod
8/24/2008 11:34:52 AM 21183 0 C:\WINDOWS\system32\drivers\atv01nt5.dll
8/24/2008 11:34:52 AM 11359 0 C:\WINDOWS\system32\drivers\atv02nt5.dll
8/24/2008 11:34:52 AM 25471 0 C:\WINDOWS\system32\drivers\atv04nt5.dll
8/24/2008 11:34:53 AM 14143 0 C:\WINDOWS\system32\drivers\atv06nt5.dll
8/24/2008 11:34:53 AM 17279 0 C:\WINDOWS\system32\drivers\atv10nt5.dll
8/24/2008 11:34:55 AM 17024 0 C:\WINDOWS\system32\drivers\bthenum.sys
8/24/2008 11:34:55 AM 37888 0 C:\WINDOWS\system32\drivers\bthmodem.sys
8/24/2008 11:34:55 AM 101120 0 C:\WINDOWS\system32\drivers\bthpan.sys
8/24/2008 11:34:55 AM 36480 0 C:\WINDOWS\system32\drivers\bthprint.sys
8/24/2008 11:34:55 AM 18944 0 C:\WINDOWS\system32\drivers\bthusb.sys
8/24/2008 11:34:57 AM 15423 0 C:\WINDOWS\system32\drivers\ch7xxnt5.dll
8/24/2008 11:35:22 AM 129045 0 C:\WINDOWS\system32\drivers\cxthsfs2.cty
8/24/2008 11:36:15 AM 46464 0 C:\WINDOWS\system32\drivers\gagp30kx.sys
8/24/2008 11:36:17 AM 144384 0 C:\WINDOWS\system32\drivers\hdaudbus.sys
8/24/2008 11:36:18 AM 25600 0 C:\WINDOWS\system32\drivers\hidbth.sys
8/24/2008 11:36:19 AM 220032 0 C:\WINDOWS\system32\drivers\hsfbs2s2.sys
8/24/2008 11:36:19 AM 685056 0 C:\WINDOWS\system32\drivers\hsfcxts2.sys
8/24/2008 11:36:19 AM 1041536 0 C:\WINDOWS\system32\drivers\hsfdpsp2.sys
8/19/2008 2:32:57 PM 17144 32 C:\WINDOWS\system32\drivers\mbam.sys
8/19/2008 2:32:56 PM 38472 32 C:\WINDOWS\system32\drivers\mbamswissarmy.sys
8/24/2008 11:37:33 AM 126686 0 C:\WINDOWS\system32\drivers\mtlmnt5.sys
8/24/2008 11:37:33 AM 1309184 0 C:\WINDOWS\system32\drivers\mtlstrm.sys
8/24/2008 11:37:34 AM 452736 0 C:\WINDOWS\system32\drivers\mtxparhm.sys
8/24/2008 11:37:34 AM 12672 0 C:\WINDOWS\system32\drivers\mutohpen.sys
8/24/2008 11:37:37 AM 67866 0 C:\WINDOWS\system32\drivers\netwlan5.img
8/24/2008 11:37:42 AM 180360 0 C:\WINDOWS\system32\drivers\ntmtlfax.sys
8/26/2008 2:58:46 PM 28544 32 C:\WINDOWS\system32\drivers\pavboot.sys
8/24/2008 11:37:57 AM 13776 0 C:\WINDOWS\system32\drivers\recagent.sys
8/24/2008 11:37:58 AM 59136 0 C:\WINDOWS\system32\drivers\rfcomm.sys
8/24/2008 11:37:59 AM 30592 0 C:\WINDOWS\system32\drivers\rndismpx.sys
8/24/2008 11:38:00 AM 166912 0 C:\WINDOWS\system32\drivers\s3gnbm.sys
8/24/2008 11:38:04 AM 10240 0 C:\WINDOWS\system32\drivers\sffp_mmc.sys
8/24/2008 11:38:07 AM 3901 0 C:\WINDOWS\system32\drivers\siint5.dll
8/24/2008 11:38:08 AM 129535 0 C:\WINDOWS\system32\drivers\slnt7554.sys
8/24/2008 11:38:08 AM 404990 0 C:\WINDOWS\system32\drivers\slntamr.sys
8/24/2008 11:38:08 AM 95424 0 C:\WINDOWS\system32\drivers\slnthal.sys
8/24/2008 11:38:09 AM 13240 0 C:\WINDOWS\system32\drivers\slwdmsup.sys
8/24/2008 11:38:09 AM 5888 0 C:\WINDOWS\system32\drivers\smbali.sys
8/24/2008 11:38:25 AM 44672 0 C:\WINDOWS\system32\drivers\uagp35.sys
8/24/2008 11:38:28 AM 12800 0 C:\WINDOWS\system32\drivers\usb8023x.sys
8/24/2008 11:38:29 AM 121984 0 C:\WINDOWS\system32\drivers\usbvideo.sys
8/24/2008 11:38:31 AM 11325 0 C:\WINDOWS\system32\drivers\vchnt5.dll
8/24/2008 11:38:33 AM 14208 0 C:\WINDOWS\system32\drivers\wacompen.sys
8/24/2008 11:38:33 AM 11807 0 C:\WINDOWS\system32\drivers\wadv07nt.sys
8/24/2008 11:38:33 AM 11295 0 C:\WINDOWS\system32\drivers\wadv08nt.sys
8/24/2008 11:38:33 AM 11871 0 C:\WINDOWS\system32\drivers\wadv09nt.sys
8/24/2008 11:38:33 AM 11935 0 C:\WINDOWS\system32\drivers\wadv11nt.sys
8/24/2008 11:38:33 AM 22271 0 C:\WINDOWS\system32\drivers\watv06nt.sys
8/24/2008 11:38:34 AM 25471 0 C:\WINDOWS\system32\drivers\watv10nt.sys
====== Files under "\User\Local Settings\Temp" Last 30 Days======
8/25/2008 9:21:04 PM 1309 32 C:\Documents and Settings\Administrator\Local Settings\Temp\1.wmz
8/23/2008 11:01:25 AM 1309 32 C:\Documents and Settings\Administrator\Local Settings\Temp\7F.wmz
8/26/2008 8:04:44 PM 24600 34 C:\Documents and Settings\Administrator\Local Settings\Temp\etilqs_yuGo3TXSH8QNZsbkVzk1
8/24/2008 11:32:46 AM 764 32 C:\Documents and Settings\Administrator\Local Settings\Temp\HPZIDS.log
8/26/2008 1:45:49 PM 208 32 C:\Documents and Settings\Administrator\Local Settings\Temp\java_install_reg.log
8/18/2008 9:17:02 PM 2219 32 C:\Documents and Settings\Administrator\Local Settings\Temp\jusched.log
8/26/2008 5:47:22 PM 278 32 C:\Documents and Settings\Administrator\Local Settings\Temp\MSI51378.LOG
8/26/2008 8:32:15 PM 278 32 C:\Documents and Settings\Administrator\Local Settings\Temp\MSIc04f3.LOG
8/26/2008 9:02:59 PM 278 32 C:\Documents and Settings\Administrator\Local Settings\Temp\MSIc04f4.LOG
8/26/2008 9:12:56 PM 278 32 C:\Documents and Settings\Administrator\Local Settings\Temp\MSIc04f5.LOG
8/26/2008 2:08:15 PM 2 32 C:\Documents and Settings\Administrator\Local Settings\Temp\MSIc7754.LOG
8/24/2008 11:57:09 AM 1560 32 C:\Documents and Settings\Administrator\Local Settings\Temp\NetFxUpdate_v1.0.3705.log
8/25/2008 9:21:38 PM 16384 32 C:\Documents and Settings\Administrator\Local Settings\Temp\Perflib_Perfdata_acc.dat
8/26/2008 2:59:30 PM 15511 32 C:\Documents and Settings\Administrator\Local Settings\Temp\PSSysChk.log
8/24/2008 11:57:09 AM 2588 32 C:\Documents and Settings\Administrator\Local Settings\Temp\_NDP_OCM_SetRegNI.log
8/24/2008 11:58:53 AM 8751 32 C:\Documents and Settings\Administrator\Local Settings\Temp\_NDP_OCM_ToGAC.log
8/24/2008 11:06:00 AM 114688 32 C:\Documents and Settings\Administrator\Local Settings\Temp\~DF44A5.tmp
8/24/2008 1:07:24 AM 311296 32 C:\Documents and Settings\Administrator\Local Settings\Temp\~DFDE00.tmp
====== Files and Folders under "All Users\Application Data" Last 30 Days======
8/19/2008 6:28:06 PM 634 C:\Documents and Settings\All Users\Application Data\Ahead
8/19/2008 6:28:06 PM 634 C:\Documents and Settings\All Users\Application Data\Ahead\Nero BackItUp
8/19/2008 6:28:06 PM 634 C:\Documents and Settings\All Users\Application Data\Ahead\Nero BackItUp\Cache
8/19/2008 2:32:55 PM 1006447 C:\Documents and Settings\All Users\Application Data\Malwarebytes
8/19/2008 2:32:55 PM 1006447 C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware
====== Possible Rootkit Scan (Note: Items listed here are not necessarily bad)======
====== Values under HKLM\Software\microsoft\shared tools\msconfig\startupreg ======
====== BHO's under HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects ======
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{9ECB9560-04F9-4bbc-943D-298DDF1699E1}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
====== Services ( Services that are Whitelisted are not shown) ======
Alerter (Alerter) C:\WINDOWS\system32\svchost.exe -k LocalService - Disabled
Application Layer Gateway Service (ALG) C:\WINDOWS\System32\alg.exe - Manual
Apple Mobile Device (Apple Mobile Device) "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" - Auto
Application Management (AppMgmt) C:\WINDOWS\system32\svchost.exe -k netsvcs - Manual
ASP.NET State Service (aspnet_state) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe - Manual
Ati HotKey Poller (Ati HotKey Poller) C:\WINDOWS\system32\Ati2evxx.exe - Auto
Windows Audio (AudioSrv) C:\WINDOWS\System32\svchost.exe -k netsvcs - Auto
Belkin 54g Wireless USB Network Adapter (Belkin 54g Wireless USB Network Adapter Service) C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe - Auto
Background Intelligent Transfer Service (BITS) C:\WINDOWS\system32\svchost.exe -k netsvcs - Manual
Bonjour Service (Bonjour Service) "C:\Program Files\Bonjour\mDNSResponder.exe" - Auto
Computer Browser (Browser) C:\WINDOWS\system32\svchost.exe -k netsvcs - Auto
Symantec Event Manager (ccEvtMgr) "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" - Auto
Symantec Network Proxy (ccProxy) "C:\Program Files\Common Files\Symantec Shared\ccProxy.exe" - Auto
Symantec Password Validation (ccPwdSvc) "C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe" - Manual
Symantec Settings Manager (ccSetMgr) "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" - Auto
Indexing Service (CiSvc) C:\WINDOWS\system32\cisvc.exe - Manual
ClipBook (ClipSrv) C:\WINDOWS\system32\clipsrv.exe - Disabled
.NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - Manual
COM+ System Application (COMSysApp) C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} - Manual
Cryptographic Services (CryptSvc) C:\WINDOWS\system32\svchost.exe -k netsvcs - Auto
DCOM Server Process Launcher (DcomLaunch) C:\WINDOWS\system32\svchost -k DcomLaunch - Auto
DHCP Client (Dhcp) C:\WINDOWS\system32\svchost.exe -k netsvcs - Auto
Logical Disk Manager Administrative Service (dmadmin) C:\WINDOWS\System32\dmadmin.exe /com - Manual
Logical Disk Manager (dmserver) C:\WINDOWS\System32\svchost.exe -k netsvcs - Auto
DNS Client (Dnscache) C:\WINDOWS\system32\svchost.exe -k NetworkService - Auto
Wired AutoConfig (Dot3svc) C:\WINDOWS\System32\svchost.exe -k dot3svc - Manual
Extensible Authentication Protocol Service (EapHost) C:\WINDOWS\System32\svchost.exe -k eapsvcs - Manual
Media Center Receiver Service (ehRecvr) C:\WINDOWS\eHome\ehRecvr.exe - Auto
Media Center Scheduler Service (ehSched) C:\WINDOWS\eHome\ehSched.exe - Auto
Error Reporting Service (ERSvc) C:\WINDOWS\System32\svchost.exe -k netsvcs - Auto
Event Log (Eventlog) C:\WINDOWS\system32\services.exe - Auto
COM+ Event System (EventSystem) C:\WINDOWS\system32\svchost.exe -k netsvcs - Manual
Fast User Switching Compatibility (FastUserSwitchingCompatibility) C:\WINDOWS\System32\svchost.exe -k netsvcs - Manual
Google Updater Service (gusvc) "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" - Manual
Help and Support (helpsvc) C:\WINDOWS\System32\svchost.exe -k netsvcs - Auto
Human Interface Device Access (HidServ) C:\WINDOWS\System32\svchost.exe -k netsvcs - Disabled
Health Key and Certificate Management Service (hkmsvc) C:\WINDOWS\System32\svchost.exe -k netsvcs - Manual
HTTP SSL (HTTPFilter) C:\WINDOWS\System32\svchost.exe -k HTTPFilter - Manual
InstallDriver Table Manager (IDriverT) "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" - Manual
IMAPI CD-Burning COM Service (ImapiService) C:\WINDOWS\system32\imapi.exe - Manual
IS Service (ISSVC) "C:\Program Files\Norton Internet Security\ISSVC.exe" - Manual
Server (lanmanserver) C:\WINDOWS\system32\svchost.exe -k netsvcs - Auto
Workstation (lanmanworkstation) C:\WINDOWS\system32\svchost.exe -k netsvcs - Auto
TCP/IP NetBIOS Helper (LmHosts) C:\WINDOWS\system32\svchost.exe -k LocalService - Auto
Media Center Extender Service (McrdSvc) C:\WINDOWS\ehome\mcrdsvc.exe - Auto
Messenger (Messenger) C:\WINDOWS\system32\svchost.exe -k netsvcs - Disabled
MHN (MHN) C:\WINDOWS\System32\svchost.exe -k netsvcs - Manual
NetMeeting Remote Desktop Sharing (mnmsrvc) C:\WINDOWS\system32\mnmsrvc.exe - Manual
Distributed Transaction Coordinator (MSDTC) C:\WINDOWS\system32\msdtc.exe - Manual
Windows Installer (MSIServer) C:\WINDOWS\system32\msiexec.exe /V - Manual
Network Access Protection Agent (napagent) C:\WINDOWS\System32\svchost.exe -k netsvcs - Manual
Norton AntiVirus Auto-Protect Service (navapsvc) "C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe" - Auto
Network DDE (NetDDE) C:\WINDOWS\system32\netdde.exe - Disabled
Network DDE DSDM (NetDDEdsdm) C:\WINDOWS\system32\netdde.exe - Disabled
Net Logon (Netlogon) C:\WINDOWS\system32\lsass.exe - Manual
Network Connections (Netman) C:\WINDOWS\System32\svchost.exe -k netsvcs - Manual
Network Location Awareness (NLA) (Nla) C:\WINDOWS\system32\svchost.exe -k netsvcs - Manual
NT LM Security Support Provider (NtLmSsp) C:\WINDOWS\system32\lsass.exe - Manual
Removable Storage (NtmsSvc) C:\WINDOWS\system32\svchost.exe -k netsvcs - Disabled
Office Source Engine (ose) "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" - Manual
Plug and Play (PlugPlay) C:\WINDOWS\system32\services.exe - Auto
Pml Driver HPZ12 (Pml Driver HPZ12) C:\WINDOWS\system32\HPZipm12.exe - Auto
IPSEC Services (PolicyAgent) C:\WINDOWS\system32\lsass.exe - Auto
PrismXL (PrismXL) C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS - Auto
Protected Storage (ProtectedStorage) C:\WINDOWS\system32\lsass.exe - Auto
QWAVE service (QWAVE) C:\WINDOWS\system32\svchost.exe -k QWAVE - Manual
Remote Access Auto Connection Manager (RasAuto) C:\WINDOWS\system32\svchost.exe -k netsvcs - Manual
Remote Access Connection Manager (RasMan) C:\WINDOWS\system32\svchost.exe -k netsvcs - Manual
Remote Desktop Help Session Manager (RDSessMgr) C:\WINDOWS\SYSTEM32\sessmgr.exe - Manual
Routing and Remote Access (RemoteAccess) C:\WINDOWS\system32\svchost.exe -k netsvcs - Disabled
Remote Registry (RemoteRegistry) C:\WINDOWS\system32\svchost.exe -k LocalService - Auto
Media Center Extender Resource Monitor (RMSvc) C:\WINDOWS\ehome\RMSvc.exe - Auto
Remote Procedure Call (RPC) Locator (RpcLocator) C:\WINDOWS\system32\locator.exe - Manual
Remote Procedure Call (RPC) (RpcSs) C:\WINDOWS\system32\svchost -k rpcss - Auto
QoS RSVP (RSVP) C:\WINDOWS\system32\rsvp.exe - Manual
Security Accounts Manager (SamSs) C:\WINDOWS\system32\lsass.exe - Auto
SAVScan (SAVScan) "C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe" - Disabled
ScriptBlocking Service (SBService) C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe - Auto
Smart Card (SCardSvr) C:\WINDOWS\System32\SCardSvr.exe - Manual
Task Scheduler (Schedule) C:\WINDOWS\System32\svchost.exe -k netsvcs - Auto
Secondary Logon (seclogon) C:\WINDOWS\System32\svchost.exe -k netsvcs - Auto
System Event Notification (SENS) C:\WINDOWS\system32\svchost.exe -k netsvcs - Auto
Windows Firewall/Internet Connection Sharing (ICS) (SharedAccess) C:\WINDOWS\system32\svchost.exe -k netsvcs - Auto
Shell Hardware Detection (ShellHWDetection) C:\WINDOWS\System32\svchost.exe -k netsvcs - Auto
Symantec Network Drivers Service (SNDSrvc) "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe" - Manual
Symantec SPBBCSvc (SPBBCSvc) "C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe" - Manual
Print Spooler (Spooler) C:\WINDOWS\system32\spoolsv.exe - Auto
System Restore Service (srservice) C:\WINDOWS\system32\svchost.exe -k netsvcs - Auto
SSDP Discovery Service (SSDPSRV) C:\WINDOWS\system32\svchost.exe -k LocalService - Auto
Windows Image Acquisition (WIA) (stisvc) C:\WINDOWS\system32\svchost.exe -k imgsvc - Manual
MS Software Shadow Copy Provider (SwPrv) C:\WINDOWS\system32\dllhost.exe /Processid:{5B046B2C-7D1B-4592-9156-F035B30955FA} - Manual
Performance Logs and Alerts (SysmonLog) C:\WINDOWS\system32\smlogsvc.exe - Manual
Telephony (TapiSrv) C:\WINDOWS\System32\svchost.exe -k netsvcs - Manual
Terminal Services (TermService) C:\WINDOWS\System32\svchost -k DComLaunch - Manual
Themes (Themes) C:\WINDOWS\System32\svchost.exe -k netsvcs - Auto
Telnet (TlntSvr) C:\WINDOWS\system32\tlntsvr.exe - Disabled
Distributed Link Tracking Client (TrkWks) C:\WINDOWS\system32\svchost.exe -k netsvcs - Auto
Universal Plug and Play Device Host (upnphost) C:\WINDOWS\system32\svchost.exe -k LocalService - Manual
Uninterruptible Power Supply (UPS) C:\WINDOWS\System32\ups.exe - Manual
Volume Shadow Copy (VSS) C:\WINDOWS\System32\vssvc.exe - Manual
Windows Time (W32Time) C:\WINDOWS\System32\svchost.exe -k netsvcs - Auto
WebClient (WebClient) C:\WINDOWS\system32\svchost.exe -k LocalService - Auto
Windows Defender (WinDefend) "C:\Program Files\Windows Defender\MsMpEng.exe" - Auto
Windows Management Instrumentation (winmgmt) C:\WINDOWS\system32\svchost.exe -k netsvcs - Auto
Portable Media Serial Number Service (WmdmPmSN) C:\WINDOWS\System32\svchost.exe -k netsvcs - Manual
Windows Management Instrumentation Driver Extensions (Wmi) C:\WINDOWS\System32\svchost.exe -k netsvcs - Manual
WMI Performance Adapter (WmiApSrv) C:\WINDOWS\system32\wbem\wmiapsrv.exe - Manual
Security Center (wscsvc) C:\WINDOWS\System32\svchost.exe -k netsvcs - Auto
Automatic Updates (wuauserv) C:\WINDOWS\system32\svchost.exe -k netsvcs - Auto
Windows Driver Foundation - User-mode Driver Framework (WudfSvc) C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup - Auto
Wireless Zero Configuration (WZCSVC) C:\WINDOWS\System32\svchost.exe -k netsvcs - Auto
Network Provisioning Service (xmlprov) C:\WINDOWS\System32\svchost.exe -k netsvcs - Manual
Zune Bus Enumerator (ZuneBusEnum) c:\WINDOWS\system32\ZuneBusEnum.exe - Auto
Zune Network Sharing Service (ZuneNetworkSvc) "c:\Program Files\Zune\ZuneNss.exe" - Manual
Zune Wireless Configuration Service (ZuneWlanCfgSvc) c:\WINDOWS\system32\ZuneWlanCfgSvc.exe - Manual
====== Running Processes ======
System Idle Process [0]
System [4]
smss.exe [508] \SystemRoot\System32\smss.exe
csrss.exe [568]
winlogon.exe [596] winlogon.exe
services.exe [640] C:\WINDOWS\system32\services.exe
lsass.exe [652] C:\WINDOWS\system32\lsass.exe
ati2evxx.exe [816] C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe [840] C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe [896]
MsMpEng.exe [960] "C:\Program Files\Windows Defender\MsMpEng.exe"
svchost.exe [1040] C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe [1076] C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe [1252]
SDMCP.exe [1284] startup
svchost.exe [1376]
ati2evxx.exe [1412] Ati2evxx.exe -Client
explorer.exe [1472] C:\WINDOWS\Explorer.EXE
ccProxy.exe [1524] "C:\Program Files\Common Files\Symantec Shared\ccProxy.exe"
ccSetMgr.exe [1772] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
ccEvtMgr.exe [1832] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
spoolsv.exe [2036] C:\WINDOWS\system32\spoolsv.exe
AppleMobileDeviceService.exe [528] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
WLService.exe [544] "C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe"
mDNSResponder.exe [556] "C:\Program Files\Bonjour\mDNSResponder.exe"
WLanCfgG.exe [552] WLanCfgG.exe
ehrecvr.exe [656] C:\WINDOWS\eHome\ehRecvr.exe
ehSched.exe [1140] C:\WINDOWS\eHome\ehSched.exe
navapsvc.exe [1324] "C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe"
HPZipm12.exe [1348] C:\WINDOWS\system32\HPZipm12.exe
PRISMXL.SYS [1432] "C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS"
RMSvc.exe [1388] C:\WINDOWS\ehome\RMSvc.exe
svchost.exe [1716]
ZuneBusEnum.exe [1756] c:\WINDOWS\system32\ZuneBusEnum.exe
McrdSvc.exe [2112]
alg.exe [2460]
ehtray.exe [3100] "C:\WINDOWS\ehome\ehtray.exe"
shwiconEM.exe [3144] "C:\Program Files\Digital Media Reader\shwiconem.exe"
atiptaxx.exe [3264] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
ehmsas.exe [3336] C:\WINDOWS\eHome\ehmsas.exe -Embedding
jusched.exe [3352] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
dllhost.exe [3456] C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
ZuneLauncher.exe [3676] "C:\Program Files\Zune\ZuneLauncher.exe"
svchost.exe [3712] C:\WINDOWS\System32\svchost.exe -k HTTPFilter
MSASCui.exe [3852] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
GoogleToolbarNotifier.exe [2644] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
DesktopX.exe [2764] "C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\DesktopX.exe"
ctfmon.exe [2784] "C:\WINDOWS\system32\ctfmon.exe"
wmiprvse.exe [3892]
WudfHost.exe [2196]
MpCmdRun.exe [3480]
firefox.exe [3048] "C:\Program Files\Mozilla Firefox\firefox.exe"
WinRAR.exe [1448] "C:\Program Files\WinRAR\WinRAR.exe" "C:\Documents and Settings\Administrator\Desktop\FileLister.zip"
wscript.exe [704] "C:\WINDOWS\System32\WScript.exe" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$DI00.062\FileLister.vbe"
wmiprvse.exe [3556]
====== Uninstall List From Registry ======
Panda ActiveScan 2.0
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
ATI - Software Uninstall Utility
Alternate File Shredder 1.100
Any Video Converter Professional 2.5.6
ATI Display Driver
BigFix
CCleaner (remove only)
SoftV92 Data Fax Modem with SmartCP
DesktopX Professional
Media Center Extender
Fallout2
Foxit Reader
HijackThis 2.0.2
HP Imaging Device Functions 5.0
HP Solution Center & Imaging Support Tools 5.0
Microsoft Internationalized Domain Names Mitigation APIs
Windows Internet Explorer 7
Digital Media Reader
Belkin F5D8053 N Wireless USB Adapter
Windows Genuine Advantage Validation Tool (KB892130)
Update Rollup 2 for Windows XP Media Center Edition 2005
Hotfix for Windows Media Player 10 (KB903157)
Windows XP Media Center Edition 2005 KB905589
Windows XP Media Center Edition 2005 KB908250
Update for Windows Media Player 10 (KB913800)
Security Update for Windows XP (KB923689)
Security Update for Windows Media Player 6.4 (KB925398)
Update for Windows Media Player 10 (KB926251)
Hotfix for Windows Media Format 11 SDK (KB929399)
Security Update for CAPICOM (KB931906)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows XP (KB941569)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows XP (KB946648)
Hotfix for Windows Internet Explorer 7 (KB947864)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Update for Windows XP (KB951072-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Update for Windows XP (KB951978)
Hotfix for Windows XP (KB952287)
Security Update for Windows XP (KB952954)
Update for Windows XP (KB953356)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows XP (KB953839)
LimeWire PRO 4.14.10
LiveReg (Symantec Corporation)
Microsoft .NET Framework 1.1 Hotfix (KB928366)
MagicDisc 2.6.93
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Mozilla Firefox (3.0.1)
Nero BurnRights
Microsoft National Language Support Downlevel APIs
PowerISO
Real Alternative 1.7.5
Norton Internet Security 2005 (Symantec Corporation)
VideoLAN VLC media player 0.8.6d
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Windows Genuine Advantage Validation Tool (KB892130)
Winamp
Windows Media Format 11 runtime
Windows XP Service Pack 3
GIMP 2.4.4
WinRAR archiver
Windows Media Format 11 runtime
Microsoft User-Mode Driver Framework Feature Pack 1.0
Yahoo! Widgets
Yahoo! Install Manager
Zune
Zune Language Pack (FR)
Destinations
ATI Control Panel
Security Update for CAPICOM (KB931906)
Norton Internet Security
HP Software Update
Google Toolbar for Internet Explorer
Media Center Extender
Unload
SymNet
OpenOffice.org 2.3
TrayApp
Java(TM) 6 Update 3
Java(TM) 6 Update 5
WebFldrs XP
VCRedistSetup
Norton AntiSpam
HPDeskjet5400Series
Microsoft Works
Apple Mobile Device Support
Norton Internet Security
Bonjour
Norton Internet Security
Norton Internet Security
Norton AntiSpam
neroxml
WebReg
DeviceFunctionQFolder
Logitech Gaming Software 5.02
eSupportQFolder
LiveUpdate BVRP Software
SPBBC
Digital Media Reader
Microsoft Office Standard Edition 2003
Microsoft Application Error Reporting
Windows Defender
Norton Internet Security
DeviceManagementQFolder
Adobe Reader 6.0
Spybot - Search & Destroy
Microsoft .NET Framework 2.0 Service Pack 1
DivX Web Player
Apple Software Update
MSRedist
BufferChm
QuickTime
MSXML 4.0 SP2 (KB936181)
Norton AntiVirus 2005
Norton Internet Security
Microsoft .NET Framework 1.1
DivX Content Uploader
Symantec Script Blocking Installer
Microsoft XML Parser
CC_ccProxyExt
ccCommon
Norton Internet Security
HPProductAssistant
Norton Internet Security
Belkin F5D8053 N Wireless USB Adapter
Norton WMI Update
SolutionCenter
HP Deskjet 5400 series
Zune Language Pack (ES)
mobile PhoneTools
Status
Norton WMI Update
Realtek AC'97 Audio
ccPxyCore
Norton Internet Security
HP Image Zone Express
Belkin 54g USB Network Adapter
Zune
======== Other Info ========
TOTAL PHYSICAL RAM: 938 MB
HijackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:48:29 PM, on 8/26/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\ehome\RMSvc.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\DesktopX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://google.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DesktopX] "C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\DesktopX.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/microso ... 1016865374O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microso ... 1016857874O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Belkin 54g Wireless USB Network Adapter (Belkin 54g Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
--
End of file - 8728 bytes