Results 1 to 13 of 13

Thread: winantivirus again

  1. #1
    Junior Member
    Join Date
    Feb 2007
    Location
    andover UK
    Posts
    8

    Question winantivirus again

    Hello Help
    You are my last resort
    Im being plagued by Winantivirus popups
    Ive scanned and cleaned with every conceivable scanner
    found a few but no antivirus ad ware
    by reading other posts it seem to be a hijackthis solution but cant do it myself
    need help
    anybody there willing?

  2. #2
    Junior Member
    Join Date
    Feb 2007
    Location
    andover UK
    Posts
    8

    Winantivirus Help

    I hope I'm in the right place

    Hello Help
    You are my last resort
    Im being plagued by Winantivirus popups
    Ive scanned and cleaned with every conceivable scanner
    found a few but no antivirus ad ware
    by reading other posts it seem to be a hijackthis solution but cant do it myself
    need help
    anybody there willing?

  3. #3
    Second Most EVIL YARDofSTUF's Avatar
    Join Date
    Nov 2000
    Location
    USA
    Posts
    69,988
    Just to double check you have done:

    Adaware
    spybot
    super antispyware

    what virius scanner are you using?

    Download hijackthis and run it and save the info to a log and then paste the log here.

  4. #4
    Elite Member TonyT's Avatar
    Join Date
    Jan 2000
    Location
    Fairfax, VA
    Posts
    10,338
    No one has any right to force data on you
    and command you to believe it or else.
    If it is not true for you, it isn't true.

    LRH

  5. #5
    Junior Member
    Join Date
    Feb 2007
    Location
    andover UK
    Posts
    8

    winantivirus

    Talk about fast response
    2 hrs
    THANKS

    Downloaded and scanned using SuperAntiSpy
    found 32 trackimg cookies 1 spywarebot no reference to Winantivirus
    SCANNED WITH SPYBOT NOTHING FOUND

    USED
    Adaware
    Live Onescan
    Trust
    xoftspySE
    Trust
    Kaspersky
    Symantec
    AVG aNTISPYWARE AND ANTI VIRUS
    USE NTL NETGUARD AS REALTIME PROTECTION

    hijackthis log file renamed as VUNDO hides from hijackthis

    Logfile of HijackThis v1.99.1
    Scan saved at 13:47:12, on 19/02/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\ntl\ntl Netguard\fws.exe
    C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\STOPzilla!\STOPzilla.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Command Software\dvpapi.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\Program Files\SiteAdvisor\5020\SAService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\ntl\ntl Netguard\RPS.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\SiteAdvisor\5020\SiteAdv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
    C:\Program Files\Common Files\AOL\1170097487\ee\AOLSoftware.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe
    C:\Program Files\Anti-Lost CD Ejector\antilostlite.exe
    C:\Program Files\Invention Pilot\Tray Pilot Lite\TrayPlt.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
    C:\Program Files\DigiGuide Lite TV Guide\DigiGuideLite.exe
    C:\Program Files\PopTray\PopTray.exe
    C:\Program Files\Technology Lighthouse\PTFB\PTFB.exe
    C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\WDSCAN.EXE
    C:\Program Files\Virus\Analyze.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/webhp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co.uk/webhp
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/webhp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\5020\SiteAdv.dll
    O2 - BHO: ZILLAbar BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\ZB2.dll
    O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\ntl\ntl Netguard\pkR.dll
    O2 - BHO: Form Filler BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\ntl\ntl Netguard\FBHR.dll
    O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll
    O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\5020\SiteAdv.dll
    O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\STOPzilla!\ZB2.dll
    O4 - HKLM\..\Run: [ntl Netguard] "C:\Program Files\ntl\ntl Netguard\RPS.exe"
    O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
    O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [Opware12] "C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\5020\SiteAdv.exe
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1170097487\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [AntiLostCD] C:\Program Files\Anti-Lost CD Ejector\antilostlite.exe
    O4 - HKCU\..\Run: [Tray Pilot Lite] "C:\Program Files\Invention Pilot\Tray Pilot Lite\TrayPlt.exe"
    O4 - Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Startup: broadband medic.lnk = C:\Program Files\ntl\broadband medic\bin\matcli.exe
    O4 - Startup: clear.lnk = C:\STORE\clear.brs
    O4 - Startup: DigiGuide Lite.lnk = C:\Program Files\DigiGuide Lite TV Guide\DigiGuideLite.exe
    O4 - Startup: PopTray.lnk = C:\Program Files\PopTray\PopTray.exe
    O4 - Startup: PTFB.lnk = C:\Program Files\Technology Lighthouse\PTFB\PTFB.exe
    O4 - Startup: Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: broadband medic.lnk = C:\Program Files\ntl\broadband medic\bin\matcli.exe
    O4 - Global Startup: Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
    O4 - Global Startup: Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
    O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/res...scbase9602.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
    O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\5020\SiteAdv.dll
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
    O23 - Service: Radialpoint Service (FWS) - Radialpoint Inc. - C:\Program Files\ntl\ntl Netguard\fws.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\5020\SAService.exe
    O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
    O23 - Service: Tirminal™ (Tirminal_Service) - Unknown owner - c:\program files\tirminal\tirminal_service.exe (file missing)

    DONT KNOW IF THIS WILL HELP
    SuperAntiSpy log

    SUPERAntiSpyware Scan Log
    Generated 02/19/2007 at 02:52 PM

    Application Version : 3.5.1016

    Core Rules Database Version : 3184
    Trace Rules Database Version: 1194

    Scan type : Complete Scan
    Total Scan Time : 00:26:51

    Memory items scanned : 575
    Memory threats detected : 0
    Registry items scanned : 5574
    Registry threats detected : 1
    File items scanned : 29760
    File threats detected : 32

    Adware.Tracking Cookie

    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@www.amaena[2].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@atdmt[1].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@login.tracking101[2].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@ctxtad.tribalfusion[1].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@www2.mystats[1].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@try.starware[3].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@stats1.reliablestats[2].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@www.googleadservices[2].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@try.starware[1].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@www.googleadservices[4].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@xiti[1].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@www.googleadservices[1].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@www.googleadservices[5].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@warlog[1].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@mywebsearch[1].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@smileycentral[1].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@ads.adbrite[2].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@stopzilla[1].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@www2.mystats[2].txt
    C:\Documents and Settings\Robert Dempster\Cookies\robert_dempster@www.googleadservices[3].txt
    C:\Documents and Settings\Robert
    Malware.SpywareBot
    HKU\S-1-5-21-343818398-162531612-1417001333-1003\Software\SpywareBot

    Some of the tracking cookies were Winantivirus or aliases
    Ive cleaned these out previously
    I dont think they are the problem

    ive just deownloaded and scanned with spybot
    found two registry entries for drivecleaner which is an alias of winantivirus
    these entries were deleted manually
    spybot would not let me rescan so cant tell if they are really gone
    Last edited by robertdempster; 02-19-07 at 12:14 PM. Reason: ADD SUPERANTIVIRUS LOG

  6. #6
    Dr Tweak mnosteele52's Avatar
    Join Date
    Jul 2001
    Location
    Chesapeake, VA
    Posts
    11,912
    Prior to doing anything XP users MUST disable System Restore!!! You can re enable it after you are clean.

    1. Download, install and run CrapCleaner to remove any temporary and junk files.

    2. Download Ad-Aware SE 1.06 and set it up as shown HERE.

    3. Download SpyBot Search & Destroy 1.4 and set it up as shown HERE.

    4. Download SUPERAntiSpyware, update and do a full system scan.

    5. Download AVG Anti-Spyware 7.5, update and do a full system scan.

    6. Download and run CWShredder.

    7. Do a FREE online virus scan from BitDefender Online Scan and remove all that it finds.

    8. If you aren't currently using a firewall or anti-virus profram then I suggest you install Comodo Firewall and Active Virus Shield - (setup instructions HERE), both are FREE and offer excellent protection.

    9. It is a good idea to use Sysinternal's Autoruns to make sure you have removed all of the malware.

    10. It it also a good idea to run the Winsock Fix to repair your TCP/IP stack. (you will have to redo any tweaks for your connection if this is used)

    11. If after doing ALL of the above and you are still having problems please scan with HijackThis 1.99.1 as shown HERE and post a log here in this forum for us to look at.

    12. Download SpywareBlaster 3.5.1 and set it up as shown HERE to help stay spyware free.

    13. Make sure you have ALL of the latest Windows Updates.


  7. #7
    Dr Tweak mnosteele52's Avatar
    Join Date
    Jul 2001
    Location
    Chesapeake, VA
    Posts
    11,912
    So do you want help in this thread or the other one you started?


  8. #8
    Junior Member
    Join Date
    Feb 2007
    Location
    andover UK
    Posts
    8
    done everything on your list
    hope it works
    if not
    ill be back
    many thanks
    found 6 spybots is all

  9. #9
    Junior Member
    Join Date
    Feb 2007
    Location
    andover UK
    Posts
    8
    i need one last bit of help
    ive done autoruns scan
    can anybody read it and let me know if there is any malware please

    the report is too long for this option so ive had to spread it over multiple replys
    quuick reply seems to be the only option left
    apologies if wrong


    HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
    + rdpclip RDP Clip Monitor Microsoft Corporation c:\windows\system32\rdpclip.exe
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
    + C:\WINDOWS\system32\userinit.exe Userinit Logon Application Microsoft Corporation c:\windows\system32\userinit.exe
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
    + Explorer.exe Windows Explorer Microsoft Corporation c:\windows\explorer.exe
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    + HostManager AOL America Online, Inc. c:\program files\common files\aol\1170097487\ee\aolsoftware.exe
    + HotKeysCmds hkcmd Module Intel Corporation c:\windows\system32\hkcmd.exe
    + HP Component Manager HP Framework Component Manager Service Hewlett-Packard Company c:\program files\hp\hpcoretech\hpcmpmgr.exe
    + IgfxTray igfxTray Module Intel Corporation c:\windows\system32\igfxtray.exe
    + InCD InCD Nero AG c:\program files\ahead\incd\incd.exe
    + iTunesHelper iTunesHelper Module Apple Computer, Inc. c:\program files\itunes\ituneshelper.exe
    + Motive SmartBridge ntl:home broadband medic alerts Motive Communications, Inc. c:\program files\ntl\broadband medic\smartbridge\motivesb.exe
    + NeroFilterCheck NeroCheck Ahead Software Gmbh c:\windows\system32\nerocheck.exe
    + ntl Netguard ntl Netguard ntl c:\program files\ntl\ntl netguard\rps.exe
    + Opware12 OCR Aware (32-bit) ScanSoft, Inc. c:\program files\scansoft\omnipagepro12.0\opware12.exe
    + PinnacleDriverCheck c:\windows\system32\psdrvcheck.exe
    + QuickTime Task QuickTime Task Apple Computer, Inc. c:\program files\quicktime\qttask.exe
    + SiteAdvisor SiteAdvisor McAfee, Inc. c:\program files\siteadvisor\5020\siteadv.exe
    + SoundMan Realtek Sound Manager Realtek Semiconductor Corp. C:\WINDOWS\soundman.exe
    + SunJavaUpdateSched Java(TM) 2 Platform Standard Edition binary Sun Microsystems, Inc. c:\program files\java\jre1.5.0_10\bin\jusched.exe
    + TkBellExe RealNetworks Scheduler RealNetworks, Inc. c:\program files\common files\real\update_ob\realsched.exe
    + Tweak UI User interface customization toy Microsoft Corporation c:\windows\system32\tweakui.cpl
    + UnlockerAssistant c:\program files\unlocker\unlockerassistant.exe
    + USBToolTip USBTip MFC Application Pinnacle Systems c:\program files\pinnacle\shared files\programs\usbtip\usbtip.exe
    + Windows Defender Windows Defender User Interface Microsoft Corporation c:\program files\windows defender\msascui.exe
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup
    + Adobe Reader Speed Launch.lnk Adobe Acrobat SpeedLauncher Adobe Systems Incorporated c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
    + broadband medic.lnk Motive Chorus Command Line Interface Motive Communications, Inc. c:\program files\ntl\broadband medic\bin\matcli.exe
    + Norton System Doctor.LNK Norton System Doctor Symantec Corporation c:\program files\norton systemworks\norton utilities\sysdoc32.exe
    + Web Accelerator.lnk c:\program files\google\web accelerator\googlewebaccwarden.exe
    C:\Documents and Settings\Robert Dempster\Start Menu\Programs\Startup
    + Adobe Reader Speed Launch.lnk Adobe Acrobat SpeedLauncher Adobe Systems Incorporated c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
    + broadband medic.lnk Motive Chorus Command Line Interface Motive Communications, Inc. c:\program files\ntl\broadband medic\bin\matcli.exe
    + clear.lnk c:\store\clear.brs
    + DigiGuide Lite.lnk DigiGuide Lite Launcher - Small Interactive TV guide GipsyMedia Limited c:\program files\digiguide lite tv guide\digiguidelite.exe
    + PopTray.lnk PopTray E-Mail Notifier Renier Crause c:\program files\poptray\poptray.exe
    + PTFB.lnk Push The Freakin' Button Technology Lighthouse c:\program files\technology lighthouse\ptfb\ptfb.exe
    + Web Accelerator.lnk c:\program files\google\web accelerator\googlewebaccwarden.exe
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    + AntiLostCD NeSoft c:\program files\anti-lost cd ejector\antilostlite.exe
    + ctfmon.exe CTF Loader Microsoft Corporation c:\windows\system32\ctfmon.exe
    + MsnMsgr Messenger Microsoft Corporation c:\program files\msn messenger\msnmsgr.exe
    + PhotoShow Deluxe Media Manager Nero PhotoShow Media Manager Ahead Software c:\program files\nero\data\xtras\mssysmgr.exe
    + Tray Pilot Lite Show/Hide System Tray Invention Pilot, Inc c:\program files\invention pilot\tray pilot lite\trayplt.exe
    HKLM\SOFTWARE\Classes\Protocols\Filter
    + application/octet-stream Microsoft .NET Runtime Execution Engine Microsoft Corporation c:\windows\system32\mscoree.dll
    + application/x-complus Microsoft .NET Runtime Execution Engine Microsoft Corporation c:\windows\system32\mscoree.dll
    + application/x-msdownload Microsoft .NET Runtime Execution Engine Microsoft Corporation c:\windows\system32\mscoree.dll
    + Class Install Handler OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
    + deflate OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
    + gzip OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
    + lzdhtml OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
    + text/webviewhtml Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
    HKLM\SOFTWARE\Classes\Protocols\Handler
    + about Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
    + cdl OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
    + cetihpz HPCETIUI Protocol Handler Module Hewlett-Packard Company c:\program files\hp\hpcoretech\comp\hpuiprot.dll
    + dvd ActiveX control for streaming video Microsoft Corporation c:\windows\system32\msvidctl.dll
    + file OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
    + ftp OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
    + gopher OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
    + http OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
    + https OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
    + its Microsoft® InfoTech Storage System Library Microsoft Corporation c:\windows\system32\itss.dll
    + javascript Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
    + livecall MSN Messenger Protocol Handler Microsoft Corporation c:\program files\msn messenger\msgrapp.8.1.0178.00.dll
    + local OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
    + mailto Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
    + mhtml Microsoft Internet Messaging API Microsoft Corporation c:\windows\system32\inetcomm.dll
    + mk OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
    + ms-its Microsoft® InfoTech Storage System Library Microsoft Corporation c:\windows\system32\itss.dll
    + msnim MSN Messenger Protocol Handler Microsoft Corporation c:\program files\msn messenger\msgrapp.8.1.0178.00.dll
    + res Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
    + siteadvisor SiteAdvisor McAfee, Inc. c:\program files\siteadvisor\5020\siteadv.dll
    + sysimage Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
    + tv ActiveX control for streaming video Microsoft Corporation c:\windows\system32\msvidctl.dll
    + vbscript Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
    + wia WIA Scripting Layer Microsoft Corporation c:\windows\system32\wiascr.dll
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
    + 0 File not found: About:Home
    HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
    + Address Book 6 Outlook Express Setup Library Microsoft Corporation c:\program files\outlook express\setup50.exe
    + Browser Customizations IEAK branding Microsoft Corporation c:\windows\system32\iedkcs32.dll
    + Browser Customizations IEAK branding Microsoft Corporation c:\windows\system32\iedkcs32.dll
    + IE7 Uninstall Stub IE Per User Active Setup Uninstall Utility Microsoft Corporation c:\windows\system32\ieudinit.exe
    + Internet Explorer IE Per-User Initialization Utility Microsoft Corporation c:\windows\system32\ie4uinit.exe
    + Internet Explorer IE Per-User Initialization Utility Microsoft Corporation c:\windows\system32\ie4uinit.exe
    + Microsoft Outlook Express 6 Outlook Express Setup Library Microsoft Corporation c:\program files\outlook express\setup50.exe
    + Microsoft Windows Media Player Microsoft Windows Media Player Setup Utility Microsoft Corporation c:\windows\inf\unregmp2.exe
    + Microsoft Windows Media Player ADVPACK Microsoft Corporation c:\windows\system32\advpack.dll
    + n/a Microsoft .NET IE SECURITY REGISTRATION Microsoft Corporation c:\windows\system32\mscories.dll
    + NetMeeting 3.01 ADVPACK Microsoft Corporation c:\windows\system32\advpack.dll
    + Outlook Express Windows NT User Data Migration Tool Microsoft Corporation c:\windows\system32\shmgrate.exe
    + Themes Setup Microsoft(C) Register Server Microsoft Corporation c:\windows\system32\regsvr32.exe
    + Windows Desktop Update Microsoft(C) Register Server Microsoft Corporation c:\windows\system32\regsvr32.exe
    + Windows Messenger 4.7 ADVPACK Microsoft Corporation c:\windows\system32\advpack.dll
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
    + Browseui preloader Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Component Categories cache daemon Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
    + CDBurn Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
    + PostBootReminder Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
    + SysTray Systray shell service object Microsoft Corporation c:\windows\system32\stobject.dll
    + WebCheck Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll
    + WPDShServiceObj Windows Portable Device Shell Service Object Microsoft Corporation c:\windows\system32\wpdshserviceobj.dll
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
    + Microsoft AntiMalware ShellExecuteHook Shell Execution Monitor Microsoft Corporation c:\program files\windows defender\mpshhook.dll
    + sasseh.dll ShellExecuteHook SuperAdBlocker.com c:\program files\superantispyware\sasseh.dll
    + shell32.dll Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
    HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
    + %DESC_PublishDropTarget% Photo Printing Wizard Microsoft Corporation c:\windows\system32\photowiz.dll
    + &Address Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + &Links Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + .CAB file viewer Cabinet File Viewer Shell Extension Microsoft Corporation c:\windows\system32\cabview.dll
    + Accessible Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + ActiveX Cache Folder Object Control Viewer Microsoft Corporation c:\windows\system32\occache.dll
    + Address EditBox Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Administrative Tools Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
    + Audio Media Properties Handler Media File Property Extractor Shell Extension Microsoft Corporation c:\windows\system32\shmedia.dll
    + Augmented Shell Folder Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Augmented Shell Folder 2 Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Auto Update Property Sheet Extension Automatic Updates Control Panel Microsoft Corporation c:\windows\system32\wuaucpl.cpl
    + Avi Properties Handler Media File Property Extractor Shell Extension Microsoft Corporation c:\windows\system32\shmedia.dll
    + BandProxy Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Briefcase Windows Briefcase Microsoft Corporation c:\windows\system32\syncui.dll
    + CDF Extension Copy Hook Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
    + Code Download Agent Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll
    + Compatibility Page Compatibility Tab Shell Extension DLL Microsoft Corporation c:\windows\system32\slayerxp.dll
    + Compressed (zipped) Folder Compressed (zipped) Folders Microsoft Corporation c:\windows\system32\zipfldr.dll
    + Compressed (zipped) Folder Right Drag Handler Compressed (zipped) Folders Microsoft Corporation c:\windows\system32\zipfldr.dll
    + Compressed (zipped) Folder SendTo Target Compressed (zipped) Folders Microsoft Corporation c:\windows\system32\zipfldr.dll
    + ConnectionAgent Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll
    + Crypto PKO Extension Crypto Shell Extensions Microsoft Corporation c:\windows\system32\cryptext.dll
    + Crypto Sign Extension Crypto Shell Extensions Microsoft Corporation c:\windows\system32\cryptext.dll
    + Custom MRU AutoCompleted List Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Darwin App Publisher Shell Application Manager Microsoft Corporation c:\windows\system32\appwiz.cpl
    + DfsShell Distributed File System shell extension Microsoft Corporation c:\windows\system32\dfsshlex.dll
    + Directory Context Menu Verbs Directory Service Common UI Microsoft Corporation c:\windows\system32\dsuiext.dll
    + Directory Object Find Directory Service Find Microsoft Corporation c:\windows\system32\dsquery.dll
    + Directory Property UI Directory Service Common UI Microsoft Corporation c:\windows\system32\dsuiext.dll
    + Directory Query UI Directory Service Find Microsoft Corporation c:\windows\system32\dsquery.dll
    + Directory Start/Search Find Directory Service Find Microsoft Corporation c:\windows\system32\dsquery.dll
    + Disk Copy Extension Windows DiskCopy Microsoft Corporation c:\windows\system32\diskcopy.dll
    + Disk Quota UI Windows Shell Disk Quota UI DLL Microsoft Corporation c:\windows\system32\dskquoui.dll
    + Display Adapter CPL Extension Advanced display adapter properties Microsoft Corporation c:\windows\system32\deskadp.dll
    + Display Monitor CPL Extension Advanced display monitor properties Microsoft Corporation c:\windows\system32\deskmon.dll
    + Display TroubleShoot CPL Extension Advanced display performance properties Microsoft Corporation c:\windows\system32\deskperf.dll
    + Download Status Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + DriveHQ FileManager MBizMenu DLL c:\program files\drivehq\drivehq filemanager\drivehqmenu.dll
    + DS Security Page Directory Service Security UI Microsoft Corporation c:\windows\system32\dssec.dll
    + E-mail Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
    + Explorer Band Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
    + Extensions Manager Folder Extensions Manager Microsoft Corporation c:\windows\system32\extmgr.dll
    + Favorites Band Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
    + Fonts Windows Font Folder Microsoft Corporation c:\windows\system32\fontext.dll
    + Fonts Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
    + For &People... Find People Microsoft Corporation c:\program files\outlook express\wabfind.dll
    + FTP Folders Webview Microsoft Internet Explorer FTP Folder Shell Extension Microsoft Corporation c:\windows\system32\msieftp.dll
    + Fusion Cache Microsoft .NET Runtime Execution Engine Microsoft Corporation c:\windows\system32\mscoree.dll
    + GDI+ file thumbnail extractor Windows Picture and Fax Viewer Microsoft Corporation c:\windows\system32\shimgvw.dll
    + Get a Passport Wizard Map Network Drives/Network Places Wizard Microsoft Corporation c:\windows\system32\netplwiz.dll
    + Global Folder Settings Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Help and Support Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
    + Help and Support Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
    + History Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + HTML Thumbnail Extractor Windows Picture and Fax Viewer Microsoft Corporation c:\windows\system32\shimgvw.dll
    + HyperTerminal Icon Ext HyperTerminal Applet Library Hilgraeve, Inc. c:\windows\system32\hticons.dll
    + ICC Profile Microsoft Color Matching System User Interface DLL Microsoft Corporation c:\windows\system32\icmui.dll
    + ICM Monitor Management Microsoft Color Matching System User Interface DLL Microsoft Corporation c:\windows\system32\icmui.dll
    + ICM Printer Management Microsoft Color Matching System User Interface DLL Microsoft Corporation c:\windows\system32\icmui.dll
    + ICM Scanner Management Microsoft Color Matching System User Interface DLL Microsoft Corporation c:\windows\system32\icmui.dll
    + IE AutoComplete Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE BandProxy Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE Custom MRU AutoCompleted List Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE Fade Task Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE IShellFolderBand Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE Menu Band Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE Menu Desk Bar Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE Menu Site Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE Microsoft BrowserBand Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE Microsoft History AutoComplete List Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE Microsoft Multiple AutoComplete List Container Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE Microsoft Shell Folder AutoComplete List Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE MRU AutoComplete List Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE Navigation Bar Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE Registry Tree Options Utility Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE RSS Feeder Folder Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE Search Band Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE Shell Band Site Menu Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE Shell Rebar BandSite Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE Tracking Shell Menu Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll

  10. #10
    Junior Member
    Join Date
    Feb 2007
    Location
    andover UK
    Posts
    8
    + IE User Assist Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + IE4 Suite Splash Screen Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
    + In-pane search Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Installed Apps Enumerator Shell Application Manager Microsoft Corporation c:\windows\system32\appwiz.cpl
    + Internet Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
    + Internet Name Space Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + InternetShortcut Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + ISFBand OC Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
    + iTunes iTunes Mini Player DLL Apple Computer, Inc. c:\program files\itunes\itunesminiplayer.dll
    + Messenger Sharing Folders Messenger File Sharing Shell Extensions Microsoft Corporation c:\program files\msn messenger\fsshext.8.1.0178.00.dll
    + Microsoft Agent Character Property Sheet Handler Microsoft Agent Property Sheet Handler Microsoft Corporation c:\windows\msagent\agentpsh.dll
    + Microsoft AutoComplete Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Microsoft Browser Architecture Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
    + Microsoft Browser Architecture Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + Microsoft BrowserBand Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Microsoft Data Link Microsoft Data Access - OLE DB Core Services Microsoft Corporation c:\program files\common files\system\ole db\oledb32.dll
    + Microsoft DocProp Inplace Calendar Control Microsoft DocProp Shell Ext Microsoft Corporation c:\windows\system32\docprop2.dll
    + Microsoft DocProp Inplace Droplist Combo Control Microsoft DocProp Shell Ext Microsoft Corporation c:\windows\system32\docprop2.dll
    + Microsoft DocProp Inplace Edit Box Control Microsoft DocProp Shell Ext Microsoft Corporation c:\windows\system32\docprop2.dll
    + Microsoft DocProp Inplace ML Edit Box Control Microsoft DocProp Shell Ext Microsoft Corporation c:\windows\system32\docprop2.dll
    + Microsoft DocProp Inplace Time Control Microsoft DocProp Shell Ext Microsoft Corporation c:\windows\system32\docprop2.dll
    + Microsoft DocProp Shell Ext Microsoft DocProp Shell Ext Microsoft Corporation c:\windows\system32\docprop2.dll
    + Microsoft History AutoComplete List Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Microsoft Internet Toolbar Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Microsoft Multiple AutoComplete List Container Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Microsoft Shell Folder AutoComplete List Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Microsoft Url History Service Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + Microsoft Url Search Hook Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + Midi Properties Handler Media File Property Extractor Shell Extension Microsoft Corporation c:\windows\system32\shmedia.dll
    + MMC Icon Handler MMC Shell Extension DLL Microsoft Corporation c:\windows\system32\mmcshext.dll
    + MRU AutoComplete List Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Multimedia File Property Sheet Control Panel Drivers Applet Microsoft Corporation c:\windows\system32\mmsys.cpl
    + My DriveHQ MyDriveHQ DriveHQ c:\program files\drivehq\drivehq desktop express\mydrivehq.dll
    + MyDocs Copy Hook My Documents Folder UI Microsoft Corporation c:\windows\system32\mydocs.dll
    + MyDocs Drop Target My Documents Folder UI Microsoft Corporation c:\windows\system32\mydocs.dll
    + MyDocs Properties My Documents Folder UI Microsoft Corporation c:\windows\system32\mydocs.dll
    + Network Connections Network Connections Shell Microsoft Corporation c:\windows\system32\netshell.dll
    + Network Connections Network Connections Shell Microsoft Corporation c:\windows\system32\netshell.dll
    + NTFS Security Page Security Shell Extension Microsoft Corporation c:\windows\system32\rshx32.dll
    + Offline Files Folder Client Side Caching UI Microsoft Corporation c:\windows\system32\cscui.dll
    + Offline Files Folder Options Client Side Caching UI Microsoft Corporation c:\windows\system32\cscui.dll
    + Offline Files Menu Client Side Caching UI Microsoft Corporation c:\windows\system32\cscui.dll
    + OLE Docfile Property Page OLE DocFile Property Page Microsoft Corporation c:\windows\system32\docprop.dll
    + PlusPack CPL Extension Windows Theme API Microsoft Corporation c:\windows\system32\themeui.dll
    + Portable Devices Portable Devices Shell Extension Microsoft Corporation c:\windows\system32\wpdshext.dll
    + Portable Devices Menu Portable Devices Shell Extension Microsoft Corporation c:\windows\system32\wpdshext.dll
    + Portable Media Devices Portable Media Devices Shell Extension Microsoft Corporation c:\windows\system32\audiodev.dll
    + PostAgent Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll
    + Previous Versions Previous Versions property page Microsoft Corporation c:\windows\system32\twext.dll
    + Previous Versions Property Page Previous Versions property page Microsoft Corporation c:\windows\system32\twext.dll
    + Print Ordering via the Web Map Network Drives/Network Places Wizard Microsoft Corporation c:\windows\system32\netplwiz.dll
    + Printers Security Page Security Shell Extension Microsoft Corporation c:\windows\system32\rshx32.dll
    + Registry Tree Options Utility Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Remote Sessions CPL Extension Remote Sessions CPL Extension Microsoft Corporation c:\windows\system32\remotepg.dll
    + Run... Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
    + Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Corporation c:\windows\system32\wiashext.dll
    + Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Corporation c:\windows\system32\wiashext.dll
    + Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Corporation c:\windows\system32\wiashext.dll
    + Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Corporation c:\windows\system32\wiashext.dll
    + Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Corporation c:\windows\system32\wiashext.dll
    + Scheduled Tasks Task Scheduler interface DLL Microsoft Corporation c:\windows\system32\mstask.dll
    + Search Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
    + Search Assistant OC Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
    + Sendmail service Send Mail Microsoft Corporation c:\windows\system32\sendmail.dll
    + Sendmail service Send Mail Microsoft Corporation c:\windows\system32\sendmail.dll
    + Set Program Access and Defaults Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
    + Shell Application Manager Shell Application Manager Microsoft Corporation c:\windows\system32\appwiz.cpl
    + Shell Automation Inproc Service Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
    + Shell Band Site Menu Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Shell DeskBar Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Shell DeskBarApp Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Shell DocObject Viewer Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + Shell Extension for CDRW UDF Shell Extension DLL Nero AG c:\program files\ahead\incd\incdshx.dll
    + Shell extensions for Microsoft Windows Network objects Network object shell UI Microsoft Corporation c:\windows\system32\ntlanui2.dll
    + Shell Extensions for RealOne Player RealPlayer Shell Extensions RealNetworks, Inc. c:\program files\real\realplayer\rpshell.dll
    + Shell extensions for sharing Shell extensions for sharing Microsoft Corporation c:\windows\system32\ntshrui.dll
    + Shell extensions for sharing Shell extensions for sharing Microsoft Corporation c:\windows\system32\ntshrui.dll
    + Shell extensions for Windows Script Host Microsoft (r) Shell Extension for Windows Script Host Microsoft Corporation c:\windows\system32\wshext.dll
    + Shell Icon Handler for Application References Application Deployment Support Library Microsoft Corporation c:\windows\system32\dfshim.dll
    + Shell Image Data Factory Windows Picture and Fax Viewer Microsoft Corporation c:\windows\system32\shimgvw.dll
    + Shell Image Property Handler Windows Picture and Fax Viewer Microsoft Corporation c:\windows\system32\shimgvw.dll
    + Shell Image Verbs Windows Picture and Fax Viewer Microsoft Corporation c:\windows\system32\shimgvw.dll
    + Shell properties for a DS object Directory Service Find Microsoft Corporation c:\windows\system32\dsquery.dll
    + Shell Publishing Wizard Object Map Network Drives/Network Places Wizard Microsoft Corporation c:\windows\system32\netplwiz.dll
    + Shell Rebar BandSite Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Shell Scrap DataHandler Shell scrap object handler Microsoft Corporation c:\windows\system32\shscrap.dll
    + Shell Search Band Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + ShellLink for Application References Application Deployment Support Library Microsoft Corporation c:\windows\system32\dfshim.dll
    + Subscription Folder Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll
    + Subscription Mgr Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll
    + Summary Info Thumbnail handler (DOCFILES) Windows Picture and Fax Viewer Microsoft Corporation c:\windows\system32\shimgvw.dll
    + Taskbar and Start Menu Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
    + Tasks Folder Icon Handler Task Scheduler interface DLL Microsoft Corporation c:\windows\system32\mstask.dll
    + Tasks Folder Shell Extension Task Scheduler interface DLL Microsoft Corporation c:\windows\system32\mstask.dll
    + Temporary Internet Files Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + Temporary Internet Files Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + The Internet Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    + Track Popup Bar Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + TrayAgent Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll
    + TridentImageExtractor Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + UnlockerShellExtension c:\program files\unlocker\unlockercom.dll
    + User Accounts Map Network Drives/Network Places Wizard Microsoft Corporation c:\windows\system32\netplwiz.dll
    + User Assist Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + Video Media Properties Handler Media File Property Extractor Shell Extension Microsoft Corporation c:\windows\system32\shmedia.dll
    + Video Thumbnail Extractor Media File Property Extractor Shell Extension Microsoft Corporation c:\windows\system32\shmedia.dll
    + Wav Properties Handler Media File Property Extractor Shell Extension Microsoft Corporation c:\windows\system32\shmedia.dll
    + Web Printer Shell Extension Print UI DLL Microsoft Corporation c:\windows\system32\printui.dll
    + Web Publishing Wizard Map Network Drives/Network Places Wizard Microsoft Corporation c:\windows\system32\netplwiz.dll
    + Web Search Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
    + WebCheck Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll
    + WebCheck SyncMgr Handler Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll
    + WebCheckChannelAgent Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll
    + WebCheckWebCrawler Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll
    + Windows Media Player Add to Playlist Context Menu Handler Windows Media Player Launcher Microsoft Corporation c:\windows\system32\wmpshell.dll
    + Windows Media Player Burn Audio CD Context Menu Handler Windows Media Player Launcher Microsoft Corporation c:\windows\system32\wmpshell.dll
    + Windows Media Player Play as Playlist Context Menu Handler Windows Media Player Launcher Microsoft Corporation c:\windows\system32\wmpshell.dll
    + WinRAR shell extension c:\program files\winrar\rarext.dll
    HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
    + PDF Shell Extension PDF Shell Extension Adobe Systems, Inc. c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll
    + {0D2E74C4-3C34-11d2-A27E-00C04FC30871} Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
    + {24F14F01-7B1C-11d1-838f-0000F80461CF} Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
    + {24F14F02-7B1C-11d1-838f-0000F80461CF} Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
    + {66742402-F9B9-11D1-A202-0000F81FEDEE} Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
    + &Google Web Accelerator Helper c:\program files\google\web accelerator\googlewebacctoolbar.dll
    + Adobe PDF Reader Link Helper Adobe Acrobat IE Helper Version 7.0 for ActiveX Adobe Systems Incorporated c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll
    + PopKill Class Radialpoint 5.2.0 Radialpoint Inc. c:\program files\ntl\ntl netguard\pkr.dll
    + SSVHelper Class Java(TM) 2 Platform Standard Edition binary Sun Microsystems, Inc. c:\program files\java\jre1.5.0_10\bin\ssv.dll
    + Windows Live Sign-in Helper WindowsLiveLogin.dll Microsoft Corporation c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
    + ZKBho Class Radialpoint 5.2.0 Radialpoint Inc. c:\program files\ntl\ntl netguard\fbhr.dll
    + {089FD14D-132B-48FC-8861-0048AE113215} SiteAdvisor McAfee, Inc. c:\program files\siteadvisor\5020\siteadv.dll
    HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
    + ieframe.dll Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
    HKLM\Software\Microsoft\Internet Explorer\Toolbar
    + googlewebacctoolbar.dll c:\program files\google\web accelerator\googlewebacctoolbar.dll
    + McAfee SiteAdvisor SiteAdvisor McAfee, Inc. c:\program files\siteadvisor\5020\siteadv.dll
    HKLM\Software\Microsoft\Internet Explorer\Extensions
    + Windows Messenger Windows Messenger Microsoft Corporation c:\program files\messenger\msmsgs.exe
    Task Scheduler
    + AppleSoftwareUpdate.job Software Application Apple Computer, Inc. c:\program files\apple software update\softwareupdate.exe
    + MP Scheduled Quick Scan.job File not found: Files\Microsoft
    + MP Scheduled Scan.job Windows Defender Command Line Utility Microsoft Corporation c:\program files\windows defender\mpcmdrun.exe
    + System Snapshot.job 32-bit Hkeylocal Executables c:\program files\system snapshot\syssnap.exe
    + XoftSpySE.job Xoftspy ParetoLogic c:\program files\xoftspyse\xoftspy.exe
    HKLM\System\CurrentControlSet\Services
    + AudioSrv Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\audiosrv.dll
    + BITS Transfers data between clients and servers in the background. If BITS is disabled, features such as Windows Update will not work correctly. Microsoft Corporation c:\windows\system32\qmgr.dll
    + Browser Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\browser.dll
    + CryptSvc Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\cryptsvc.dll
    + DcomLaunch Provides launch functionality for DCOM services. Microsoft Corporation c:\windows\system32\rpcss.dll
    + Dhcp Manages network configuration by registering and updating IP addresses and DNS names. Microsoft Corporation c:\windows\system32\dhcpcsvc.dll
    + dmserver Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corp. c:\windows\system32\dmserver.dll
    + Dnscache Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\dnsrslvr.dll
    + dvpapi Dynamic Virus Protection Command Software Systems, Inc. c:\program files\common files\command software\dvpapi.exe
    + ERSvc Allows error reporting for services and applictions running in non-standard environments. Microsoft Corporation c:\windows\system32\ersvc.dll
    + Eventlog Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped. Microsoft Corporation c:\windows\system32\services.exe
    + FWS Radialpoint 5.2.0 Radialpoint Inc. c:\program files\ntl\ntl netguard\fws.exe
    + helpsvc Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\pchealth\helpctr\binaries\pchsvc.dll
    + InCDsrv Helper service for the InCD filesystem driver Nero AG c:\program files\ahead\incd\incdsrv.exe
    + lanmanserver Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\srvsvc.dll
    + lanmanworkstation Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\wkssvc.dll
    + LmHosts Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution. Microsoft Corporation c:\windows\system32\lmhsvc.dll
    + Messenger Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\msgsvc.dll
    + NProtectService Norton Protection Status Symantec Corporation c:\program files\norton systemworks\norton utilities\nprotect.exe
    + PlugPlay Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability. Microsoft Corporation c:\windows\system32\services.exe
    + PolicyAgent Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver. Microsoft Corporation c:\windows\system32\lsass.exe
    + ProtectedStorage Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users. Microsoft Corporation c:\windows\system32\lsass.exe
    + RemoteRegistry Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\regsvc.dll
    + RpcSs Provides the endpoint mapper and other miscellaneous RPC services. Microsoft Corporation c:\windows\system32\rpcss.dll
    + SamSs Stores security information for local user accounts. Microsoft Corporation c:\windows\system32\lsass.exe
    + Schedule Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\schedsvc.dll
    + seclogon Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\seclogon.dll
    + SENS Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events. Microsoft Corporation c:\windows\system32\sens.dll
    + SharedAccess Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. Microsoft Corporation c:\windows\system32\ipnathlp.dll
    + ShellHWDetection Provides notifications for AutoPlay hardware events. Microsoft Corporation c:\windows\system32\shsvcs.dll
    + SiteAdvisor Service Provides low-level support for McAfee SiteAdvisor c:\program files\siteadvisor\5020\saservice.exe
    + Speed Disk service NOPDB Symantec Corporation c:\program files\norton systemworks\speed disk\nopdb.exe
    + Spooler Loads files to memory for later printing. Microsoft Corporation c:\windows\system32\spoolsv.exe
    + srservice Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties Microsoft Corporation c:\windows\system32\srsvc.dll
    + stisvc Provides image acquisition services for scanners and cameras. Microsoft Corporation c:\windows\system32\wiaservc.dll
    + Themes Provides user experience theme management. Microsoft Corporation c:\windows\system32\shsvcs.dll
    + Tirminal_Service File not found: c:\program files\tirminal\tirminal_service.exe

  11. #11
    Junior Member
    Join Date
    Feb 2007
    Location
    andover UK
    Posts
    8
    + TrkWks Maintains links between NTFS files within a computer or across computers in a network domain. Microsoft Corporation c:\windows\system32\trkwks.dll
    + W32Time Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\w32time.dll
    + WebClient Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\webclnt.dll
    + WinDefend Helps protect users from malicious software, spyware, and other potentially unwanted software Microsoft Corporation c:\program files\windows defender\msmpeng.exe
    + winmgmt Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\wbem\wmisvc.dll
    + wscsvc Monitors system security settings and configurations. Microsoft Corporation c:\windows\system32\wscsvc.dll
    + wuauserv Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. Microsoft Corporation c:\windows\system32\wuauserv.dll
    + WZCSVC Provides automatic configuration for the 802.11 adapters Microsoft Corporation c:\windows\system32\wzcsvc.dll
    HKLM\System\CurrentControlSet\Services
    + ACPI ACPI Driver for NT Microsoft Corporation c:\windows\system32\drivers\acpi.sys
    + aec Microsoft Acoustic Echo Canceller Microsoft Corporation c:\windows\system32\drivers\aec.sys
    + AFD AFD Networking Support Environment Microsoft Corporation c:\windows\system32\drivers\afd.sys
    + ALCXWDM Realtek AC'97 Audio Driver (WDM) Realtek Semiconductor Corp. c:\windows\system32\drivers\alcxwdm.sys
    + ASAPIW2k ASAPI Pinnacle Systems GmbH c:\windows\system32\drivers\asapiw2k.sys
    + AsyncMac RAS Asynchronous Media Driver Microsoft Corporation c:\windows\system32\drivers\asyncmac.sys
    + atapi IDE/ATAPI Port Driver Microsoft Corporation c:\windows\system32\drivers\atapi.sys
    + Atmarpc ATM ARP Client Protocol Microsoft Corporation c:\windows\system32\drivers\atmarpc.sys
    + audstub AudStub Driver Microsoft Corporation c:\windows\system32\drivers\audstub.sys
    + BDFSDRV File not found: C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys
    + BDRSDRV File not found: C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys
    + CCDECODE WDM Closed Caption VBI Codec Microsoft Corporation c:\windows\system32\drivers\ccdecode.sys
    + Cdrom SCSI CD-ROM Driver Microsoft Corporation c:\windows\system32\drivers\cdrom.sys
    + CO_Mon c:\windows\system32\drivers\co_mon.sys
    + CSS DVP Dynamic Virus Protection Command Software Systems, Inc. c:\windows\system32\drivers\css-dvp.sys
    + DCamUSBEMPIA USB 28xx WDM Driver eMPIA Technology, Inc. c:\windows\system32\drivers\emdevice.sys
    + Disk PnP Disk Driver Microsoft Corporation c:\windows\system32\drivers\disk.sys
    + dmio NT Disk Manager I/O Driver Microsoft Corp., Veritas Software c:\windows\system32\drivers\dmio.sys
    + dmload NT Disk Manager Startup Driver Microsoft Corp., Veritas Software. c:\windows\system32\drivers\dmload.sys
    + DMusic Microsoft Kernel DLS Synthesizer Microsoft Corporation c:\windows\system32\drivers\dmusic.sys
    + drmkaud Microsoft Kernel DRM Audio Descrambler Filter Microsoft Corporation c:\windows\system32\drivers\drmkaud.sys
    + emAudio USB Audio Driver Pinnacle Systems, Inc. c:\windows\system32\drivers\emaudio.sys
    + Fdc Floppy Disk Controller Driver Microsoft Corporation c:\windows\system32\drivers\fdc.sys
    + FiltUSBEMPIA USB 28xx WDM Lower filter eMPIA Technology, Inc. c:\windows\system32\drivers\emfilter.sys
    + Flpydisk Floppy Driver Microsoft Corporation c:\windows\system32\drivers\flpydisk.sys
    + Freedom Freedom Driver Zero-Knowledge Systems Inc. c:\windows\system32\drivers\freedom.sys
    + FreeTdi Radialpoint Filter Radialpoint Inc. c:\windows\system32\drivers\freetdi.sys
    + Ftdisk FT Disk Driver Microsoft Corporation c:\windows\system32\drivers\ftdisk.sys
    + GEARAspiWDM CD/DVD Class Filter Driver GEAR Software Inc. c:\windows\system32\drivers\gearaspiwdm.sys
    + Gpc Generic Packet Classifier Microsoft Corporation c:\windows\system32\drivers\msgpc.sys
    + hidusb USB Miniport Driver for Input Devices Microsoft Corporation c:\windows\system32\drivers\hidusb.sys
    + HPZid412 IEEE-1284.4-1999 Driver (Windows 2000) HP c:\windows\system32\drivers\hpzid412.sys
    + HPZipr12 IEEE-1284.4-1999 Print Class Driver HP c:\windows\system32\drivers\hpzipr12.sys
    + HPZius12 1284.4<->Usb Datalink Driver (Windows 2000) HP c:\windows\system32\drivers\hpzius12.sys
    + HTTP This service implements the hypertext transfer protocol (HTTP). If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\drivers\http.sys
    + i8042prt i8042 Port Driver Microsoft Corporation c:\windows\system32\drivers\i8042prt.sys
    + ialm Intel Graphics Miniport Driver Intel Corporation c:\windows\system32\drivers\ialmnt5.sys
    + Imapi IMAPI Kernel Driver Microsoft Corporation c:\windows\system32\drivers\imapi.sys
    + InCDPass Ahead RW Filter Driver Nero AG c:\windows\system32\drivers\incdpass.sys
    + IntelIde Intel PCI IDE Driver Microsoft Corporation c:\windows\system32\drivers\intelide.sys
    + intelppm Processor Device Driver Microsoft Corporation c:\windows\system32\drivers\intelppm.sys
    + Ip6Fw Provides intrusion prevention service for a home or small office network. Microsoft Corporation c:\windows\system32\drivers\ip6fw.sys
    + IpFilterDriver IP Traffic Filter Driver Microsoft Corporation c:\windows\system32\drivers\ipfltdrv.sys
    + IpInIp IP in IP Tunnel Driver Microsoft Corporation c:\windows\system32\drivers\ipinip.sys
    + IpNat IP Network Address Translator Microsoft Corporation c:\windows\system32\drivers\ipnat.sys
    + IPSec IPSEC driver Microsoft Corporation c:\windows\system32\drivers\ipsec.sys
    + IRENUM Infra-Red Bus Enumerator Microsoft Corporation c:\windows\system32\drivers\irenum.sys
    + isapnp PNP ISA Bus Driver Microsoft Corporation c:\windows\system32\drivers\isapnp.sys
    + Kbdclass Keyboard Class Driver Microsoft Corporation c:\windows\system32\drivers\kbdclass.sys
    + kmixer Kernel Mode Audio Mixer Microsoft Corporation c:\windows\system32\drivers\kmixer.sys
    + MODEMCSA Unimodem CSA Filter Microsoft Corporation c:\windows\system32\drivers\modemcsa.sys
    + Mouclass Mouse Class Driver Microsoft Corporation c:\windows\system32\drivers\mouclass.sys
    + mouhid HID Mouse Filter Driver Microsoft Corporation c:\windows\system32\drivers\mouhid.sys
    + MSKSSRV MS KS Server Microsoft Corporation c:\windows\system32\drivers\mskssrv.sys
    + msloop Loopback Network Driver Microsoft Corporation c:\windows\system32\drivers\loop.sys
    + MSPCLOCK MS Proxy Clock Microsoft Corporation c:\windows\system32\drivers\mspclock.sys
    + MSPQM MS Proxy Quality Manager Microsoft Corporation c:\windows\system32\drivers\mspqm.sys
    + mssmbios System Management BIOS Driver Microsoft Corporation c:\windows\system32\drivers\mssmbios.sys
    + MSTEE WDM Tee/Communication Transform Filter Microsoft Corporation c:\windows\system32\drivers\mstee.sys
    + Mtlmnt5 Smart Link c:\windows\system32\drivers\mtlmnt5.sys
    + Mtlstrm Smart Link c:\windows\system32\drivers\mtlstrm.sys
    + NABTSFEC WDM NABTS/FEC VBI Codec Microsoft Corporation c:\windows\system32\drivers\nabtsfec.sys
    + NdisIP Microsoft IP Driver Microsoft Corporation c:\windows\system32\drivers\ndisip.sys
    + NdisTapi Remote Access NDIS TAPI Driver Microsoft Corporation c:\windows\system32\drivers\ndistapi.sys
    + Ndisuio NDIS Usermode I/O Protocol Microsoft Corporation c:\windows\system32\drivers\ndisuio.sys
    + NdisWan Remote Access NDIS WAN Driver Microsoft Corporation c:\windows\system32\drivers\ndiswan.sys
    + NetBT NetBios over Tcpip Microsoft Corporation c:\windows\system32\drivers\netbt.sys
    + NPDriver Norton Protection Driver Symantec Corporation c:\windows\system32\drivers\npdriver.sys
    + NtMtlFax Smart Link c:\windows\system32\drivers\ntmtlfax.sys
    + NwlnkFlt IPX Traffic Filter Driver Microsoft Corporation c:\windows\system32\drivers\nwlnkflt.sys
    + NwlnkFwd IPX Traffic Forwarder Driver Microsoft Corporation c:\windows\system32\drivers\nwlnkfwd.sys
    + Parport Parallel Port Driver Microsoft Corporation c:\windows\system32\drivers\parport.sys
    + PCI NT Plug and Play PCI Enumerator Microsoft Corporation c:\windows\system32\drivers\pci.sys
    + PCIIde Generic PCI IDE Bus Driver Microsoft Corporation c:\windows\system32\drivers\pciide.sys
    + PCLEPCI PCLEPCI Pinnacle Systems GmbH c:\windows\system32\drivers\pclepci.sys
    + PptpMiniport WAN Miniport (PPTP) Microsoft Corporation c:\windows\system32\drivers\raspptp.sys
    + PSched QoS Packet Scheduler Microsoft Corporation c:\windows\system32\drivers\psched.sys
    + Ptilink Direct Parallel Link Driver Parallel Technologies, Inc. c:\windows\system32\drivers\ptilink.sys
    + RasAcd Remote Access Auto Connection Driver Microsoft Corporation c:\windows\system32\drivers\rasacd.sys
    + Rasl2tp WAN Miniport (L2TP) Microsoft Corporation c:\windows\system32\drivers\rasl2tp.sys
    + RasPppoe Remote Access PPPOE Driver Microsoft Corporation c:\windows\system32\drivers\raspppoe.sys
    + Raspti Direct Parallel Microsoft Corporation c:\windows\system32\drivers\raspti.sys
    + RDPCDD RDP Miniport Microsoft Corporation c:\windows\system32\drivers\rdpcdd.sys
    + rdpdr Microsoft RDP Device redirector Microsoft Corporation c:\windows\system32\drivers\rdpdr.sys
    + RecAgent Smart Link c:\windows\system32\drivers\recagent.sys
    + redbook Redbook Audio Filter Driver Microsoft Corporation c:\windows\system32\drivers\redbook.sys
    + RTL8023 Realtek 10/100/1000 NDIS 5.1 Driver Realtek Semiconductor Corporation c:\windows\system32\drivers\rtlnic51.sys
    + rtl8139 Realtek RTL8139 NDIS 5.0 Driver Realtek Semiconductor Corporation c:\windows\system32\drivers\rtl8139.sys
    + SABProcEnum File not found: C:\PROGRA~1\MOZILL~1\SABProcEnum.sys
    + SASDIFSV SASDIFSV c:\program files\superantispyware\sasdifsv.sys
    + SASENUM SuperAntiSpyware SuperAdBlocker, Inc. c:\program files\superantispyware\sasenum.sys
    + SASKUTIL SASKUTIL.SYS c:\program files\superantispyware\saskutil.sys
    + ScanUSBEMPIA USB 28xx WDM Upper Filter eMPIA Technology, Inc. c:\windows\system32\drivers\emscan.sys
    + Secdrv SafeDisc driver c:\windows\system32\drivers\secdrv.sys
    + serenum Serial Port Enumerator Microsoft Corporation c:\windows\system32\drivers\serenum.sys
    + Serial Serial Device Driver Microsoft Corporation c:\windows\system32\drivers\serial.sys
    + SLIP Microsoft Slip Deframing Filter Minidriver Microsoft Corporation c:\windows\system32\drivers\slip.sys
    + Slntamr Smart Link c:\windows\system32\drivers\slntamr.sys
    + SlNtHal Smart Link c:\windows\system32\drivers\slnthal.sys
    + SlWdmSup Smart Link c:\windows\system32\drivers\slwdmsup.sys
    + splitter Microsoft Kernel Audio Splitter Microsoft Corporation c:\windows\system32\drivers\splitter.sys
    + streamip Microsoft IP Test Driver Microsoft Corporation c:\windows\system32\drivers\streamip.sys
    + swenum Plug and Play Software Device Enumerator Microsoft Corporation c:\windows\system32\drivers\swenum.sys
    + swmidi Microsoft GS Wavetable Synthesizer Microsoft Corporation c:\windows\system32\drivers\swmidi.sys
    + SymEvent Symantec Event Library Symantec Corporation c:\program files\symantec\symevent.sys
    + sysaudio System Audio WDM Filter Microsoft Corporation c:\windows\system32\drivers\sysaudio.sys
    + szkg File not found: system32\DRIVERS\szkg.sys
    + Tcpip TCP/IP Protocol Driver Microsoft Corporation c:\windows\system32\drivers\tcpip.sys
    + TermDD Terminal Server Driver Microsoft Corporation c:\windows\system32\drivers\termdd.sys
    + tmcomm TrendMicro Common Module Trend Micro Inc. c:\windows\system32\drivers\tmcomm.sys
    + Update Update Driver Microsoft Corporation c:\windows\system32\drivers\update.sys
    + usbaudio USB Audio Class Driver Microsoft Corporation c:\windows\system32\drivers\usbaudio.sys
    + usbccgp USB Common Class Generic Parent Driver Microsoft Corporation c:\windows\system32\drivers\usbccgp.sys
    + usbehci EHCI eUSB Miniport Driver Microsoft Corporation c:\windows\system32\drivers\usbehci.sys
    + usbhub Default Hub Driver for USB Microsoft Corporation c:\windows\system32\drivers\usbhub.sys
    + usbprint USB Printer driver Microsoft Corporation c:\windows\system32\drivers\usbprint.sys
    + usbscan USB Scanner Driver Microsoft Corporation c:\windows\system32\drivers\usbscan.sys
    + usbstor USB Mass Storage Class Driver Microsoft Corporation c:\windows\system32\drivers\usbstor.sys
    + usbuhci UHCI USB Miniport Driver Microsoft Corporation c:\windows\system32\drivers\usbuhci.sys
    + VgaSave VGA/Super VGA Video Driver Microsoft Corporation c:\windows\system32\drivers\vga.sys
    + Wanarp Remote Access IP ARP Driver Microsoft Corporation c:\windows\system32\drivers\wanarp.sys
    + wdmaud MMSYSTEM Wave/Midi API mapper Microsoft Corporation c:\windows\system32\drivers\wdmaud.sys
    + WSTCODEC WDM WST Codec Driver Microsoft Corporation c:\windows\system32\drivers\wstcodec.sys
    + WudfPf Provide communciation services for UMDF components. Microsoft Corporation c:\windows\system32\drivers\wudfpf.sys
    + WudfRd Reflect device requests to user-mode driver drivers Microsoft Corporation c:\windows\system32\drivers\wudfrd.sys
    HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
    + autocheck autochk * Auto Check Utility Microsoft Corporation c:\windows\system32\autochk.exe
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
    + Your Image File Name Here without a path Symbolic Debugger for Windows 2000 Microsoft Corporation c:\windows\system32\ntsd.exe
    HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
    + advapi32 Advanced Windows 32 Base API Microsoft Corporation c:\windows\system32\advapi32.dll
    + comdlg32 Common Dialogs DLL Microsoft Corporation c:\windows\system32\comdlg32.dll
    + gdi32 GDI Client DLL Microsoft Corporation c:\windows\system32\gdi32.dll
    + imagehlp Windows NT Image Helper Microsoft Corporation c:\windows\system32\imagehlp.dll
    + kernel32 Windows NT BASE API Client DLL Microsoft Corporation c:\windows\system32\kernel32.dll
    + lz32 LZ Expand/Compress API DLL Microsoft Corporation c:\windows\system32\lz32.dll
    + ole32 Microsoft OLE for Windows Microsoft Corporation c:\windows\system32\ole32.dll
    + oleaut32 Microsoft Corporation c:\windows\system32\oleaut32.dll
    + olecli32 Object Linking and Embedding Client Library Microsoft Corporation c:\windows\system32\olecli32.dll
    + olecnv32 Microsoft OLE for Windows Microsoft Corporation c:\windows\system32\olecnv32.dll
    + olesvr32 Object Linking and Embedding Server Library Microsoft Corporation c:\windows\system32\olesvr32.dll
    + olethk32 Microsoft OLE for Windows Microsoft Corporation c:\windows\system32\olethk32.dll
    + rpcrt4 Remote Procedure Call Runtime Microsoft Corporation c:\windows\system32\rpcrt4.dll
    + shell32 Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
    + url Internet Shortcut Shell Extension DLL Microsoft Corporation c:\windows\system32\url.dll
    + urlmon OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
    + user32 Windows XP USER API Client DLL Microsoft Corporation c:\windows\system32\user32.dll
    + version Version Checking and File Installation Libraries Microsoft Corporation c:\windows\system32\version.dll
    + wininet Internet Extensions for Win32 Microsoft Corporation c:\windows\system32\wininet.dll
    + wldap32 Win32 LDAP API DLL Microsoft Corporation c:\windows\system32\wldap32.dll
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
    + logonui.exe Windows Logon UI Microsoft Corporation c:\windows\system32\logonui.exe
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
    + !SASWinLogon SUPERAntiSpyware WinLogon Processor SUPERAntiSpyware.com c:\program files\superantispyware\saswinlo.dll
    + crypt32chain Crypto API32 Microsoft Corporation c:\windows\system32\crypt32.dll
    + cryptnet Crypto Network Related API Microsoft Corporation c:\windows\system32\cryptnet.dll
    + cscdll Offline Network Agent Microsoft Corporation c:\windows\system32\cscdll.dll
    + igfxcui igfxsrvc Module Intel Corporation c:\windows\system32\igfxsrvc.dll
    + ScCertProp Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll
    + Schedule Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll
    + sclgntfy Secondary Logon Service Notification DLL Microsoft Corporation c:\windows\system32\sclgntfy.dll
    + SensLogn Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll
    + termsrv Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll
    + wlballoon Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll
    HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
    + MSAFD NetBIOS [\Device\NetBT_Tcpip_{A7EC7C23-4255-46C3-9931-138339C4E096}] DATAGRAM 3 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll
    + MSAFD NetBIOS [\Device\NetBT_Tcpip_{A7EC7C23-4255-46C3-9931-138339C4E096}] SEQPACKET 3 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll
    + MSAFD NetBIOS [\Device\NetBT_Tcpip_{BD979BD6-2D4C-4482-9443-EB180DE093D0}] DATAGRAM 1 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll
    + MSAFD NetBIOS [\Device\NetBT_Tcpip_{BD979BD6-2D4C-4482-9443-EB180DE093D0}] SEQPACKET 1 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll
    + MSAFD NetBIOS [\Device\NetBT_Tcpip_{C10D1700-151F-433E-9BDD-EDA78B2C51F6}] DATAGRAM 0 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll
    + MSAFD NetBIOS [\Device\NetBT_Tcpip_{C10D1700-151F-433E-9BDD-EDA78B2C51F6}] SEQPACKET 0 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll
    + MSAFD NetBIOS [\Device\NetBT_Tcpip_{FE382415-6721-4554-BF65-FDB8A3F5E5F3}] DATAGRAM 2 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll
    + MSAFD NetBIOS [\Device\NetBT_Tcpip_{FE382415-6721-4554-BF65-FDB8A3F5E5F3}] SEQPACKET 2 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll
    + MSAFD Tcpip [RAW/IP] Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll
    + MSAFD Tcpip [TCP/IP] Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll
    + MSAFD Tcpip [UDP/IP] Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll
    + RSVP TCP Service Provider Microsoft Windows Rsvp 1.0 Service Provider Microsoft Corporation c:\windows\system32\rsvpsp.dll
    + RSVP UDP Service Provider Microsoft Windows Rsvp 1.0 Service Provider Microsoft Corporation c:\windows\system32\rsvpsp.dll
    HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
    + BJ Language Monitor Langage Monitor for Canon Bubble-Jet Printer Microsoft Corporation c:\windows\system32\cnbjmon.dll
    + hpzsnt09 HP c:\windows\system32\hpzsnt09.dll
    + Local Port Local Spooler DLL Microsoft Corporation c:\windows\system32\localspl.dll
    + PJL Language Monitor PJL Language monitor Microsoft Corporation c:\windows\system32\pjlmon.dll
    + Standard TCP/IP Port Standard TCP/IP Port Monitor DLL Microsoft Corporation c:\windows\system32\tcpmon.dll
    + USB Monitor Standard Dynamic Printing Port Monitor DLL Microsoft Corporation c:\windows\system32\usbmon.dll
    HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders
    + digest.dll Digest SSPI Authentication Package Microsoft Corporation c:\windows\system32\digest.dll
    + msapsspc.dll DPA Client for 32 bit platforms Microsoft Corporation c:\windows\system32\msapsspc.dll
    + msnsspc.dll MSN Internet Access Microsoft Corporation c:\windows\system32\msnsspc.dll
    + schannel.dll TLS / SSL Security Provider Microsoft Corporation c:\windows\system32\schannel.dll
    HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
    + msv1_0 Microsoft Authentication Package v1.0 Microsoft Corporation c:\windows\system32\msv1_0.dll
    HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
    + scecli Windows Security Configuration Editor Client Engine Microsoft Corporation c:\windows\system32\scecli.dll
    HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
    + kerberos Kerberos Security Package Microsoft Corporation c:\windows\system32\kerberos.dll
    + msv1_0 Microsoft Authentication Package v1.0 Microsoft Corporation c:\windows\system32\msv1_0.dll
    + schannel TLS / SSL Security Provider Microsoft Corporation c:\windows\system32\schannel.dll
    + wdigest Microsoft Digest Access Microsoft Corporation c:\windows\system32\wdigest.dll
    HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
    + LanmanWorkstation Microsoft Windows Network Microsoft Corporation c:\windows\system32\ntlanman.dll
    + RDPNP Microsoft Terminal Services Microsoft Corporation c:\windows\system32\drprov.dll
    + WebClient Web Client Network Microsoft Corporation c:\windows\system32\davclnt.dll

  12. #12
    Junior Member
    Join Date
    Feb 2007
    Location
    andover UK
    Posts
    8

    winantivirus again

    I posted cpreviously about winantivirus
    got a reply and scanned and cleaned like a demon
    winantivirus is still there
    an internet explorerb virus protection screen came up
    i allowed it to scan gae lots of false positives then tried to directb me to winantivirus website
    scan and protection details can be found on my previous post
    they were carried out by the numbers along with recommendations
    Here is my new hijack this logf

    Logfile of HijackThis v1.99.1
    Scan saved at 12:32:55, on 20/02/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\ntl\ntl Netguard\fws.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ntl\ntl Netguard\RPS.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\SiteAdvisor\5020\SiteAdv.exe
    C:\Program Files\Common Files\Command Software\dvpapi.exe
    C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\Program Files\Common Files\AOL\1170097487\ee\AOLSoftware.exe
    C:\Program Files\SiteAdvisor\5020\SAService.exe
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Anti-Lost CD Ejector\antilostlite.exe
    C:\Program Files\Invention Pilot\Tray Pilot Lite\TrayPlt.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
    C:\Program Files\DigiGuide Lite TV Guide\DigiGuideLite.exe
    C:\Program Files\PopTray\PopTray.exe
    C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\WINDOC.EXE
    C:\Program Files\Norton SystemWorks\Norton Utilities\WINDOC.EXE
    C:\Program Files\DriveHQ\DriveHQ FileManager\DriveHQClient.exe
    C:\Program Files\DriveHQ\DriveHQ FileManager\DriveHQRepository2.23.exe
    C:\Program Files\Technology Lighthouse\PTFB\PTFB.exe
    C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    C:\Program Files\Virus\Analyze.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/webhp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co.uk/webhp
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/webhp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\5020\SiteAdv.dll
    O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\ntl\ntl Netguard\pkR.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Form Filler BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\ntl\ntl Netguard\FBHR.dll
    O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\5020\SiteAdv.dll
    O4 - HKLM\..\Run: [ntl Netguard] "C:\Program Files\ntl\ntl Netguard\RPS.exe"
    O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [Opware12] "C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\5020\SiteAdv.exe
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1170097487\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [AntiLostCD] C:\Program Files\Anti-Lost CD Ejector\antilostlite.exe
    O4 - HKCU\..\Run: [Tray Pilot Lite] "C:\Program Files\Invention Pilot\Tray Pilot Lite\TrayPlt.exe"
    O4 - Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Startup: broadband medic.lnk = C:\Program Files\ntl\broadband medic\bin\matcli.exe
    O4 - Startup: clear.lnk = C:\STORE\clear.brs
    O4 - Startup: DigiGuide Lite.lnk = C:\Program Files\DigiGuide Lite TV Guide\DigiGuideLite.exe
    O4 - Startup: PopTray.lnk = C:\Program Files\PopTray\PopTray.exe
    O4 - Startup: PTFB.lnk = C:\Program Files\Technology Lighthouse\PTFB\PTFB.exe
    O4 - Startup: Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: broadband medic.lnk = C:\Program Files\ntl\broadband medic\bin\matcli.exe
    O4 - Global Startup: Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
    O4 - Global Startup: Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
    O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/res...scbase9602.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
    O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\5020\SiteAdv.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
    O23 - Service: Radialpoint Service (FWS) - Radialpoint Inc. - C:\Program Files\ntl\ntl Netguard\fws.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\5020\SAService.exe
    O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    O23 - Service: Tirminal™ (Tirminal_Service) - Unknown owner - c:\program files\tirminal\tirminal_service.exe (file missing)

    please help
    this is starting to get annoying

    is SPYBOT S&D ACCURATE
    SCANNED WITH IT LAST NIGHT AND DELETED ALL FOUND
    SCANNED AGAIN THIS MORNING 12hrs FOUND 68 ITEMS DELETED THEM ALL

    SINCE I SCANNED LIKE CRAZY AND INSTALLED SPYWAREBLATER I CANNOT DOWNLOAD FROM A TRUSTEDSITE KIWE9 FREE WINKS. I GET BLOCKED BECAUSE OF CERTIFICATE ERROR
    since i scanned and installed spyware blaster there is a site i cannot download from
    i tried removing all protection on spywareblaster and lowering security on ie7 but still get download blocked because of certificate
    i even put the site in trusted sites
    what am i missing

    STILL GOT IT
    new post at http://forums.speedguide.net/showthr...56#post1996456
    Last edited by robertdempster; 02-20-07 at 06:29 PM.

  13. #13
    Certified SG Addict
    Join Date
    Dec 2001
    Posts
    29,514
    Obi-Wan Kenobi, you're my only hope!

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •