Go Back   Cyber Tech Help Support Forums > Software > Malware Removal Forum

Notices

Reply
 
Topic Tools
  #46  
Old March 5th, 2008, 02:36 PM
Jintan Jintan is offline
Malware Removal Team Advisor
 
Join Date: Dec 2004
Posts: 50,114
There are some registry changes that would disable Trend through the Security Center, and disable the means of letting you know of the status. We can correct those now, but not seeing any infection activity or other changes in the logs we can act upon. Some chanegs suggest a type of autorun worm activity, related to one that would have interfered with Safe Mode access, but darned if we are seeing in the logs chanegs we can take action on here.


Code:
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000000
Open Notepad and copy and paste the above text (inside the box) into the text file. Now go to File > Save As and call it securfix.reg. Where it says "Files of Type", select All Files and click on Save. Exit Notepad, double-click on the file and ok the prompt asking if you wish to merge the file with your registry.

------------------------

Download System Repair Engineer. Use either of the Local Download buttons to download sreng2.zip

1. Extract it to it's own folder on your Desktop, then double click SREng.exe to run it.
2. Select 'Smart Scan' & tick "Verify Digital Signatures"
3. Click on the [Scan] button
4. When finished, click on the [Save Reports] button & save the log to Desktop.

Please post that log back here for review - it will be large, so use extra posts as needed.
Reply With Quote


  #47  
Old March 6th, 2008, 04:08 AM
evolpunk420's Avatar
evolpunk420 evolpunk420 is offline
Member
 
Join Date: Feb 2008
Posts: 37
1st part

[CODE]

2008-03-05,19:04:45

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run]
<DellSupport><"C:\Program Files\Dell Support\DSAgnt.exe" /startup> [Gteko Ltd.]
<OE_OEM><"C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe"> [(Verified)"Trend Micro, Inc."]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run]
<SigmatelSysTrayApp><stsystra.exe> [SigmaTel, Inc.]
<ISUSScheduler><"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start> [InstallShield Software Corporation]
<ISUSPM Startup><c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\is uspm.exe -startup> [InstallShield Software Corporation]
<LogitechCommunicationsManager><"C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"> [(Verified)Logitech Inc]
<LogitechQuickCamRibbon><"C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide> [(Verified)Logitech Inc]
<QuickTime Task><"C:\Program Files\QuickTime\QTTask.exe" -atboottime> [Apple Inc.]
<iTunesHelper><"C:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)Apple Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
<{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}><C:\Program Files\SUPERAntiSpyware\SASSEH.DLL> [SuperAdBlocker.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShService Obj.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
<WinlogonNotify: !SASWinLogon><C:\Program Files\SUPERAntiSpyware\SASWINLO.dll> [SUPERAntiSpyware.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist]
<WinlogonNotify: GoToAssist><C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll> [(Verified)Citri]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
<WinlogonNotify: WgaLogon><WgaLogon.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\KB910393]
<KB910393><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{407408d4-94ed-4d86-ab69-a7f649d112ee}]
<Media Center><%SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser .NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser > [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8b15971b-5355-4c82-8c07-7e181ea07608}]
<Fax><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
<ATICCC><; "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay> [N/A]
<Dell QuickSet><; C:\Program Files\Dell\QuickSet\quickset.exe> [Dell Inc]
<DellHelp><; C:\Dell\DellHelp\DellHelp.exe /c> [Dell Inc]
<dla><; C:\WINDOWS\system32\dla\tfswctrl.exe> [Sonic Solutions]
<ehTray><; C:\WINDOWS\ehome\ehtray.exe> [(Verified)]
<HP Software Update><; C:\Program Files\HP\HP Software Update\HPWuSchd2.exe> [Hewlett-Packard Co.]
<IntelWireless><; "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless> [Intel Corporation]
<IntelZeroConfig><; "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"> [Intel Corporation]
<ISUSPM Startup><; C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup> [InstallShield Software Corporation]
<iTunesHelper><; "C:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)Apple Inc.]
<LogitechCommunicationsManager><; "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"> [(Verified)Logitech Inc]
<LogitechQuickCamRibbon><; "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide> [(Verified)Logitech Inc]
<pccguide.exe><; "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe"> [(Verified)"Trend Micro, Inc."]
<PCMService><; "C:\Program Files\Dell\MediaDirect\PCMService.exe"> [CyberLink Corp.]
<QuickTime Task><; "C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Inc.]
<SynTPEnh><; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]

==================================
Startup Folders
[Digital Line Detect]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk --> C:\PROGRA~1\DIGITA~1\DLG.exe [BVRP Software]><N>
[OneNote 2007 Screen Clipper and Launcher]
<C:\Documents and Settings\ENY\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk --> C:\PROGRA~1\MI1933~1\Office12\ONENOTEM.EXE [Microsoft Corporation]><N>

==================================
Services
[Ad-Aware 2007 Service / aawservice][Running/Auto Start]
<"C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe"><Lavasoft>
[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]
<"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple, Inc.>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
<C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspn et_state.exe><Microsoft Corporation>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
<C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[Symantec Lic NetConnect service / CLTNetCnService][Stopped/Auto Start]
<"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><N/A>
[Intel(R) PROSet/Wireless Event Log / EvtEng][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[GoToAssist / GoToAssist][Stopped/Manual Start]
<"C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe" Start=service><Citrix Online, a division of Citrix Systems, Inc.>
[hpqcxs08 / hpqcxs08][Running/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k hpdevmgmt-->C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll><Hewlett-Packard Co.>
[HP CUE DeviceDiscovery Service / hpqddsvc][Running/Auto Start]
<C:\WINDOWS\system32\svchost.exe -k hpdevmgmt-->C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll><Hewlett-Packard Co.>
[HP Network Devices Support / HPSLPSVC][Running/Auto Start]
<C:\WINDOWS\system32\svchost.exe -k HPService-->C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL><Hewlett-Packard Co.>
[iPod Service / iPod Service][Running/Manual Start]
<"C:\Program Files\iPod\bin\iPodService.exe"><Apple Inc.>
[LVCOMSer / LVCOMSer][Running/Auto Start]
<"C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe"><Logitech Inc.>
[Process Monitor / LVPrcSrv][Running/Auto Start]
<"C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe"><Logitech Inc.>
[LVSrvLauncher / LVSrvLauncher][Stopped/Auto Start]
<C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe><Logitech Inc.>
[MSSQL$MICROSOFTSMLBIZ / MSSQL$MICROSOFTSMLBIZ][Running/Auto Start]
<"C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe" -sMICROSOFTSMLBIZ><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start]
<"C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe"><Microsoft Corporation>
[Trend Micro Central Control Component / PcCtlCom][Running/Auto Start]
<C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe><Tre nd Micro Inc.>
[Intel(R) PROSet/Wireless Registry Service / RegSrvc][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Intel(R) PROSet/Wireless Service / S24EventMonitor][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[PC Tools Auxiliary Service / sdAuxService][Stopped/Manual Start]
<C:\Program Files\Spyware Doctor\pctsAuxs.exe><PC Tools>
[PC Tools Security Service / sdCoreService][Stopped/Manual Start]
<C:\Program Files\Spyware Doctor\pctsSvc.exe><PC Tools>
[SQLAgent$MICROSOFTSMLBIZ / SQLAgent$MICROSOFTSMLBIZ][Stopped/Manual Start]
<"C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE" -i MICROSOFTSMLBIZ><Microsoft Corporation>
[Trend Micro Real-time Service / Tmntsrv][Running/Auto Start]
<C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe><Tren d Micro Inc.>
[Trend Micro Personal Firewall / TmPfw][Running/Auto Start]
<C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe><Trend Micro Inc.>
[Trend Micro Proxy Service / tmproxy][Running/Auto Start]
<C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe><Tren d Micro Inc.>
[Intel(R) PROSet/Wireless SSO Service / WLANKEEPER][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe><Intel(R) Corporation>
Reply With Quote
  #48  
Old March 6th, 2008, 04:09 AM
evolpunk420's Avatar
evolpunk420 evolpunk420 is offline
Member
 
Join Date: Feb 2008
Posts: 37
2nd part

==================================
Drivers
[abp480n5 / abp480n5][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ABP480N5.SYS><Micros oft Corporation>
[adpu160m / adpu160m][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\adpu160m.sys><Micros oft Corporation>
[AEGIS Protocol (IEEE 802.1x) v3.6.0.0 / AegisP][Running/Auto Start]
<system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[Aha154x / Aha154x][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\aha154x.sys><Microso ft Corporation>
[aic78u2 / aic78u2][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\aic78u2.sys><Microso ft Corporation>
[aic78xx / aic78xx][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\aic78xx.sys><Microso ft Corporation>
[AliIde / AliIde][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\amdagp.sys><Advanc ed Micro Devices, Inc.>
[APPDRV / APPDRV][Running/System Start]
<\SystemRoot\SYSTEM32\DRIVERS\APPDRV.SYS><Dell Inc>
[asc / asc][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3350p / asc3350p][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\asc3350p.sys><Micros oft Corporation>
[asc3550 / asc3550][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\asc3550.sys><Advance d System Products, Inc.>
[ati2mtag / ati2mtag][Running/Manual Start]
<system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
<system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[BVRPMPR5 NDIS Protocol Driver / BVRPMPR5][Stopped/Manual Start]
<\??\D:\INSTAL~E\Core\BVRPMPR5.SYS><N/A>
[cd20xrnt / cd20xrnt][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\cd20xrnt.sys><Micros oft Corporation>
[CmdIde / CmdIde][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dpti2o / dpti2o][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\dpti2o.sys><Microsof t Corporation>
[drvmcdb / drvmcdb][Running/Boot Start]
<\SystemRoot\system32\drivers\drvmcdb.sys><Sonic Solutions>
[drvnddm / drvnddm][Running/Auto Start]
<system32\drivers\drvnddm.sys><Sonic Solutions>
[DSproct / DSproct][Running/Manual Start]
<\??\C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys><GTek Technologies Ltd.>
[Intel(R) PRO Adapter Driver / E100B][Stopped/Manual Start]
<system32\DRIVERS\e100b325.sys><Intel Corporation>
[GEARAspiWDM / GEARAspiWDM][Running/Manual Start]
<System32\Drivers\GEARAspiWDM.sys><GEAR Software Inc.>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HSF_DPV / HSF_DPV][Running/Manual Start]
<system32\DRIVERS\HSX_DPV.sys><Conexant Systems, Inc.>
[HSXHWAZL / HSXHWAZL][Running/Manual Start]
<system32\DRIVERS\HSXHWAZL.sys><Conexant Systems, Inc.>
[File Security Driver / IKFileSec][Stopped/Manual Start]
<\SystemRoot\system32\drivers\ikfilesec.sys><PCToo ls Research Pty Ltd.>
[System Filter Driver / IKSysFlt][Stopped/Manual Start]
<system32\drivers\iksysflt.sys><PCTools Research Pty Ltd.>
[System Security Driver / IKSysSec][Stopped/Manual Start]
<system32\drivers\iksyssec.sys><PCTools Research Pty Ltd.>
[ini910u / ini910u][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ini910u.sys><Microso ft Corporation>
[Logitech AEC Driver / LVcKap][Running/Manual Start]
<system32\DRIVERS\LVcKap.sys><Logitech Inc.>
[Logitech Machine Vision Engine Loader / LVMVDrv][Stopped/Manual Start]
<system32\DRIVERS\LVMVDrv.sys><Logitech Inc.>
[Logitech LVPr2Mon Driver / LVPr2Mon][Running/Manual Start]
<system32\DRIVERS\LVPr2Mon.sys><>
[Logitech USB Monitor Filter / LVUSBSta][Running/Manual Start]
<system32\drivers\LVUSBSta.sys><Logitech Inc.>
[mdmxsdk / mdmxsdk][Running/Auto Start]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[mraid35x / mraid35x][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\mraid35x.sys><Americ an Megatrends Inc.>
[Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows XP 32 Bit / NETw3x32][Running/Manual Start]
<system32\DRIVERS\NETw3x32.sys><Intel® Corporation>
[nv / nv][Stopped/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[OMCI WDM Device Driver / omci][Running/System Start]
<system32\DRIVERS\omci.sys><Dell Inc>
[Volume Adapter / pepifilter][Running/Manual Start]
<system32\DRIVERS\lv302af.sys><Logitech Inc.>
[Logitech QuickCam IM(PID_PEPI) / PID_PEPI][Running/Manual Start]
<system32\DRIVERS\LV302V32.SYS><Logitech Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Soni c Solutions>
[ql1080 / ql1080][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ql10wnt.sys><Microso ft Corporation>
[ql12160 / ql12160][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ql12160.sys><QLogi c Corporation>
[ql1280 / ql1280][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ql1280.sys><QLogic Corporation>
[rimmptsk / rimmptsk][Running/Manual Start]
<system32\DRIVERS\rimmptsk.sys><REDC>
[rimsptsk / rimsptsk][Running/Manual Start]
<system32\DRIVERS\rimsptsk.sys><REDC>
[Ricoh xD-Picture Card Driver / rismxdp][Running/Manual Start]
<system32\DRIVERS\rixdptsk.sys><REDC>
[WLAN Transport / s24trans][Running/Auto Start]
<system32\DRIVERS\s24trans.sys><Intel Corporation>
[samhid / samhid][Stopped/Manual Start]
<system32\drivers\samhid.sys><N/A>
[SASDIFSV / SASDIFSV][Running/System Start]
<\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS><>
[SASENUM / SASENUM][Stopped/Manual Start]
<\??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS><SuperAdBlocker , Inc.>
[SASKUTIL / SASKUTIL][Running/System Start]
<\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys><>
[Secdrv / Secdrv][Running/Auto Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SIS AGP Bus Filter / sisagp][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\sisagp.sys><Silico n Integrated Systems Corporation>
[Sparrow / Sparrow][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\sparrow.sys><Adaptec , Inc.>
[sscdbhk5 / sscdbhk5][Running/System Start]
<system32\drivers\sscdbhk5.sys><Sonic Solutions>
[ssrtln / ssrtln][Running/System Start]
<system32\drivers\ssrtln.sys><Sonic Solutions>
[SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start]
<system32\drivers\sthda.sys><SigmaTel, Inc.>
[symc810 / symc810][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\symc810.sys><Symbi os Logic Inc.>
[symc8xx / symc8xx][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\symc8xx.sys><LSI Logic>
[sym_hi / sym_hi][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\sym_u3.sys><LSI Logic>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
<system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[tfsnboio / tfsnboio][Running/Auto Start]
<system32\dla\tfsnboio.sys><Sonic Solutions>
[tfsncofs / tfsncofs][Running/Auto Start]
<system32\dla\tfsncofs.sys><Sonic Solutions>
[tfsndrct / tfsndrct][Running/Auto Start]
<system32\dla\tfsndrct.sys><Sonic Solutions>
[tfsndres / tfsndres][Running/Auto Start]
<system32\dla\tfsndres.sys><Sonic Solutions>
[tfsnifs / tfsnifs][Running/Auto Start]
<system32\dla\tfsnifs.sys><Sonic Solutions>
[tfsnopio / tfsnopio][Running/Auto Start]
<system32\dla\tfsnopio.sys><Sonic Solutions>
[tfsnpool / tfsnpool][Running/Auto Start]
<system32\dla\tfsnpool.sys><Sonic Solutions>
[tfsnudf / tfsnudf][Running/Auto Start]
<system32\dla\tfsnudf.sys><Sonic Solutions>
[tfsnudfa / tfsnudfa][Running/Auto Start]
<system32\dla\tfsnudfa.sys><Sonic Solutions>
[Trend Micro Common Firewall Service / tmcfw][Running/Manual Start]
<system32\DRIVERS\TM_CFW.sys><Trend Micro Inc.>
[tmpreflt / tmpreflt][Running/Auto Start]
<system32\DRIVERS\tmpreflt.sys><Trend Micro Inc.>
[Trend Micro TDI Driver / tmtdi][Running/System Start]
<system32\DRIVERS\tmtdi.sys><Trend Micro Inc.>
[tmxpflt / tmxpflt][Running/Auto Start]
<system32\drivers\TmXPFlt.sys><Trend Micro Inc.>
[TosIde / TosIde][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\toside.sys><Microsof t Corporation>
[ultra / ultra][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[ViaIde / ViaIde][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\viaide.sys><Microsof t Corporation>
[vsapint / vsapint][Running/Auto Start]
<system32\DRIVERS\vsapint.sys><Trend Micro Inc.>
[Intel(R) PRO/Wireless 3945ABG Adapter Driver / w39n51][Stopped/Manual Start]
<system32\DRIVERS\w39n51.sys><Intel® Corporation>
[WAN Miniport (ATW) / wanatw][Stopped/Manual Start]
<system32\DRIVERS\wanatw4.sys><N/A>
[winachsf / winachsf][Running/Manual Start]
<system32\DRIVERS\HSX_CNXT.sys><Conexant Systems, Inc.>
[Logitech Virtual Bus Enumerator Driver / WmBEnum][Running/Manual Start]
<system32\drivers\WmBEnum.sys><Logitech Inc.>
[Logitech Gaming HID Filter Driver / WmFilter][Stopped/Manual Start]
<system32\drivers\WmFilter.sys><Logitech Inc.>
[Logitech Virtual Hid Device Driver / WmVirHid][Stopped/Manual Start]
<system32\drivers\WmVirHid.sys><Logitech Inc.>
[Logitech WingMan Translation Layer Driver / WmXlCore][Running/Manual Start]
<system32\drivers\WmXlCore.sys><Logitech Inc.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
Reply With Quote
  #49  
Old March 6th, 2008, 04:10 AM
evolpunk420's Avatar
evolpunk420 evolpunk420 is offline
Member
 
Join Date: Feb 2008
Posts: 37
3rd part

==================================
Browser Add-ons
[&Yahoo! Toolbar Helper]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} <C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll , Yahoo! Inc.>
[HP Print Enhancer]
{0347C33E-8762-4905-BF09-768834316C61} <C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll, Hewlett-Packard Co.>
[HP Print Clips]
{053F9267-DC04-4294-A72C-58F732D338C0} <C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll, Hewlett-Packard Co.>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Yahoo! IE Services Button]
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} <C:\Program Files\Yahoo!\Common\yiesrvc.dll, Yahoo! Inc.>
[DriveLetterAccess]
{5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\system32\dla\tfswshx.dll, Sonic Solutions>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[CBrowserHelperObject Object]
{CA6319C0-31B7-401E-A518-A07C3DB8F777} <C:\Program Files\BAE\BAE.dll, Dell Inc.>
[Java Plug-in]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Send to OneNote from Internet Explorer button]
{2670000A-7350-4f3c-8081-5663EE0C6C49} <C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll, Microsoft Corporation>
[ClipBookBtn Class]
{58ECB495-38F0-49cb-A538-10282ABF65E7} <C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll, Hewlett-Packard Co.>
[Yahoo! IE Services Button]
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} <C:\Program Files\Yahoo!\Common\yiesrvc.dll, Yahoo! Inc.>
[EnhSelectionBtn Class]
{700259D7-1666-479a-93B1-3250410481E8} <C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll, Hewlett-Packard Co.>
[&Research]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL, Microsoft Corporation>
[Real.com]
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} <C:\WINDOWS\system32\Shdocvw.dll, Microsoft Corporation>
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Yahoo! Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll , Yahoo! Inc.>
[SysProWmi Class]
{01A88BB1-1174-41EC-ACCB-963509EAE56B} <C:\WINDOWS\system32\Dell\SystemProfiler\SysPro.oc x, Dell Computer Corp.>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[Installation Support]
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} <C:\Program Files\Yahoo!\Common\Yinsthelper.dll, Yahoo! Inc.>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[Java Plug-in]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in]
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_06]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll, Sun Microsystems, Inc.>
[Live Collaboration]
{E7D2588A-7FB5-47DC-8830-832605661009} <C:\WINDOWS\DOWNLO~1\RntX.dll, RightNow Technologies Inc.>
[&Yahoo! Toolbar Helper]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} <C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll , Yahoo! Inc.>
[Installation Support]
{0291E591-EA41-4C82-8106-3DC6CE7F7664} <C:\Program Files\Yahoo!\Common\Yinsthelper.dll, Yahoo! Inc.>
[Microsoft Office Template and Media Control]
{02BCC737-B171-4746-94C9-0D8A0B2C0089} <C:\PROGRA~1\MI1933~1\Office12\IEAWSDC.DLL, >
[QuickTime Object]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Inc.>
[HP Print Enhancer]
{0347C33E-8762-4905-BF09-768834316C61} <C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll, Hewlett-Packard Co.>
[HP Print Clips]
{053F9267-DC04-4294-A72C-58F732D338C0} <C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll, Hewlett-Packard Co.>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[STSUpld UploadCtl Class]
{07B06095-5687-4D13-9E32-12B4259C9813} <C:\PROGRA~1\MI1933~1\Office12\STSUPLD.DLL, Microsoft Corporation>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[InformationCardSigninHelper Class]
{19916E01-B44E-4E31-94A4-4696DF46157B} <C:\WINDOWS\system32\icardie.dll, Microsoft Corporation>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XSL Template]
{2933BF94-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[HtmlDlgSafeHelper Class]
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation>
[Installation Support]
{30528230-99F7-4BB4-88D8-FA1D4F56A2AB} <C:\Program Files\Yahoo!\Common\Yinsthelper.dll, Yahoo! Inc.>
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[Installation Support]
{347B0667-C7ED-429B-BDE3-CC8D3BACAA31} <C:\Program Files\Yahoo!\Common\Yinsthelper.dll, Yahoo! Inc.>
[XML Schema Cache]
{373984C9-B845-449B-91E7-45AC83036ADE} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[SharePoint Spreadsheet Launcher]
{3FD37ABB-F90A-4DE5-AA38-179629E64C2F} <C:\PROGRA~1\MI1933~1\Office12\OWSSUPP.DLL, Microsoft Corporation>
[QuickTime Object]
{4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Inc.>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[Yahoo! IE Services Button]
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} <C:\Program Files\Yahoo!\Common\yiesrvc.dll, Yahoo! Inc.>
[DriveLetterAccess]
{5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\system32\dla\tfswshx.dll, Sonic Solutions>
[YMP Datagrid]
{5F810AFC-BB5F-4416-BE63-E01DD117BD6C} <"C:\Program Files\Yahoo!\Yahoo! Music Jukebox\Support\datagrid.dll", N/A>
[SharePoint Export Database Launcher]
{62B4D041-4667-40B6-BB50-4BC0A5043A73} <C:\PROGRA~1\MI1933~1\Office12\OWSSUPP.DLL, Microsoft Corporation>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[PSFactoryBuffer]
{64AA7031-C150-4118-8D31-FD273A2BB22C} <C:\Program Files\Yahoo!\Common\Yverinfo.dll, Yahoo! Inc.>
[Microsoft Shell UI Helper]
{64AB4BB7-111E-11D1-8F79-00C04FC2FBE1} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[Microsoft Office List 12.0]
{65BCBEE4-7728-41A0-97BE-14E1CAE36AAE} <C:\Program Files\Microsoft Office\Office12\STSLIST.DLL, Microsoft Corporation>
[YahooTaggedBM Class]
{65D886A2-7CA7-479B-BB95-14D1EFB7946A} <C:\Program Files\Yahoo!\Common\YIeTagBm.dll, Yahoo! Inc.>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[XML DOM Document 4.0]
{88D969C0-F192-11D4-A65F-0040963251E5} <c:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[Free Threaded XML DOM Document 4.0]
{88D969C1-F192-11D4-A65F-0040963251E5} <c:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[XML Schema Cache 4.0]
{88D969C2-F192-11D4-A65F-0040963251E5} <c:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[XSL Template 4.0]
{88D969C3-F192-11D4-A65F-0040963251E5} <c:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[XML Data Source Object 4.0]
{88D969C4-F192-11D4-A65F-0040963251E5} <c:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[XML HTTP 4.0]
{88D969C5-F192-11D4-A65F-0040963251E5} <c:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[Java Plug-in]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[SharePoint OpenDocuments Class]
{9203C2CB-1DC1-482D-967E-597AFF270F0D} <C:\PROGRA~1\MI1933~1\Office12\OWSSUPP.DLL, Microsoft Corporation>
[AxPlayer Control]
{9F81C14C-04C0-4378-9A0F-70B5F25397BC} <C:\PROGRA~1\Netflix\NETFLI~1\AxPlayer.ocx, Netflix, Inc.>
[SharePoint OpenDocuments Class]
{9F9C4924-C3F3-4459-A396-9E9E0D8B83D1} <C:\PROGRA~1\MI1933~1\OFFICE11\OWSSUPP.DLL, Microsoft Corporation>
[YahooYMailTo Class]
{A17E30C4-A9BA-11D4-8673-60DB54C10000} <C:\Program Files\Yahoo!\Common\YMMAPI.dll, Yahoo! Inc.>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Yahoo! VersionInfo2]
{B345F37E-6763-433B-BC53-9B526A9B7B8B} <C:\Program Files\Yahoo!\Common\Yverinfo.dll, Yahoo! Inc.>
[AxVersion Control]
{B3E658DF-D425-430C-82C2-D54295915020} <C:\PROGRA~1\Netflix\NETFLI~1\AXVERS~1.OCX, Netflix Inc.>
[OWSClientEventSubscription Class]
{BDEADE3E-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSCLT.DLL, Microsoft Corporation>
[OWSClientMiscApis Class]
{BDEADE3F-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSCLT.DLL, Microsoft Corporation>
[OWSClientCommentThread Class]
{BDEADE40-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSCLT.DLL, Microsoft Corporation>
[OWSClientComment Class]
{BDEADE42-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSCLT.DLL, Microsoft Corporation>
[OWSBrowserUI Class]
{BDEADE43-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSCLT.DLL, Microsoft Corporation>
[&Discuss]
{BDEADE7F-C265-11D0-BCED-00A0C90AB50F} <shdocvw.dll, Microsoft Corporation>
[OWS Post Data]
{BDEADE98-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSCLT.DLL, Microsoft Corporation>
[SharePoint Spreadsheet Launcher]
{BDEADE9E-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSCLT.DLL, Microsoft Corporation>
[Web Discussions]
{BDEADEB3-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSCLT.DLL, Microsoft Corporation>
[Web Discussions]
{BDEADEB4-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSCLT.DLL, Microsoft Corporation>
[Web Discussions]
{BDEADEB5-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSCLT.DLL, Microsoft Corporation>
[OWSDiscussionServers Class]
{BDEADEB7-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSCLT.DLL, Microsoft Corporation>
[OWSClientCollaboration Class]
{BDEADEB8-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSCLT.DLL, Microsoft Corporation>
[OSE.Discussion]
{BDEADEDA-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSCLT.DLL, Microsoft Corporation>
[OSE.Discussions]
{BDEADEDB-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSCLT.DLL, Microsoft Corporation>
[OSE.DiscussionServer]
{BDEADEDC-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSCLT.DLL, Microsoft Corporation>
[OSE.DiscussionServers]
{BDEADEDD-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSCLT.DLL, Microsoft Corporation>
[OSE Global Class]
{BDEADEDE-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSCLT.DLL, Microsoft Corporation>
[OWSDiscussionBar Class]
{BDEADEE0-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSCLT.DLL, Microsoft Corporation>
[SharePoint OpenDocuments Class]
{BDEADEF2-C265-11D0-BCED-00A0C90AB50F} <, N/A>
[SharePoint Stssync Handler]
{BDEADEF4-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\OFFICE11\OWSSUPP.DLL, Microsoft Corporation>
[SharePoint Stssync Handler]
{BDEADEF5-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MI1933~1\Office12\OWSSUPP.DLL, Microsoft Corporation>
[Microsoft Office 12 Authorization Control]
{C9712B19-838B-45A5-ABF2-9A315DDDED50} <C:\PROGRA~1\MI1933~1\Office12\AUTHZAX.DLL, Microsoft Corporation>
[CBrowserHelperObject Object]
{CA6319C0-31B7-401E-A518-A07C3DB8F777} <C:\Program Files\BAE\BAE.dll, Dell Inc.>
[Adobe PDF Reader]
{CA8A9780-280D-11CF-A24D-444553540000} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroPDF.dll, Adobe Systems, Inc.>
[Behavior Object]
{CB927D12-4FF7-4A9E-A169-56E4B8A75598} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Inc.>
[STSUpld CopyCtl Class]
{CDEC13B2-0B3C-400E-B909-E27EE89C6799} <C:\PROGRA~1\MI1933~1\Office12\STSUPLD.DLL, Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[Yahoo! VersionInfo]
{D5184A39-CBDF-4A4F-AC1A-7A45A852C883} <C:\Program Files\Yahoo!\Common\Yverinfo.dll, Yahoo! Inc.>
[iTunesDetector Class]
{D719897A-B07A-4C0C-AEA9-9B663A28DFCB} <C:\Program Files\iTunes\ITDetector.ocx, Apple Computer, Inc.>
[MessengerChecker Class]
{DA4F543C-C8A9-4E88-9A79-548CBB46F18F} <C:\Program Files\Yahoo!\Messenger\YPagerChecker.dll, Yahoo! Inc.>
[OISClientLauncher Class]
{E543A17A-F212-49C0-B63D-BF09B460250E} <C:\Program Files\Microsoft Office\Office12\oisctrl.dll, Microsoft Corporation>
[PersonalSite Class]
{E7339A62-0E31-4A5E-BA3D-F2FEDFBF8BE5} <C:\PROGRA~1\COMMON~1\MICROS~1\Portal\PORTAL~2.DLL , >
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[Scripting.Dictionary]
{EE09B103-97E0-11CF-978F-00A02463E06F} <C:\WINDOWS\system32\scrrun.dll, Microsoft Corporation>
[Yahoo! Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll , Yahoo! Inc.>
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[Free Threaded XML DOM Document 3.0]
{F5078F33-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XML Schema Cache 3.0]
{F5078F34-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XML HTTP 3.0]
{F5078F35-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XSL Template 3.0]
{F5078F36-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XML Data Source Object 3.0]
{F5078F39-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[Free Threaded XML DOM Document]
{F6D90F12-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XML Data Source Object]
{F6D90F14-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[E&xport to Microsoft Excel]
<res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000, N/A>
Reply With Quote
  #50  
Old March 6th, 2008, 04:13 AM
evolpunk420's Avatar
evolpunk420 evolpunk420 is offline
Member
 
Join Date: Feb 2008
Posts: 37
4th part

==================================
Running Processes
[PID: 740 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1312 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1340 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\SUPERAntiSpyware\SASWINLO.dll] [SUPERAntiSpyware.com, 1, 0, 0, 1046]
[C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4133]
[C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll] [Citrix Online, a division of Citrix Systems, Inc., 8.0 Build 480]
[PID: 1384 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1396 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1604 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4133]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2500]
[PID: 1620 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1744 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1784 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1820 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe] [Intel Corporation, 10.5.1.21]
[C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll] [Intel Corporation, 10, 5, 1, 1 ]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 10.5.1.6]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 10.5.1.5]
[C:\Program Files\Intel\Wireless\Bin\DbEngine.dll] [Intel Corporation, 10, 5, 1, 17]
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [The OpenSSL Project, http://www.openssl.org/, 0.9.8]
[C:\Program Files\Intel\Wireless\Bin\IntStngs.dll] [, 10.5.1.0 ]
[C:\Program Files\Intel\Wireless\Bin\MurocApi.dll] [Intel Corporation, 10.5.1.2]
[C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] [Intel Corporation, 10.5.1.1]
[PID: 2036 / ENY][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4133]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2500]
[PID: 208 / ENY][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll] [Logitech Inc., 11.5.0.1158]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[C:\Program Files\SUPERAntiSpyware\SASSEH.DLL] [SuperAdBlocker.com, 1, 0, 0, 1008]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL] [SUPERAntiSpyware.com, 1, 0, 0, 1004]
[C:\Program Files\Yahoo!\Common\YMMAPI.dll] [Yahoo! Inc., 2005, 1, 1, 4]
[PID: 328 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe] [Intel Corporation , 10.5.1.3]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 10.5.1.6]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 10.5.1.5]
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [The OpenSSL Project, http://www.openssl.org/, 0.9.8]
[C:\Program Files\Intel\Wireless\Bin\IntStngs.dll] [, 10.5.1.0 ]
[C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL] [N/A, ]
[PID: 348 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe] [Intel(R) Corporation, 10.5.1.5 ]
[C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll] [Intel Corporation, 10, 5, 1, 1 ]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 10.5.1.6]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 10.5.1.5]
[C:\Program Files\Intel\Wireless\Bin\DbEngine.dll] [Intel Corporation, 10, 5, 1, 17]
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [The OpenSSL Project, http://www.openssl.org/, 0.9.8]
[C:\Program Files\Intel\Wireless\Bin\IntStngs.dll] [, 10.5.1.0 ]
[C:\Program Files\Intel\Wireless\Bin\MurocApi.dll] [Intel Corporation, 10.5.1.2]
[C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] [Intel Corporation, 10.5.1.1]
[PID: 568 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 636 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 880 / SYSTEM][C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe] [Lavasoft, 7,0,2,6]
[C:\Program Files\Lavasoft\Ad-Aware 2007\CEAPI.dll] [Lavasoft, 7,0,2,6]
[C:\Program Files\Lavasoft\Ad-Aware 2007\PKArchive85u.dll] [PKWARE, Inc., 8.4.1045.0]
[C:\Program Files\Lavasoft\Ad-Aware 2007\Update.dll] [, 7, 0, 2, 6]
[PID: 1212 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\hpz3l5ha.dll] [Hewlett-Packard Company, 61.071.244.00]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp5ha .dll] [Hewlett-Packard Corporation, 61.071.244.00]
[PID: 1244 / SYSTEM][C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe] [Logitech Inc., 11.5.0.1158]
[PID: 1676 / SYSTEM][C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] [Apple, Inc., 1, 14, 0, 0]
[PID: 1816 / SYSTEM][C:\WINDOWS\eHome\ehRecvr.exe] [Microsoft Corporation, 5.1.2715.3011 (xpsp(wmbla).061009-1511)]
[C:\WINDOWS\system32\sbe.dll] [, ]
[C:\WINDOWS\system32\quartz.dll] [, ]
[C:\WINDOWS\system32\devenum.dll] [, ]
[C:\WINDOWS\system32\msdmo.dll] [, ]
Reply With Quote
  #51  
Old March 6th, 2008, 04:14 AM
evolpunk420's Avatar
evolpunk420 evolpunk420 is offline
Member
 
Join Date: Feb 2008
Posts: 37
5th

[PID: 1848 / SYSTEM][C:\WINDOWS\eHome\ehSched.exe] [Microsoft Corporation, 5.1.2710.2732 (xpsp(wmbla).050805-1239)]
[PID: 1928 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\program files\hp\digital imaging\bin\hpqddsvc.dll] [Hewlett-Packard Co., 90.0.146.000]
[c:\program files\hp\digital imaging\bin\hpqddcmn.dll] [Hewlett-Packard Co., 90.0.146.000]
[c:\program files\hp\digital imaging\bin\hpqcxs08.dll] [Hewlett-Packard Co., 90.0.146.000]
[PID: 1960 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\program files\hp\digital imaging\bin\hpslpsvc32.dll] [Hewlett-Packard Co., 90.0.146.000]
[PID: 136 / SYSTEM][C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe] [Logitech Inc., 1.0.5.1158]
[C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSCli.dll] [Logitech Inc., 1.0.5.1158]
[C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll] [, ]
[PID: 456 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466]
[PID: 520 / SYSTEM][C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe] [Microsoft Corporation, 2000.080.2039.00]
[C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\opends60.dll] [Microsoft Corporation, 2000.080.2039.00]
[C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlsort.dll] [Microsoft Corporation, 2000.080.2039.00]
[C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\ums.dll] [Microsoft Corporation, 2000.080.2039.00]
[C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\Resources\1033\s qlevn70.RLL] [Microsoft Corporation, 2000.080.2039.00]
[C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\binn\SSNETLIB.dll] [Microsoft Corporation, 2000.080.2039.00]
[C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\SSmsLPCn.dll] [Microsoft Corporation, 2000.080.2039.00]
[PID: 704 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\windows\system32\hpzinw12.dll] [Hewlett-Packard, 12,1,1,52]
[PID: 852 / SYSTEM][C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe] [Trend Micro Inc., 14.60.0.1195]
[C:\PROGRA~1\TRENDM~1\INTERN~1\tmdbg.dll] [N/A, ]
[C:\PROGRA~1\TRENDM~1\INTERN~1\TmpxCfg.dll] [Trend Micro Inc., 2.1.0.1050]
[C:\PROGRA~1\TRENDM~1\INTERN~1\TmProxy.dll] [Trend Micro Inc., 2.1.0.1050]
[C:\PROGRA~1\TRENDM~1\INTERN~1\TMOACfg.dll] [Trend Micro Inc., 14.60.0.1180]
[C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlSpy.dll] [Trend Micro Inc., 14.60.0.1180]
[C:\PROGRA~1\TRENDM~1\INTERN~1\PcSSE.dll] [N/A, ]
[C:\PROGRA~1\TRENDM~1\INTERN~1\ssapi32.dll] [Trend Micro Incorporated, 5.0.0.1066]
[C:\PROGRA~1\TRENDM~1\INTERN~1\PccScan.dll] [Trend Micro Inc., 14.60.0.1180]
[C:\PROGRA~1\TRENDM~1\INTERN~1\pewnt2.dll] [Trend Micro Inc., 14.60.0.1180]
[C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfwApi.dll] [Trend Micro Inc., 2.6.0.1050]
[C:\PROGRA~1\TRENDM~1\INTERN~1\tmdp.dll] [Trend Micro Inc., 14.60.0.1180]
[C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlPS.dll] [Trend Micro Inc., 14.60.0.1195]
[PID: 1164 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\windows\system32\hpzipm12.dll] [Hewlett-Packard, 12,1,1,52]
[PID: 2076 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe] [Intel Corporation, 10.5.1.5 ]
[PID: 2172 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2408 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\hpowiax5.dll] [Hewlett-Packard, 9.0.0.135]
[PID: 2480 / SYSTEM][C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe] [Trend Micro Inc., 14.60.0.1180]
[C:\PROGRA~1\TRENDM~1\INTERN~1\tmdbg.dll] [N/A, ]
[C:\PROGRA~1\TRENDM~1\INTERN~1\PccScan.dll] [Trend Micro Inc., 14.60.0.1180]
[C:\PROGRA~1\TRENDM~1\INTERN~1\pewnt2.dll] [Trend Micro Inc., 14.60.0.1180]
[PID: 2628 / SYSTEM][C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe] [Trend Micro Inc., 2.6.0.1050]
[C:\PROGRA~1\TRENDM~1\INTERN~1\tmdbg.dll] [N/A, ]
[C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfwHlp.dll] [Trend Micro Inc., 14.60.0.1195]
[C:\PROGRA~1\TRENDM~1\INTERN~1\tmCfwApi.dll] [Trend Micro Inc., 2.6.0.1050]
[C:\PROGRA~1\TRENDM~1\INTERN~1\tmHash.dll] [Trend Micro Inc., 2.6.0.1050]
[C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfwRul.dll] [Trend Micro Inc., 2.6.0.1050]
[C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfwLog.dll] [Trend Micro Inc., 14.60.0.1195]
[PID: 2968 / LOCAL SERVICE][C:\WINDOWS\ehome\mcrdsvc.exe] [Microsoft Corporation, 4.1.2710.2732 (xpsp(wmbla).050805-1239)]
[PID: 2692 / SYSTEM][C:\WINDOWS\system32\dllhost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3048 / ENY][C:\WINDOWS\stsystra.exe] [SigmaTel, Inc., 1.0.4995.1 nd446 cp1]
[C:\WINDOWS\system32\STLang.dll] [SigmaTel, Inc., 1.1.4991.0 nd229 cp1]
[C:\WINDOWS\system32\stacapi.dll] [SigmaTel, Inc., 1.0.4995.1 nd446 cp1]
[PID: 3092 / ENY][C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe] [InstallShield Software Corporation, 3, 10, 100, 1155]
[PID: 3140 / ENY][C:\WINDOWS\system32\wscntfy.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3312 / ENY][C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe] [, ]
[C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll] [Logitech Inc., 11.5.0.1158]
[C:\Program Files\Common Files\LogiShrd\LComMgr\DevMngr.dll] [, ]
[C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSCli.dll] [Logitech Inc., 1.0.5.1158]
[C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll] [, ]
[C:\Program Files\Logitech\QuickCam\EFVal.dll] [, ]
[C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless.dll] [, ]
[C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless4001.dll] [, ]
[C:\Program Files\Common Files\LogiShrd\LComMgr\LogiVOIPDevicePlugin.dll] [, ]
[C:\Program Files\Common Files\LogiShrd\LComMgr\BRSkypePlugin.dll] [Logitech Inc., 1.5.2.1169]
[C:\Program Files\Common Files\LogiShrd\LComMgr\YahooPlugin.dll] [Logitech Inc., 1.5.2.1169]
[C:\Program Files\Yahoo!\Messenger\ypagerps1.DLL] [Yahoo! Inc., 1,0,0,1]
[PID: 3460 / ENY][C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe] [Logitech Inc., 1.0.5.1158]
[C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll] [Logitech Inc., 11.5.0.1158]
[C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSCli.dll] [Logitech Inc., 1.0.5.1158]
[C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll] [, ]
[PID: 3612 / ENY][C:\Program Files\iTunes\iTunesHelper.exe] [Apple Inc., 7.6.1.9]
[C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll] [Logitech Inc., 11.5.0.1158]
[C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTune sHelperLocalized.DLL] [Apple Inc., 7.6.1.9]
[C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.D LL] [Apple Inc., 7.6.1.9]
[C:\Program Files\QuickTime\QTSystem\QuickTime.qts] [Apple Inc., 7.4.1]
[C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll] [Apple Inc., 7, 6, 120, 1]
[PID: 3760 / ENY][C:\Program Files\Dell Support\DSAgnt.exe] [Gteko Ltd., 2, 1, 3, 176]
[C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll] [Logitech Inc., 11.5.0.1158]
[C:\Program Files\Dell Support\GTAgnt.dll] [Gteko Ltd., 1, 0, 0, 12]
[C:\Program Files\Dell Support\CfgData.DLL] [Gteko Ltd., 1, 0, 0, 42]
[C:\Program Files\Dell Support\ActMgr.dll] [Gteko Ltd., 1, 0, 0, 18]
[c:\progra~1\dellsu~1\gtaction\handlers\grouph.dll] [Gteko Ltd., 1, 0, 0, 39]
[c:\progra~1\dellsu~1\gtaction\handlers\qdiagh.dll] [Gteko Ltd., 1, 0, 0, 32]
[c:\progra~1\dellsu~1\gtaction\handlers\trgloadh.dl l] [Gteko Ltd., 1, 0, 0, 12]
[c:\progra~1\dellsu~1\gtaction\handlers\trgregh.dll] [Gteko Ltd., 1, 0, 0, 32]
[C:\Program Files\Dell Support\TrgMgr.DLL] [Gteko Ltd., 1, 0, 1, 19]
[C:\PROGRA~1\DELLSU~1\GTACTION\TRIGGERS\TIMERT.DLL] [Gteko Ltd., 1, 0, 0, 9]
[C:\PROGRA~1\DELLSU~1\gdql_d.dll] [Gteko Ltd., 1, 0, 0, 127]
[C:\PROGRA~1\DELLSU~1\GTACTION\TRIGGERS\DSPROCT.DLL] [Gteko Ltd., 1, 0, 1, 12]
[C:\PROGRA~1\DELLSU~1\GTACTION\TRIGGERS\DSWNHNT.DLL] [Gteko Ltd., 1, 0, 3, 25]
[C:\Program Files\Dell Support\AUPNP.dll] [Gteko Ltd., 1, 0, 0, 27]
[PID: 1000 / ENY][C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe] [Trend Micro Inc., 3.53.0.1041]
[C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll] [Logitech Inc., 11.5.0.1158]
[C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEHook.dll] [N/A, ]
[PID: 424 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 420 / ENY][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll] [Logitech Inc., 11.5.0.1158]
[PID: 2340 / ENY][C:\Program Files\Digital Line Detect\DLG.exe] [BVRP Software, 1, 0, 0, 1]
[C:\Program Files\Digital Line Detect\BVRPDIAG.dll] [BVRP Software, 1.0]
[C:\WINDOWS\system32\MdmXSdk.dll] [Conexant, 1.0.2.010]
[C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll] [Logitech Inc., 11.5.0.1158]
[PID: 1124 / SYSTEM][C:\Program Files\iPod\bin\iPodService.exe] [Apple Inc., 7.6.1.9]
[C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPod ServiceLocalized.DLL] [Apple Inc., 7.6.1.9]
[C:\Program Files\iPod\bin\iPodService.Resources\iPodService.D LL] [Apple Inc., 7.6.1.9]
[PID: 3360 / ENY][C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe] [Trend Micro Inc., 14.60.0.1195]
[C:\PROGRA~1\TRENDM~1\INTERN~1\tmdbg.dll] [N/A, ]
[C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll] [Logitech Inc., 11.5.0.1158]
[C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlPS.dll] [Trend Micro Inc., 14.60.0.1195]
[C:\PROGRA~1\TRENDM~1\INTERN~1\PccAltUi.dll] [Trend Micro Inc., 14.60.0.1180]
[PID: 2360 / ENY][C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe] [Logitech Inc., 11.5.0.1169]
[C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll] [Logitech Inc., 11.5.0.1158]
[C:\Program Files\Common Files\LogiShrd\LComMgr\DevMngr.dll] [, ]
[C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSCli.dll] [Logitech Inc., 1.0.5.1158]
[C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll] [, ]
[C:\Program Files\Logitech\QuickCam\EFVal.dll] [, ]
[PID: 1012 / SYSTEM][C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe] [Trend Micro Inc., 2.1.0.1050]
[C:\PROGRA~1\TRENDM~1\INTERN~1\tmdbg.dll] [N/A, ]
[C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll] [Logitech Inc., 11.5.0.1158]
[C:\PROGRA~1\TRENDM~1\INTERN~1\TmpxHelp.dll] [Trend Micro Inc., 14.60.0.1195]
[C:\PROGRA~1\TRENDM~1\INTERN~1\TmpxCfg.dll] [Trend Micro Inc., 2.1.0.1050]
[C:\PROGRA~1\TRENDM~1\INTERN~1\tmtdi.dll] [Trend Micro Inc., 2.1.0.1050]
[C:\PROGRA~1\TRENDM~1\INTERN~1\TmsmMail.dll] [Trend Micro Inc., 2.1.0.1050]
[C:\PROGRA~1\TRENDM~1\INTERN~1\TmMsg.dll] [Trend Micro Inc., 2.0.1.1155]
[C:\PROGRA~1\TRENDM~1\INTERN~1\icuin18.dll] [IBM Corporation and others, 1, 8, 1, 0]
[C:\PROGRA~1\TRENDM~1\INTERN~1\icuuc18.dll] [IBM Corporation and others, 1, 8, 1, 0]
[C:\PROGRA~1\TRENDM~1\INTERN~1\TmpeVS.dll] [Trend Micro Inc., 2.1.0.1050]
[C:\PROGRA~1\TRENDM~1\INTERN~1\vsapi32.dll] [Trend Micro Inc., 8.500-1002]
[C:\PROGRA~1\TRENDM~1\INTERN~1\TmphPop3.dll] [Trend Micro Inc., 2.1.0.1050]
[C:\PROGRA~1\TRENDM~1\INTERN~1\TmphSMTP.dll] [Trend Micro Inc., 2.1.0.1050]
[PID: 496 / ENY][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.8.1.12: 2008020121]
[C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0]
[C:\Program Files\Mozilla Firefox\nspr4.dll] [Netscape Communications Corporation, 4.6.8]
[C:\Program Files\Mozilla Firefox\xpcom_core.dll] [Mozilla Foundation, 1.8.1.12: 2008020121]
[C:\Program Files\Mozilla Firefox\plc4.dll] [Netscape Communications Corporation, 4.6.8]
[C:\Program Files\Mozilla Firefox\plds4.dll] [Netscape Communications Corporation, 4.6.8]
[C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\nss3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\xpcom_compat.dll] [Mozilla Foundation, 1.8.1.12: 2008020121]
[C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll] [Logitech Inc., 11.5.0.1158]
[C:\Program Files\Mozilla Firefox\components\myspell.dll] [Mozilla Foundation, 1.8.1.12: 2008020121]
[C:\Program Files\Mozilla Firefox\components\jar50.dll] [Mozilla Foundation, 1.8.1.12: 2008020121]
[C:\Program Files\Mozilla Firefox\components\spellchk.dll] [Mozilla Foundation, 1.8.1.12: 2008020121]
[C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssckbi.dll] [Mozilla Foundation, 1.64]
[PID: 2636 / ENY][C:\Documents and Settings\ENY\Desktop\New Folder (7)\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll] [Logitech Inc., 11.5.0.1158]
[C:\Documents and Settings\ENY\Desktop\New Folder (7)\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]

==================================
Reply With Quote
  #52  
Old March 6th, 2008, 04:14 AM
evolpunk420's Avatar
evolpunk420 evolpunk420 is offline
Member
 
Join Date: Feb 2008
Posts: 37
6th

File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1 localhost

==================================
Process Privileges Scan
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 328, C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1676, C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 3048, C:\WINDOWS\STSYSTRA.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 3760, C:\PROGRAM FILES\DELL SUPPORT\DSAGNT.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2340, C:\PROGRAM FILES\DIGITAL LINE DETECT\DLG.EXE]

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================


[/CODE]
Reply With Quote
  #53  
Old March 6th, 2008, 05:29 AM
Jintan Jintan is offline
Malware Removal Team Advisor
 
Join Date: Dec 2004
Posts: 50,114
Nothing of malware activity in any of that, and mostly just confirming that all of Trend's security programs and firewall are running when that was done. Running doesn't necessarily mean actively blocking, but if Trend was corrupted in some way in the changes done here it could be involved in issues.


Switch to a different scan tool for now, both to still check things, as well as to assess what is not being allowed to work there. But you may need to uninstall all the the Trend Micro software if nothing else is located.

Disable your antivirus program and go here (http://www.eset.com/onlinescan/) and run an online scan using ESET Online Scanner (you will need to use Internet Explorer for this scan). If you accept the Terms of Use, check the box and click Start. After the ActiveX Control has loaded, it will take a couple minutes for the scanner to get ready. Next, check the following boxes:

Remove found threats
Scan unwanted applications


Click Start. This scan may take a while, so please be patient. A log may open when the scan is complete (if not, go to C:\Program Files\EsetOnlineScanner\ and open the file log.txt). Click Edit - Select All then copy/paste that log back here.



If you have troubles with running the scan change to running IE as an Admin user. Right-click on the Internet Explorer icon in the Start Menu and select "Run as administrator".
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 08:00 AM.