Solved lots of pop up in windows xp, lots of infection not sure what kind yet

Run it with the /config switch and skip the drivers check too. Then try it with ONLY the drivers selected. If it still hangs on drivers, run that check in safe mode.

 

I did the scan without drivers checked and it went all the way through here is the main.txt:

Deckard's System Scanner v20070905.67
Run by HP_Owner on 2007-09-29 12:17:34
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------



-- Last 5 Restore Point(s) --
24: 2007-09-28 21:28:47 UTC - RP758 - Deckard's System Scanner Restore Point
23: 2007-09-28 05:11:21 UTC - RP757 - Removed Wal-Mart Music Downloads Store
22: 2007-09-26 22:25:09 UTC - RP756 - Installed AVG 7.5
21: 2007-09-26 02:33:36 UTC - RP755 - Removed Motorola Wireless USB Adapter
20: 2007-09-26 02:21:14 UTC - RP754 - Installed Motorola Wireless USB Adapter


-- First Restore Point --
1: 2007-08-07 05:52:07 UTC - RP735 - System Checkpoint


Backed up registry hives.

Total Physical Memory: 448 MiB (512 MiB recommended).


-- HijackThis (run as HP_Owner.exe) --------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:18:23 PM, on 9/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\WildTangent\Apps\GameChannel.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe
C:\Program Files\Common Files\AOL\1147061569\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1147061569\ee\AOLServiceHost.exe
C:\Program Files\BellSouth\Alert Manager\BellSouthAlertManager.exe
C:\Program Files\BellSouthWCC\McciTrayApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Documents and Settings\HP_Owner\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\HP_Owner.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://empnads.com/servlet/ajrotator/121229/0/viewHTML?zone=enternet
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [WT GameChannel] C:\Program Files\WildTangent\Apps\GameChannel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1147061569\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [ViewpointPhotosDeviceConnect] C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\BellSouth\hcenter.exe" /starthidden /tgcmdwrapper
O4 - HKLM\..\Run: [BellSouthAlertManager.exe] C:\Program Files\BellSouth\Alert Manager\BellSouthAlertManager.exe
O4 - HKLM\..\Run: [BellSouthWCC_McciTrayApp] C:\Program Files\BellSouthWCC\McciTrayApp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ISUSScheduler] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" -start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares Lite Edition\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: HP Organize.lnk = ?
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 4.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6632A7E9-FE1F-43D2-A04A-A15951ED63E0} - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sun Java (SJava) - Unknown owner - C:\WINDOWS\java\javaw.exe (file missing)
O23 - Service: Software Jukebox v2.0 Service - Unknown owner - C:\Program Files\Common Files\MSJB NA01D Shared\Service\Software Jukebox v2.0 Service File.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 9080 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20070925-212911-105 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
backup-20070925-212911-197 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
backup-20070925-212911-302 O4 - HKLM\..\Run: [Ultimate Cleaner] C:\Program Files\Ultimate Cleaner\App.exe
backup-20070925-212911-467 O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
backup-20070925-212911-480 O4 - HKLM\..\Run: [Ultimate Defender] "C:\Program Files\Ultimate Defender\App.exe" hide
backup-20070925-212911-523 O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - http://eztracks.aavalue.com/EZT/Toolbar/eztdl.cab
backup-20070925-212911-570 O4 - HKLM\..\Run: [mav_startupmon] "C:\Program Files\Common Files\WinAntiVirus Pro 2007\mav_startupmon.exe "
backup-20070925-212911-768 O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab
backup-20070925-212911-802 O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe "
backup-20070928-010340-146 O4 - HKCU\..\Run: [ErrorSafeFree] "C:\Program Files\ErrorSafe Free\uers.exe" /min
backup-20070928-010340-290 O4 - HKCU\..\Run: [uwa7pcw] "C:\Program Files\Common Files\WinAntiVirus Pro 2007\uwa7pcw.exe" -c

-- File Associations -----------------------------------------------------------

All associations okay.


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>

S2 SJava (Sun Java) - "c:\windows\java\javaw.exe" (file missing)
S3 Software Jukebox v2.0 Service - "c:\program files\common files\msjb na01d shared\service\software jukebox v2.0 service file.exe "


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E968-E325-11CE-BFC1-08002BE10318}
Description: VIA/S3G UniChrome IGP
Device ID: PCI\VEN_1106&DEV_7205&SUBSYS_81181043&REV_01\4&10AF1F73&0&0008
Manufacturer: VIA/S3G
Name: VIA/S3G UniChrome IGP
PNP Device ID: PCI\VEN_1106&DEV_7205&SUBSYS_81181043&REV_01\4&10AF1F73&0&0008
Service: viagfx

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\995D1FE01800
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\995D1FE01800
Service: NIC1394


-- Files created between 2007-08-29 and 2007-09-29 -----------------------------

2007-09-28 19:32:40 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\InterVideo
2007-09-26 18:58:49 0 dr-h----- C:\$VAULT$.AVG
2007-09-26 18:25:41 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\AVG7
2007-09-26 18:25:31 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2007-09-26 18:25:10 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7
2007-09-26 00:25:48 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-09-25 22:21:15 94208 --a------ C:\WINDOWS\system32\W32N50CT.dll <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2007-09-25 22:21:15 17142 --a------ C:\WINDOWS\system32\CBTNDIS5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2007-09-25 22:20:47 62673 -ra------ C:\WINDOWS\system32\drivers\odysseyIM3.sys <Not Verified; Funk Software, Inc.; Odyssey>
2007-09-25 00:25:56 5282 --a------ C:\WINDOWS\system32\tmp.reg
2007-09-24 23:20:55 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\Grisoft
2007-09-24 23:20:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-09-24 17:36:30 0 d-------- C:\Documents and Settings\All Users\Application Data\muvee Technologies
2007-09-23 21:29:51 0 d-------- C:\Program Files\Trend Micro


-- Find3M Report ---------------------------------------------------------------

2007-09-29 11:20:42 4120 --a------ C:\WINDOWS\viassary-hp.reg
2007-09-28 13:31:19 0 d-------- C:\Program Files\Ares Lite Edition
2007-09-28 00:42:11 0 d-------- C:\Program Files\LimeWire
2007-09-28 00:08:13 0 d-------- C:\Program Files\Common Files
2007-09-27 11:45:27 0 d-------- C:\Program Files\America Online 9.0
2007-09-27 02:24:42 0 d-------- C:\Program Files\Messenger
2007-09-27 02:23:36 0 d-------- C:\Program Files\iTunes
2007-09-27 02:19:19 0 d-------- C:\Program Files\Common Files\Motive
2007-09-27 02:17:39 0 d-------- C:\Program Files\BellSouthWCC
2007-09-26 04:47:41 0 d-------- C:\Program Files\Ares
2007-09-25 22:21:14 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-09-25 22:09:23 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-09-25 13:49:58 0 d-a------ C:\Program Files\PC-Doctor for Windows
2007-09-25 10:08:19 0 d-------- C:\Program Files\IntelliMover Data Transfer Demo
2007-09-24 17:25:34 0 d-------- C:\Program Files\Common Files\WinAntiVirus Pro 2007
2007-09-23 21:42:04 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\WinAntiVirus Pro 2007


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched "= "C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe" [04/13/2005 04:48 AM]
"hpsysdrv "= "c:\windows\system\hpsysdrv.exe" [05/07/1998 07:04 PM]
"HPHUPD06 "= "c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [06/07/2004 09:53 PM]
"HPHmon06 "= "C:\WINDOWS\system32\hphmon06.exe" [06/07/2004 09:42 PM]
"KBD "= "C:\HP\KBD\KBD.EXE" [02/11/2003 11:02 PM]
"Recguard "= "C:\WINDOWS\SMINST\RECGUARD.EXE" [04/14/2004 11:43 PM]
"VTTimer "= "VTTimer.exe" [10/22/2004 12:53 PM C:\WINDOWS\system32\VTTimer.exe]
"AGRSMMSG "= "AGRSMMSG.exe" [03/04/2005 12:01 PM C:\WINDOWS\AGRSMMSG.exe]
"PS2 "= "C:\WINDOWS\system32\ps2.exe" [10/16/2002 07:57 PM]
"ISUSPM Startup "= "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [06/16/2004 07:03 AM]
"WT GameChannel "= "C:\Program Files\WildTangent\Apps\GameChannel.exe" [10/09/2003 05:31 PM]
"NvCplDaemon "= "C:\WINDOWS\system32\NvCpl.dll" [09/16/2004 04:39 PM]
"nwiz "= "nwiz.exe" [09/16/2004 04:39 PM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter "= "C:\WINDOWS\system32\NvMcTray.dll" [09/16/2004 04:39 PM]
"AlcxMonitor "= "ALCXMNTR.EXE" [09/07/2004 02:47 PM C:\WINDOWS\ALCXMNTR.EXE]
"MyWebSearch Email Plugin "= "C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe" [04/04/2005 03:09 AM]
"iTunesHelper "= "C:\Program Files\iTunes\iTunesHelper.exe" [12/18/2004 12:20 AM]
"HostManager "= "C:\Program Files\Common Files\AOL\1147061569\ee\AOLHostManager.exe" [08/02/2005 03:33 PM]
"ViewpointPhotosDeviceConnect "= "C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe" [11/21/2005 06:57 PM]
"tgcmd "= "C:\Program Files\Support.com\BellSouth\hcenter.exe" [08/31/2005 02:14 PM]
"BellSouthAlertManager.exe "= "C:\Program Files\BellSouth\Alert Manager\BellSouthAlertManager.exe" [01/10/2006 04:56 PM]
"BellSouthWCC_McciTrayApp "= "C:\Program Files\BellSouthWCC\McciTrayApp.exe" [11/17/2005 02:19 PM]
"!AVG Anti-Spyware "= "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 05:25 AM]
"AVG7_CC "= "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [09/26/2007 06:25 PM]
"ISUSScheduler "= "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" [06/16/2004 07:03 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 08:00 AM]
"MSMSGS "= "C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]
"Aim6 "= "C:\Program Files\AIM6\aim6.exe" [11/07/2006 11:29 AM]
"ares "= "C:\Program Files\Ares Lite Edition\Ares.exe" []

C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\
HP Organize.lnk - C:\Program Files\Hewlett-Packard\HP Organize\bin\displayAgent.exe [8/12/2004 12:15:52 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
America Online 9.0 Tray Icon.lnk - C:\Program Files\America Online 9.0\aoltray.exe [11/26/2004 7:16:57 PM]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [5/12/2005 12:23:26 AM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2/17/1999 11:05:56 PM]
MyWebSearch Email Plugin.lnk - C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE [4/4/2005 3:09:04 AM]
Updates from HP.lnk - C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe [8/12/2004 12:20:09 AM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools "=0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, ntoskrnl.dll, xlibgfl254.dll


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88b367f8-3ffd-11d9-a542-806d6172696f}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480




-- End of Deckard's System Scanner: finished at 2007-09-29 12:20:02 ------------

 

and then ran it with just drivers checked. here is that log file as well:

Deckard's System Scanner v20070905.67
Run by HP_Owner on 2007-09-29 12:22:31
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Total Physical Memory: 448 MiB (512 MiB recommended).


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 ACPI (Microsoft ACPI Driver) - c:\windows\system32\drivers\acpi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 atapi (Standard IDE/ESDI Hard Disk Controller) - c:\windows\system32\drivers\atapi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Disk (Disk Driver) - c:\windows\system32\drivers\disk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Ftdisk (Volume Manager Driver) - c:\windows\system32\drivers\ftdisk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 isapnp (PnP ISA/EISA Bus Driver) - c:\windows\system32\drivers\isapnp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 MountMgr - c:\windows\system32\drivers\mountmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Mup - c:\windows\system32\drivers\mup.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 NDIS (NDIS System Driver) - c:\windows\system32\drivers\ndis.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 ohci1394 (VIA OHCI Compliant IEEE 1394 Host Controller) - c:\windows\system32\drivers\ohci1394.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PartMgr - c:\windows\system32\drivers\partmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PCI (PCI Bus Driver) - c:\windows\system32\drivers\pci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PCIIde - c:\windows\system32\drivers\pciide.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PxHelp20 - c:\windows\system32\drivers\pxhelp20.sys <Not Verified; Sonic Solutions; PxHelp20>
R0 sr (System Restore Filter Driver) - c:\windows\system32\drivers\sr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 viaagp1 (VIA AGP Filter) - c:\windows\system32\drivers\viaagp1.sys <Not Verified; VIA Technologies, Inc.; VIA CPU to AGP2.0/AGP3.0 Controller>
R0 ViaIde - c:\windows\system32\drivers\viaide.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(R) Operating System>
R0 VolSnap - c:\windows\system32\drivers\volsnap.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - c:\windows\system32\drivers\wudfpf.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 AFD - c:\windows\system32\drivers\afd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 AmdK7 (AMD K7 Processor Driver) - c:\windows\system32\drivers\amdk7.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 AVG Anti-Spyware Driver - c:\program files\grisoft\avg anti-spyware 7.5\guard.sys
R1 Avg7Core (AVG7 Kernel) - c:\windows\system32\drivers\avg7core.sys <Not Verified; GRISOFT, s.r.o.; AVG Anti-Virus system>
R1 Avg7RsW (AVG7 Wrap Driver) - c:\windows\system32\drivers\avg7rsw.sys <Not Verified; GRISOFT, s.r.o.; AVG Anti-Virus System>
R1 Avg7RsXP (AVG7 Resident Driver XP) - c:\windows\system32\drivers\avg7rsxp.sys <Not Verified; GRISOFT, s.r.o.; AVG Anti-Virus system>
R1 AvgAsCln (AVG Anti-Spyware Clean Driver) - c:\windows\system32\drivers\avgascln.sys <Not Verified; GRISOFT, s.r.o.; AVG7 Clean Driver>
R1 AvgClean (AVG7 Clean Driver) - c:\windows\system32\drivers\avgclean.sys <Not Verified; GRISOFT, s.r.o.; AVG7 Clean Driver>
R1 Beep - c:\windows\system32\drivers\beep.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Cdrom (CD-ROM Driver) - c:\windows\system32\drivers\cdrom.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Fips - c:\windows\system32\drivers\fips.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 i8042prt (i8042 Keyboard and PS/2 Mouse Port Driver) - c:\windows\system32\drivers\i8042prt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Imapi (CD-Burning Filter Driver) - c:\windows\system32\drivers\imapi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 IPSec (IPSEC driver) - c:\windows\system32\drivers\ipsec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Kbdclass (Keyboard Class Driver) - c:\windows\system32\drivers\kbdclass.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 mnmdd - c:\windows\system32\drivers\mnmdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Mouclass (Mouse Class Driver) - c:\windows\system32\drivers\mouclass.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 MRxSmb - c:\windows\system32\drivers\mrxsmb.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Msfs - c:\windows\system32\drivers\msfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers\netbios.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 NetBT - c:\windows\system32\drivers\netbt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Npfs - c:\windows\system32\drivers\npfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Null - c:\windows\system32\drivers\null.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Rdbss - c:\windows\system32\drivers\rdbss.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 redbook (Digital CD Audio Playback Filter Driver) - c:\windows\system32\drivers\redbook.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Serial (Serial port driver) - c:\windows\system32\drivers\serial.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Tcpip (TCP/IP Protocol Driver) - c:\windows\system32\drivers\tcpip.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 TermDD (Terminal Device Driver) - c:\windows\system32\drivers\termdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 VgaSave - c:\windows\system32\drivers\vga.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 AvgTdi (AVG Network Redirector) - c:\windows\system32\drivers\avgtdi.sys <Not Verified; GRISOFT, s.r.o.; AVG Anti-Virus System>
R2 SbcpHid - c:\windows\system32\drivers\sbcphid.sys
R2 Secdrv - c:\windows\system32\drivers\secdrv.sys
R3 AgereSoftModem (Agere Systems Soft Modem) - c:\windows\system32\drivers\agrsm.sys <Not Verified; Agere Systems; Agere SoftModem Driver>
R3 ALCXWDM (Service for Realtek AC97 Audio (WDM)) - c:\windows\system32\drivers\alcxwdm.sys <Not Verified; Realtek Semiconductor Corp.; Windows (R) WDM driver for Realtek AC'97 Audio(HRTF data Copyright 1994 by MIT Media Lab)>
R3 audstub (Audio Stub Driver) - c:\windows\system32\drivers\audstub.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 FETND5BV (VIA Rhine-Family Fast Ethernet Adapter Driver Service) - c:\windows\system32\drivers\fetnd5bv.sys <Not Verified; VIA Technologies, Inc.; VIA Rhine Family Fast Ethernet Adapter>
R3 GEARAspiWDM (GEAR CDRom Filter) - c:\windows\system32\drivers\gearaspiwdm.sys <Not Verified; GEAR Software Inc.; GEAR.wrks>
R3 Gpc (Generic Packet Classifier) - c:\windows\system32\drivers\msgpc.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 IpNat (IP Network Address Translator) - c:\windows\system32\drivers\ipnat.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell>
R3 kmixer (Microsoft Kernel Wave Audio Mixer) - c:\windows\system32\drivers\kmixer.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Modem - c:\windows\system32\drivers\modem.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 MRENDIS5 (MRENDIS5 NDIS Protocol Driver) - c:\program files\common files\motive\mrendis5.sys <Not Verified; Motive, Inc.; Motive Rawether for Windows>
R3 MRxDAV (WebDav Client Redirector) - c:\windows\system32\drivers\mrxdav.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 mssmbios (Microsoft System Management BIOS Driver) - c:\windows\system32\drivers\mssmbios.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NdisTapi (Remote Access NDIS TAPI Driver) - c:\windows\system32\drivers\ndistapi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Ndisuio (NDIS Usermode I/O Protocol) - c:\windows\system32\drivers\ndisuio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NdisWan (Remote Access NDIS WAN Driver) - c:\windows\system32\drivers\ndiswan.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers\ndproxy.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 nv - c:\windows\system32\drivers\nv4_mini.sys <Not Verified; NVIDIA Corporation; NVIDIA Compatible Windows 2000 Miniport Driver, Version 66.31>
R3 Parport (Parallel port driver) - c:\windows\system32\drivers\parport.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
R3 PptpMiniport (WAN Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Ps2 - c:\windows\system32\drivers\ps2.sys <Not Verified; Hewlett-Packard Company; Hewlett-Packard Company PS2 SYS>
R3 PSched (QoS Packet Scheduler) - c:\windows\system32\drivers\psched.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Ptilink (Direct Parallel Link Driver) - c:\windows\system32\drivers\ptilink.sys <Not Verified; Parallel Technologies, Inc.; Microsoft® Windows® Operating System>
R3 Rasl2tp (WAN Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 RasPppoe (Remote Access PPPOE Driver) - c:\windows\system32\drivers\raspppoe.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Raspti (Direct Parallel) - c:\windows\system32\drivers\raspti.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Serenum (Serenum Filter Driver) - c:\windows\system32\drivers\serenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Srv - c:\windows\system32\drivers\srv.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 swenum (Software Bus Driver) - c:\windows\system32\drivers\swenum.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
R3 sysaudio (Microsoft Kernel System Audio Device) - c:\windows\system32\drivers\sysaudio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Update (Microcode Update Driver) - c:\windows\system32\drivers\update.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - c:\windows\system32\drivers\usbehci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbhub (USB2 Enabled Hub) - c:\windows\system32\drivers\usbhub.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 USBSTOR (USB Mass Storage Driver) - c:\windows\system32\drivers\usbstor.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbuhci (Microsoft USB Universal Host Controller Miniport Driver) - c:\windows\system32\drivers\usbuhci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Wanarp (Remote Access IP ARP Driver) - c:\windows\system32\drivers\wanarp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys <Not Verified; America Online, Inc.; Wan Miniport (ATW)>
R3 wdmaud (Microsoft WINMM WDM Audio Compatibility Driver) - c:\windows\system32\drivers\wdmaud.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Cdfs - c:\windows\system32\drivers\cdfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Fastfat - c:\windows\system32\drivers\fastfat.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Ntfs - c:\windows\system32\drivers\ntfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

S1 Cdaudio - c:\windows\system32\drivers\cdaudio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 kbdhid (Keyboard HID Driver) - c:\windows\system32\drivers\kbdhid.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 Sfloppy - c:\windows\system32\drivers\sfloppy.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 aec (Microsoft Kernel Acoustic Echo Canceller) - c:\windows\system32\drivers\aec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 ALCXSENS (Service for WDM 3D Audio Driver) - c:\windows\system32\drivers\alcxsens.sys <Not Verified; Sensaura Ltd; >
S3 Arp1394 (1394 ARP Client Protocol) - c:\windows\system32\drivers\arp1394.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 AsyncMac (RAS Asynchronous Media Driver) - c:\windows\system32\drivers\asyncmac.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Atmarpc (ATM ARP Client Protocol) - c:\windows\system32\drivers\atmarpc.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 CBTNDIS5 (CBTNDIS5 NDIS Protocol Driver) - c:\windows\system32\cbtndis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
S3 DMusic (Microsoft Kernel DLS Syntheiszer) - c:\windows\system32\drivers\dmusic.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 drmkaud (Microsoft Kernel DRM Audio Descrambler) - c:\windows\system32\drivers\drmkaud.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Fdc (Floppy Disk Controller Driver) - c:\windows\system32\drivers\fdc.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 FETNDISB (VIA Rhine Family Fast Ethernet Adapter Driver Service) - c:\windows\system32\drivers\fetnd5b.sys <Not Verified; VIA Technologies, Inc.; VIA Rhine Family Fast Ethernet Adapter>
S3 Flpydisk (Floppy Disk Driver) - c:\windows\system32\drivers\flpydisk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 HidUsb (Microsoft HID Class Driver) - c:\windows\system32\drivers\hidusb.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 HPZid412 (IEEE-1284.4 Driver HPZid412) - c:\windows\system32\drivers\hpzid412.sys <Not Verified; HP; HP Dot4 Windows 2000>
S3 HPZipr12 (Print Class Driver for IEEE-1284.4 HPZipr12) - c:\windows\system32\drivers\hpzipr12.sys <Not Verified; HP; HP Dot4Print>
S3 HPZius12 (USB to IEEE-1284.4 Translation Driver HPZius12) - c:\windows\system32\drivers\hpzius12.sys <Not Verified; HP; HP Dot4Usb Windows 2000>
S3 HTTP - c:\windows\system32\drivers\http.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 ialm - c:\windows\system32\drivers\ialmnt5.sys <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
S3 intelppm (Intel Processor Driver) - c:\windows\system32\drivers\intelppm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Ip6Fw (IPv6 Windows Firewall Driver) - c:\windows\system32\drivers\ip6fw.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IpFilterDriver (IP Traffic Filter Driver) - c:\windows\system32\drivers\ipfltdrv.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IpInIp (IP in IP Tunnel Driver) - c:\windows\system32\drivers\ipinip.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IRENUM (IR Enumerator Service) - c:\windows\system32\drivers\irenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 mouhid (Mouse HID Driver) - c:\windows\system32\drivers\mouhid.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 MSKSSRV (Microsoft Streaming Service Proxy) - c:\windows\system32\drivers\mskssrv.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
S3 MSPCLOCK (Microsoft Streaming Clock Proxy) - c:\windows\system32\drivers\mspclock.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
S3 MSPQM (Microsoft Streaming Quality Manager Proxy) - c:\windows\system32\drivers\mspqm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NIC1394 (1394 Net Driver) - c:\windows\system32\drivers\nic1394.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NwlnkFlt (IPX Traffic Filter Driver) - c:\windows\system32\drivers\nwlnkflt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NwlnkFwd (IPX Traffic Forwarder Driver) - c:\windows\system32\drivers\nwlnkfwd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RDPWD - c:\windows\system32\drivers\rdpwd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RT2500USB (Wireless USB Card Driver) - c:\windows\system32\drivers\rt2500usb.sys <Not Verified; Ralink Technology Inc.; Ralink 802.11g Wireless USB Adapters>
S3 rtl8139 (Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver) - c:\windows\system32\drivers\r8139n51.sys <Not Verified; Realtek Semiconductor Corporation; Realtek RTL8139/810x Family Fast Ethernet NIC>
S3 splitter (Microsoft Kernel Audio Splitter) - c:\windows\system32\drivers\splitter.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 swmidi (Microsoft Kernel GS Wavetable Synthesizer) - c:\windows\system32\drivers\swmidi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 TDPIPE - c:\windows\system32\drivers\tdpipe.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 TDTCP - c:\windows\system32\drivers\tdtcp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 usbccgp (Microsoft USB Generic Parent Driver) - c:\windows\system32\drivers\usbccgp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 usbprint (Microsoft USB PRINTER Class) - c:\windows\system32\drivers\usbprint.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 usbscan (USB Scanner Driver) - c:\windows\system32\drivers\usbscan.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 viagfx - c:\windows\system32\drivers\vtmini.sys <Not Verified; Copyright (C) VIA/S3 Graphics Co, Ltd.; UniChrome(Pro) IGP Driver>
S3 wind502u (Motorola Wireless USB Adapter WU830G Windows Driver) - c:\windows\system32\drivers\wind502u.sys <Not Verified; Envara Inc.; WiND502 USB 2.0 Wireless Adapter>
S3 WpdUsb - c:\windows\system32\drivers\wpdusb.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ACPIEC - c:\windows\system32\drivers\acpiec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 cbidf2k - c:\windows\system32\drivers\cbidf2k.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 dmboot - c:\windows\system32\drivers\dmboot.sys <Not Verified; Microsoft Corp., Veritas Software; VERITAS® NT Disk Manager>
S4 dmio - c:\windows\system32\drivers\dmio.sys <Not Verified; Microsoft Corp., Veritas Software; VERITAS® NT Disk Manager>
S4 dmload - c:\windows\system32\drivers\dmload.sys <Not Verified; Microsoft Corp., Veritas Software.; Logical Disk Manager for Windows NT>
S4 IntelIde - c:\windows\system32\drivers\intelide.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ParVdm - c:\windows\system32\drivers\parvdm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 Pcmcia - c:\windows\system32\drivers\pcmcia.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 Udfs - c:\windows\system32\drivers\udfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Files created between 2007-08-29 and 2007-09-29 -----------------------------

2007-09-28 19:32:40 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\InterVideo
2007-09-28 17:28:27 0 d-------- C:\Deckard
2007-09-26 18:58:49 0 dr-h----- C:\$VAULT$.AVG
2007-09-26 18:25:41 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\AVG7
2007-09-26 18:25:31 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2007-09-26 18:25:27 3968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys <Not Verified; GRISOFT, s.r.o.; AVG7 Clean Driver>
2007-09-26 18:25:26 4960 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys <Not Verified; GRISOFT, s.r.o.; AVG Anti-Virus System>
2007-09-26 18:25:26 19904 --a------ C:\WINDOWS\system32\drivers\avgmfx86.sys <Not Verified; GRISOFT, s.r.o.; AVG Anti-Virus system>
2007-09-26 18:25:26 27776 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys <Not Verified; GRISOFT, s.r.o.; AVG Anti-Virus system>
2007-09-26 18:25:25 4224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys <Not Verified; GRISOFT, s.r.o.; AVG Anti-Virus System>
2007-09-26 18:25:22 821728 --a------ C:\WINDOWS\system32\drivers\avg7core.sys <Not Verified; GRISOFT, s.r.o.; AVG Anti-Virus system>
2007-09-26 18:25:10 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7
2007-09-26 00:26:19 11776 --a------ C:\WINDOWS\system32\ZPORT4AS.dll
2007-09-26 00:26:19 73728 --a------ C:\WINDOWS\system32\asuninst.exe <Not Verified; Panda Software; Panda Software ASUninst>
2007-09-26 00:25:48 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-09-25 23:19:03 469291008 --ahs---- C:\hiberfil.sys
2007-09-25 22:48:36 336256 -ra------ C:\WINDOWS\system32\drivers\wind502u.sys <Not Verified; Envara Inc.; WiND502 USB 2.0 Wireless Adapter>
2007-09-25 22:21:15 94208 --a------ C:\WINDOWS\system32\W32N50CT.dll <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2007-09-25 22:21:15 17142 --a------ C:\WINDOWS\system32\CBTNDIS5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2007-09-25 22:20:47 62673 -ra------ C:\WINDOWS\system32\drivers\odysseyIM3.sys <Not Verified; Funk Software, Inc.; Odyssey>
2007-09-25 00:25:56 5282 --a------ C:\WINDOWS\system32\tmp.reg
2007-09-24 23:20:55 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\Grisoft
2007-09-24 23:20:27 10872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys <Not Verified; GRISOFT, s.r.o.; AVG7 Clean Driver>
2007-09-24 23:20:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-09-24 23:20:18 0 d-------- C:\Program Files\Grisoft
2007-09-24 17:36:30 0 d-------- C:\Documents and Settings\All Users\Application Data\muvee Technologies
2007-09-23 21:31:03 0 d-------- C:\WINDOWS\ERDNT
2007-09-23 21:29:51 0 d-------- C:\Program Files\Trend Micro
2007-09-23 21:06:07 0 d-------- C:\Program Files\Hijackthis


-- Find3M Report ---------------------------------------------------------------

2007-09-29 11:20:42 4120 --a------ C:\WINDOWS\viassary-hp.reg
2007-09-29 11:17:28 2048 --a-s---- C:\WINDOWS\bootstat.dat
2007-09-29 11:17:25 704643072 --ahs---- C:\pagefile.sys
2007-09-28 13:31:19 0 d-------- C:\Program Files\Ares Lite Edition
2007-09-28 00:42:11 0 d-------- C:\Program Files\LimeWire
2007-09-28 00:35:45 0 d-------- C:\Program Files\Common Files\Services
2007-09-28 00:08:13 0 d-------- C:\Program Files\Common Files
2007-09-27 11:45:27 0 d-------- C:\Program Files\America Online 9.0
2007-09-27 02:24:42 0 d-------- C:\Program Files\Messenger
2007-09-27 02:23:36 0 d-------- C:\Program Files\iTunes
2007-09-27 02:22:50 0 d-------- C:\Program Files\Internet Explorer
2007-09-27 02:19:19 0 d-------- C:\Program Files\Common Files\Motive
2007-09-27 02:17:39 0 d-------- C:\Program Files\BellSouthWCC
2007-09-26 17:15:40 0 d---s---- C:\Documents and Settings\HP_Owner\Application Data\Microsoft
2007-09-26 04:47:41 0 d-------- C:\Program Files\Ares
2007-09-25 22:21:14 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-09-25 22:09:23 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-09-25 13:49:58 0 d-a------ C:\Program Files\PC-Doctor for Windows
2007-09-25 10:08:19 0 d-------- C:\Program Files\IntelliMover Data Transfer Demo
2007-09-24 17:25:34 0 d-------- C:\Program Files\Common Files\WinAntiVirus Pro 2007
2007-09-23 21:42:04 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\WinAntiVirus Pro 2007


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched "= "C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe" [04/13/2005 04:48 AM]
"hpsysdrv "= "c:\windows\system\hpsysdrv.exe" [05/07/1998 07:04 PM]
"HPHUPD06 "= "c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [06/07/2004 09:53 PM]
"HPHmon06 "= "C:\WINDOWS\system32\hphmon06.exe" [06/07/2004 09:42 PM]
"KBD "= "C:\HP\KBD\KBD.EXE" [02/11/2003 11:02 PM]
"Recguard "= "C:\WINDOWS\SMINST\RECGUARD.EXE" [04/14/2004 11:43 PM]
"VTTimer "= "VTTimer.exe" [10/22/2004 12:53 PM C:\WINDOWS\system32\VTTimer.exe]
"AGRSMMSG "= "AGRSMMSG.exe" [03/04/2005 12:01 PM C:\WINDOWS\AGRSMMSG.exe]
"PS2 "= "C:\WINDOWS\system32\ps2.exe" [10/16/2002 07:57 PM]
"ISUSPM Startup "= "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [06/16/2004 07:03 AM]
"WT GameChannel "= "C:\Program Files\WildTangent\Apps\GameChannel.exe" [10/09/2003 05:31 PM]
"NvCplDaemon "= "C:\WINDOWS\system32\NvCpl.dll" [09/16/2004 04:39 PM]
"nwiz "= "nwiz.exe" [09/16/2004 04:39 PM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter "= "C:\WINDOWS\system32\NvMcTray.dll" [09/16/2004 04:39 PM]
"AlcxMonitor "= "ALCXMNTR.EXE" [09/07/2004 02:47 PM C:\WINDOWS\ALCXMNTR.EXE]
"MyWebSearch Email Plugin "= "C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe" [04/04/2005 03:09 AM]
"iTunesHelper "= "C:\Program Files\iTunes\iTunesHelper.exe" [12/18/2004 12:20 AM]
"HostManager "= "C:\Program Files\Common Files\AOL\1147061569\ee\AOLHostManager.exe" [08/02/2005 03:33 PM]
"ViewpointPhotosDeviceConnect "= "C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe" [11/21/2005 06:57 PM]
"tgcmd "= "C:\Program Files\Support.com\BellSouth\hcenter.exe" [08/31/2005 02:14 PM]
"BellSouthAlertManager.exe "= "C:\Program Files\BellSouth\Alert Manager\BellSouthAlertManager.exe" [01/10/2006 04:56 PM]
"BellSouthWCC_McciTrayApp "= "C:\Program Files\BellSouthWCC\McciTrayApp.exe" [11/17/2005 02:19 PM]
"!AVG Anti-Spyware "= "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 05:25 AM]
"AVG7_CC "= "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [09/26/2007 06:25 PM]
"ISUSScheduler "= "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" [06/16/2004 07:03 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 08:00 AM]
"MSMSGS "= "C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]
"Aim6 "= "C:\Program Files\AIM6\aim6.exe" [11/07/2006 11:29 AM]
"ares "= "C:\Program Files\Ares Lite Edition\Ares.exe" []

C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\
HP Organize.lnk - C:\Program Files\Hewlett-Packard\HP Organize\bin\displayAgent.exe [8/12/2004 12:15:52 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
America Online 9.0 Tray Icon.lnk - C:\Program Files\America Online 9.0\aoltray.exe [11/26/2004 7:16:57 PM]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [5/12/2005 12:23:26 AM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2/17/1999 11:05:56 PM]
MyWebSearch Email Plugin.lnk - C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE [4/4/2005 3:09:04 AM]
Updates from HP.lnk - C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe [8/12/2004 12:20:09 AM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools "=0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, ntoskrnl.dll, xlibgfl254.dll


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88b367f8-3ffd-11d9-a542-806d6172696f}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480




-- End of Deckard's System Scanner: finished at 2007-09-29 12:22:49 ------------

 

Something I noticed that has me curious, I know the physical memory is 512 mb, so why is dss reporting 448??? I know that with older motherboard (486, anything less than 640k of conventional memory was one way of knowing you had a virus, I wonder if the 448 is an indication also, or something else all together.

 

Well done!

dss shows available memory, which means memory not in use.

Delete the following folders.
C:\Program Files\Common Files\WinAntiVirus Pro 2007
C:\Documents and Settings\HP_Owner\Application Data\WinAntiVirus Pro 2007

I had resolved not to mention it, but have decided to anyway. The following file sharing programs should be uninstalled and their respective folders removed. Likelihood is high that they or others will be promptly re-installed once you return the comp, so it's your call.

C:\Program Files\Ares Lite Edition
C:\Program Files\LimeWire
C:\Program Files\Ares

Copy the contents of the quote box below to a blank notepad. Save it to the desktop as;

Filename: fix.reg
Save as type: All Files (*.*)

Double click fix.reg and allow it to merge with the registry.


Delete the following files if present. (make sure you have Windows set to show hidden files)

C:\WINDOWS\system32\tmp.reg
C:\Windows\system32\ntoskrnl.dll
C:\Windows\system32\xlibgfl254.dll


There is also a flash drive infection present, so if you can get the flash drive(s) used with that comp it woud be wise to complete the following as well. It's likely that any other comps that flash drive has been plugged into will be infected as well.

Please download Flash_Disinfector by sUBs and save it to your desktop:

Plug in your USB flash drive.
Double-click Flash_Disinfector.exe to run it.
Follow any prompts that may appear.
Your desktop will vanish for a while, and then reappear. This is normal.
Wait until the program has finished scanning, then please exit the program. If you use more than 1 flash drive, run the tool with each plugged in.


Post a new dss log when done. Let me know how it's running.

 

I knew limewire was file sharing, but was not familiar with ares or ares lite, he will probably put it back on, but I will tell him and his mother the same thing I told my son, I can't stop him from going to questionable sites, but I can either not fix it for him or charge a very high few, which ever works as a better deterent, lol. I also thought that eventually I would end up with an infection, with the other computer I scanned every time I used the flash drive between computer, guess I picked a bad time to get lazy.

The link to the flash disinfector is not working, also is it the flash drive I am using between the computers that is infected?? I assume yes, and one more quesiton while I am at it, How do you know the flash drive is infected??? That one I need to know how to spot can't be infecting my computer if I can help it.

 

I see lots of other folders, is it safe to delete?? ulimate defender, ultimate defender, symantic, error safe (in the documents and settings/application data folder)

 

Yes, delete all of those.

Here's what shows the flash drive infection.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88b367f8-3ffd-11d9-a542-806d6172696f}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480


Not sure what happened with the FlashDisinfector link, but I've fixed it. Run it on your comp with the flash drive plugged in too, just in case.

 

ran flash disinfector on the two flash drives I am using (I don't think I used the second one in the infected computer but wanted to be safe). Thanks for fixing the link, I just googled flash disinfector and found it on another site.

Have removed limewire, ares, and ares lite, also win anitvirus pro folders, and the tem.reg file didn't find the other two listed. Ran fix.reg as well as dss: tried it will all checked still didn't work. So I have two more log files. The computer is running a bit better than it was, the only pop ups I see are start up programs hp organize (looks like something that came with the computer, it's an hp pavilion) and aim, I am sure he has that set to run at startup, he chats almost as much as he downloads music files I think.

log file from dss:
Deckard's System Scanner v20070905.67
Run by HP_Owner on 2007-09-29 14:26:11
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Total Physical Memory: 448 MiB (512 MiB recommended).


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 ACPI (Microsoft ACPI Driver) - c:\windows\system32\drivers\acpi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 atapi (Standard IDE/ESDI Hard Disk Controller) - c:\windows\system32\drivers\atapi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Disk (Disk Driver) - c:\windows\system32\drivers\disk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Ftdisk (Volume Manager Driver) - c:\windows\system32\drivers\ftdisk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 isapnp (PnP ISA/EISA Bus Driver) - c:\windows\system32\drivers\isapnp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 MountMgr - c:\windows\system32\drivers\mountmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Mup - c:\windows\system32\drivers\mup.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 NDIS (NDIS System Driver) - c:\windows\system32\drivers\ndis.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 ohci1394 (VIA OHCI Compliant IEEE 1394 Host Controller) - c:\windows\system32\drivers\ohci1394.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PartMgr - c:\windows\system32\drivers\partmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PCI (PCI Bus Driver) - c:\windows\system32\drivers\pci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PCIIde - c:\windows\system32\drivers\pciide.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PxHelp20 - c:\windows\system32\drivers\pxhelp20.sys <Not Verified; Sonic Solutions; PxHelp20>
R0 sr (System Restore Filter Driver) - c:\windows\system32\drivers\sr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 viaagp1 (VIA AGP Filter) - c:\windows\system32\drivers\viaagp1.sys <Not Verified; VIA Technologies, Inc.; VIA CPU to AGP2.0/AGP3.0 Controller>
R0 ViaIde - c:\windows\system32\drivers\viaide.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(R) Operating System>
R0 VolSnap - c:\windows\system32\drivers\volsnap.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - c:\windows\system32\drivers\wudfpf.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 AFD - c:\windows\system32\drivers\afd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 AmdK7 (AMD K7 Processor Driver) - c:\windows\system32\drivers\amdk7.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 AVG Anti-Spyware Driver - c:\program files\grisoft\avg anti-spyware 7.5\guard.sys
R1 Avg7Core (AVG7 Kernel) - c:\windows\system32\drivers\avg7core.sys <Not Verified; GRISOFT, s.r.o.; AVG Anti-Virus system>
R1 Avg7RsW (AVG7 Wrap Driver) - c:\windows\system32\drivers\avg7rsw.sys <Not Verified; GRISOFT, s.r.o.; AVG Anti-Virus System>
R1 Avg7RsXP (AVG7 Resident Driver XP) - c:\windows\system32\drivers\avg7rsxp.sys <Not Verified; GRISOFT, s.r.o.; AVG Anti-Virus system>
R1 AvgAsCln (AVG Anti-Spyware Clean Driver) - c:\windows\system32\drivers\avgascln.sys <Not Verified; GRISOFT, s.r.o.; AVG7 Clean Driver>
R1 AvgClean (AVG7 Clean Driver) - c:\windows\system32\drivers\avgclean.sys <Not Verified; GRISOFT, s.r.o.; AVG7 Clean Driver>
R1 Beep - c:\windows\system32\drivers\beep.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Cdrom (CD-ROM Driver) - c:\windows\system32\drivers\cdrom.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Fips - c:\windows\system32\drivers\fips.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 i8042prt (i8042 Keyboard and PS/2 Mouse Port Driver) - c:\windows\system32\drivers\i8042prt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Imapi (CD-Burning Filter Driver) - c:\windows\system32\drivers\imapi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 IPSec (IPSEC driver) - c:\windows\system32\drivers\ipsec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Kbdclass (Keyboard Class Driver) - c:\windows\system32\drivers\kbdclass.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 mnmdd - c:\windows\system32\drivers\mnmdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Mouclass (Mouse Class Driver) - c:\windows\system32\drivers\mouclass.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 MRxSmb - c:\windows\system32\drivers\mrxsmb.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Msfs - c:\windows\system32\drivers\msfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers\netbios.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 NetBT - c:\windows\system32\drivers\netbt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Npfs - c:\windows\system32\drivers\npfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Null - c:\windows\system32\drivers\null.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Rdbss - c:\windows\system32\drivers\rdbss.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 redbook (Digital CD Audio Playback Filter Driver) - c:\windows\system32\drivers\redbook.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Serial (Serial port driver) - c:\windows\system32\drivers\serial.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Tcpip (TCP/IP Protocol Driver) - c:\windows\system32\drivers\tcpip.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 TermDD (Terminal Device Driver) - c:\windows\system32\drivers\termdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 VgaSave - c:\windows\system32\drivers\vga.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 AvgTdi (AVG Network Redirector) - c:\windows\system32\drivers\avgtdi.sys <Not Verified; GRISOFT, s.r.o.; AVG Anti-Virus System>
R2 SbcpHid - c:\windows\system32\drivers\sbcphid.sys
R2 Secdrv - c:\windows\system32\drivers\secdrv.sys
R3 AgereSoftModem (Agere Systems Soft Modem) - c:\windows\system32\drivers\agrsm.sys <Not Verified; Agere Systems; Agere SoftModem Driver>
R3 ALCXWDM (Service for Realtek AC97 Audio (WDM)) - c:\windows\system32\drivers\alcxwdm.sys <Not Verified; Realtek Semiconductor Corp.; Windows (R) WDM driver for Realtek AC'97 Audio(HRTF data Copyright 1994 by MIT Media Lab)>
R3 audstub (Audio Stub Driver) - c:\windows\system32\drivers\audstub.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 FETND5BV (VIA Rhine-Family Fast Ethernet Adapter Driver Service) - c:\windows\system32\drivers\fetnd5bv.sys <Not Verified; VIA Technologies, Inc.; VIA Rhine Family Fast Ethernet Adapter>
R3 GEARAspiWDM (GEAR CDRom Filter) - c:\windows\system32\drivers\gearaspiwdm.sys <Not Verified; GEAR Software Inc.; GEAR.wrks>
R3 Gpc (Generic Packet Classifier) - c:\windows\system32\drivers\msgpc.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 IpNat (IP Network Address Translator) - c:\windows\system32\drivers\ipnat.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell>
R3 kmixer (Microsoft Kernel Wave Audio Mixer) - c:\windows\system32\drivers\kmixer.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Modem - c:\windows\system32\drivers\modem.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 MRENDIS5 (MRENDIS5 NDIS Protocol Driver) - c:\program files\common files\motive\mrendis5.sys <Not Verified; Motive, Inc.; Motive Rawether for Windows>
R3 MRxDAV (WebDav Client Redirector) - c:\windows\system32\drivers\mrxdav.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 mssmbios (Microsoft System Management BIOS Driver) - c:\windows\system32\drivers\mssmbios.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NdisTapi (Remote Access NDIS TAPI Driver) - c:\windows\system32\drivers\ndistapi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Ndisuio (NDIS Usermode I/O Protocol) - c:\windows\system32\drivers\ndisuio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NdisWan (Remote Access NDIS WAN Driver) - c:\windows\system32\drivers\ndiswan.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers\ndproxy.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 nv - c:\windows\system32\drivers\nv4_mini.sys <Not Verified; NVIDIA Corporation; NVIDIA Compatible Windows 2000 Miniport Driver, Version 66.31>
R3 Parport (Parallel port driver) - c:\windows\system32\drivers\parport.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
R3 PptpMiniport (WAN Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Ps2 - c:\windows\system32\drivers\ps2.sys <Not Verified; Hewlett-Packard Company; Hewlett-Packard Company PS2 SYS>
R3 PSched (QoS Packet Scheduler) - c:\windows\system32\drivers\psched.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Ptilink (Direct Parallel Link Driver) - c:\windows\system32\drivers\ptilink.sys <Not Verified; Parallel Technologies, Inc.; Microsoft® Windows® Operating System>
R3 Rasl2tp (WAN Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 RasPppoe (Remote Access PPPOE Driver) - c:\windows\system32\drivers\raspppoe.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Raspti (Direct Parallel) - c:\windows\system32\drivers\raspti.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Serenum (Serenum Filter Driver) - c:\windows\system32\drivers\serenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Srv - c:\windows\system32\drivers\srv.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 swenum (Software Bus Driver) - c:\windows\system32\drivers\swenum.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
R3 sysaudio (Microsoft Kernel System Audio Device) - c:\windows\system32\drivers\sysaudio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Update (Microcode Update Driver) - c:\windows\system32\drivers\update.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - c:\windows\system32\drivers\usbehci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbhub (USB2 Enabled Hub) - c:\windows\system32\drivers\usbhub.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 USBSTOR (USB Mass Storage Driver) - c:\windows\system32\drivers\usbstor.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbuhci (Microsoft USB Universal Host Controller Miniport Driver) - c:\windows\system32\drivers\usbuhci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Wanarp (Remote Access IP ARP Driver) - c:\windows\system32\drivers\wanarp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys <Not Verified; America Online, Inc.; Wan Miniport (ATW)>
R3 wdmaud (Microsoft WINMM WDM Audio Compatibility Driver) - c:\windows\system32\drivers\wdmaud.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Cdfs - c:\windows\system32\drivers\cdfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Fastfat - c:\windows\system32\drivers\fastfat.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Ntfs - c:\windows\system32\drivers\ntfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

S1 Cdaudio - c:\windows\system32\drivers\cdaudio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 kbdhid (Keyboard HID Driver) - c:\windows\system32\drivers\kbdhid.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 Sfloppy - c:\windows\system32\drivers\sfloppy.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 aec (Microsoft Kernel Acoustic Echo Canceller) - c:\windows\system32\drivers\aec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 ALCXSENS (Service for WDM 3D Audio Driver) - c:\windows\system32\drivers\alcxsens.sys <Not Verified; Sensaura Ltd; >
S3 Arp1394 (1394 ARP Client Protocol) - c:\windows\system32\drivers\arp1394.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 AsyncMac (RAS Asynchronous Media Driver) - c:\windows\system32\drivers\asyncmac.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Atmarpc (ATM ARP Client Protocol) - c:\windows\system32\drivers\atmarpc.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 CBTNDIS5 (CBTNDIS5 NDIS Protocol Driver) - c:\windows\system32\cbtndis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
S3 DMusic (Microsoft Kernel DLS Syntheiszer) - c:\windows\system32\drivers\dmusic.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 drmkaud (Microsoft Kernel DRM Audio Descrambler) - c:\windows\system32\drivers\drmkaud.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Fdc (Floppy Disk Controller Driver) - c:\windows\system32\drivers\fdc.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 FETNDISB (VIA Rhine Family Fast Ethernet Adapter Driver Service) - c:\windows\system32\drivers\fetnd5b.sys <Not Verified; VIA Technologies, Inc.; VIA Rhine Family Fast Ethernet Adapter>
S3 Flpydisk (Floppy Disk Driver) - c:\windows\system32\drivers\flpydisk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 HidUsb (Microsoft HID Class Driver) - c:\windows\system32\drivers\hidusb.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 HPZid412 (IEEE-1284.4 Driver HPZid412) - c:\windows\system32\drivers\hpzid412.sys <Not Verified; HP; HP Dot4 Windows 2000>
S3 HPZipr12 (Print Class Driver for IEEE-1284.4 HPZipr12) - c:\windows\system32\drivers\hpzipr12.sys <Not Verified; HP; HP Dot4Print>
S3 HPZius12 (USB to IEEE-1284.4 Translation Driver HPZius12) - c:\windows\system32\drivers\hpzius12.sys <Not Verified; HP; HP Dot4Usb Windows 2000>
S3 HTTP - c:\windows\system32\drivers\http.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 ialm - c:\windows\system32\drivers\ialmnt5.sys <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
S3 intelppm (Intel Processor Driver) - c:\windows\system32\drivers\intelppm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Ip6Fw (IPv6 Windows Firewall Driver) - c:\windows\system32\drivers\ip6fw.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IpFilterDriver (IP Traffic Filter Driver) - c:\windows\system32\drivers\ipfltdrv.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IpInIp (IP in IP Tunnel Driver) - c:\windows\system32\drivers\ipinip.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IRENUM (IR Enumerator Service) - c:\windows\system32\drivers\irenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 mouhid (Mouse HID Driver) - c:\windows\system32\drivers\mouhid.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 MSKSSRV (Microsoft Streaming Service Proxy) - c:\windows\system32\drivers\mskssrv.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
S3 MSPCLOCK (Microsoft Streaming Clock Proxy) - c:\windows\system32\drivers\mspclock.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
S3 MSPQM (Microsoft Streaming Quality Manager Proxy) - c:\windows\system32\drivers\mspqm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NIC1394 (1394 Net Driver) - c:\windows\system32\drivers\nic1394.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NwlnkFlt (IPX Traffic Filter Driver) - c:\windows\system32\drivers\nwlnkflt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NwlnkFwd (IPX Traffic Forwarder Driver) - c:\windows\system32\drivers\nwlnkfwd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RDPWD - c:\windows\system32\drivers\rdpwd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RT2500USB (Wireless USB Card Driver) - c:\windows\system32\drivers\rt2500usb.sys <Not Verified; Ralink Technology Inc.; Ralink 802.11g Wireless USB Adapters>
S3 rtl8139 (Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver) - c:\windows\system32\drivers\r8139n51.sys <Not Verified; Realtek Semiconductor Corporation; Realtek RTL8139/810x Family Fast Ethernet NIC>
S3 splitter (Microsoft Kernel Audio Splitter) - c:\windows\system32\drivers\splitter.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 swmidi (Microsoft Kernel GS Wavetable Synthesizer) - c:\windows\system32\drivers\swmidi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 TDPIPE - c:\windows\system32\drivers\tdpipe.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 TDTCP - c:\windows\system32\drivers\tdtcp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 usbccgp (Microsoft USB Generic Parent Driver) - c:\windows\system32\drivers\usbccgp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 usbprint (Microsoft USB PRINTER Class) - c:\windows\system32\drivers\usbprint.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 usbscan (USB Scanner Driver) - c:\windows\system32\drivers\usbscan.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 viagfx - c:\windows\system32\drivers\vtmini.sys <Not Verified; Copyright (C) VIA/S3 Graphics Co, Ltd.; UniChrome(Pro) IGP Driver>
S3 wind502u (Motorola Wireless USB Adapter WU830G Windows Driver) - c:\windows\system32\drivers\wind502u.sys <Not Verified; Envara Inc.; WiND502 USB 2.0 Wireless Adapter>
S3 WpdUsb - c:\windows\system32\drivers\wpdusb.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ACPIEC - c:\windows\system32\drivers\acpiec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 cbidf2k - c:\windows\system32\drivers\cbidf2k.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 dmboot - c:\windows\system32\drivers\dmboot.sys <Not Verified; Microsoft Corp., Veritas Software; VERITAS® NT Disk Manager>
S4 dmio - c:\windows\system32\drivers\dmio.sys <Not Verified; Microsoft Corp., Veritas Software; VERITAS® NT Disk Manager>
S4 dmload - c:\windows\system32\drivers\dmload.sys <Not Verified; Microsoft Corp., Veritas Software.; Logical Disk Manager for Windows NT>
S4 IntelIde - c:\windows\system32\drivers\intelide.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ParVdm - c:\windows\system32\drivers\parvdm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 Pcmcia - c:\windows\system32\drivers\pcmcia.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 Udfs - c:\windows\system32\drivers\udfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Files created between 2007-08-29 and 2007-09-29 -----------------------------

2007-09-28 19:32:40 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\InterVideo
2007-09-28 17:28:27 0 d-------- C:\Deckard
2007-09-26 18:58:49 0 dr-h----- C:\$VAULT$.AVG
2007-09-26 18:25:41 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\AVG7
2007-09-26 18:25:31 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2007-09-26 18:25:27 3968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys <Not Verified; GRISOFT, s.r.o.; AVG7 Clean Driver>
2007-09-26 18:25:26 4960 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys <Not Verified; GRISOFT, s.r.o.; AVG Anti-Virus System>
2007-09-26 18:25:26 19904 --a------ C:\WINDOWS\system32\drivers\avgmfx86.sys <Not Verified; GRISOFT, s.r.o.; AVG Anti-Virus system>
2007-09-26 18:25:26 27776 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys <Not Verified; GRISOFT, s.r.o.; AVG Anti-Virus system>
2007-09-26 18:25:25 4224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys <Not Verified; GRISOFT, s.r.o.; AVG Anti-Virus System>
2007-09-26 18:25:22 821728 --a------ C:\WINDOWS\system32\drivers\avg7core.sys <Not Verified; GRISOFT, s.r.o.; AVG Anti-Virus system>
2007-09-26 18:25:10 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7
2007-09-26 00:26:19 11776 --a------ C:\WINDOWS\system32\ZPORT4AS.dll
2007-09-26 00:26:19 73728 --a------ C:\WINDOWS\system32\asuninst.exe <Not Verified; Panda Software; Panda Software ASUninst>
2007-09-26 00:25:48 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-09-25 23:19:03 469291008 --ahs---- C:\hiberfil.sys
2007-09-25 22:48:36 336256 -ra------ C:\WINDOWS\system32\drivers\wind502u.sys <Not Verified; Envara Inc.; WiND502 USB 2.0 Wireless Adapter>
2007-09-25 22:21:15 94208 --a------ C:\WINDOWS\system32\W32N50CT.dll <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2007-09-25 22:21:15 17142 --a------ C:\WINDOWS\system32\CBTNDIS5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2007-09-25 22:20:47 62673 -ra------ C:\WINDOWS\system32\drivers\odysseyIM3.sys <Not Verified; Funk Software, Inc.; Odyssey>
2007-09-24 23:20:55 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\Grisoft
2007-09-24 23:20:27 10872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys <Not Verified; GRISOFT, s.r.o.; AVG7 Clean Driver>
2007-09-24 23:20:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-09-24 23:20:18 0 d-------- C:\Program Files\Grisoft
2007-09-24 17:36:30 0 d-------- C:\Documents and Settings\All Users\Application Data\muvee Technologies
2007-09-23 21:31:03 0 d-------- C:\WINDOWS\ERDNT
2007-09-23 21:29:51 0 d-------- C:\Program Files\Trend Micro
2007-09-23 21:06:07 0 d-------- C:\Program Files\Hijackthis


-- Find3M Report ---------------------------------------------------------------

2007-09-29 14:25:36 4120 --a------ C:\WINDOWS\viassary-hp.reg
2007-09-29 14:16:20 2048 --a-s---- C:\WINDOWS\bootstat.dat
2007-09-29 14:16:17 704643072 --ahs---- C:\pagefile.sys
2007-09-29 13:54:54 0 d-------- C:\Program Files\Ares
2007-09-29 13:42:55 0 d-------- C:\Program Files\Common Files
2007-09-28 13:31:19 0 d-------- C:\Program Files\Ares Lite Edition
2007-09-28 00:42:11 0 d-------- C:\Program Files\LimeWire
2007-09-28 00:35:45 0 d-------- C:\Program Files\Common Files\Services
2007-09-27 11:45:27 0 d-------- C:\Program Files\America Online 9.0
2007-09-27 02:24:42 0 d-------- C:\Program Files\Messenger
2007-09-27 02:23:36 0 d-------- C:\Program Files\iTunes
2007-09-27 02:22:50 0 d-------- C:\Program Files\Internet Explorer
2007-09-27 02:19:19 0 d-------- C:\Program Files\Common Files\Motive
2007-09-27 02:17:39 0 d-------- C:\Program Files\BellSouthWCC
2007-09-26 17:15:40 0 d---s---- C:\Documents and Settings\HP_Owner\Application Data\Microsoft
2007-09-25 22:21:14 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-09-25 22:09:23 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-09-25 13:49:58 0 d-a------ C:\Program Files\PC-Doctor for Windows
2007-09-25 10:08:19 0 d-------- C:\Program Files\IntelliMover Data Transfer Demo


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched "= "C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe" [04/13/2005 04:48 AM]
"hpsysdrv "= "c:\windows\system\hpsysdrv.exe" [05/07/1998 07:04 PM]
"HPHUPD06 "= "c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [06/07/2004 09:53 PM]
"HPHmon06 "= "C:\WINDOWS\system32\hphmon06.exe" [06/07/2004 09:42 PM]
"KBD "= "C:\HP\KBD\KBD.EXE" [02/11/2003 11:02 PM]
"Recguard "= "C:\WINDOWS\SMINST\RECGUARD.EXE" [04/14/2004 11:43 PM]
"VTTimer "= "VTTimer.exe" [10/22/2004 12:53 PM C:\WINDOWS\system32\VTTimer.exe]
"AGRSMMSG "= "AGRSMMSG.exe" [03/04/2005 12:01 PM C:\WINDOWS\AGRSMMSG.exe]
"PS2 "= "C:\WINDOWS\system32\ps2.exe" [10/16/2002 07:57 PM]
"ISUSPM Startup "= "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [06/16/2004 07:03 AM]
"WT GameChannel "= "C:\Program Files\WildTangent\Apps\GameChannel.exe" [10/09/2003 05:31 PM]
"NvCplDaemon "= "C:\WINDOWS\system32\NvCpl.dll" [09/16/2004 04:39 PM]
"nwiz "= "nwiz.exe" [09/16/2004 04:39 PM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter "= "C:\WINDOWS\system32\NvMcTray.dll" [09/16/2004 04:39 PM]
"AlcxMonitor "= "ALCXMNTR.EXE" [09/07/2004 02:47 PM C:\WINDOWS\ALCXMNTR.EXE]
"MyWebSearch Email Plugin "= "C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe" [04/04/2005 03:09 AM]
"iTunesHelper "= "C:\Program Files\iTunes\iTunesHelper.exe" [12/18/2004 12:20 AM]
"HostManager "= "C:\Program Files\Common Files\AOL\1147061569\ee\AOLHostManager.exe" [08/02/2005 03:33 PM]
"ViewpointPhotosDeviceConnect "= "C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe" [11/21/2005 06:57 PM]
"tgcmd "= "C:\Program Files\Support.com\BellSouth\hcenter.exe" [08/31/2005 02:14 PM]
"BellSouthAlertManager.exe "= "C:\Program Files\BellSouth\Alert Manager\BellSouthAlertManager.exe" [01/10/2006 04:56 PM]
"BellSouthWCC_McciTrayApp "= "C:\Program Files\BellSouthWCC\McciTrayApp.exe" [11/17/2005 02:19 PM]
"!AVG Anti-Spyware "= "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 05:25 AM]
"AVG7_CC "= "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [09/26/2007 06:25 PM]
"ISUSScheduler "= "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" [06/16/2004 07:03 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 08:00 AM]
"MSMSGS "= "C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]
"Aim6 "= "C:\Program Files\AIM6\aim6.exe" [11/07/2006 11:29 AM]
"ares "= "C:\Program Files\Ares Lite Edition\Ares.exe" []

C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\
HP Organize.lnk - C:\Program Files\Hewlett-Packard\HP Organize\bin\displayAgent.exe [8/12/2004 12:15:52 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
America Online 9.0 Tray Icon.lnk - C:\Program Files\America Online 9.0\aoltray.exe [11/26/2004 7:16:57 PM]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [5/12/2005 12:23:26 AM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2/17/1999 11:05:56 PM]
MyWebSearch Email Plugin.lnk - C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE [4/4/2005 3:09:04 AM]
Updates from HP.lnk - C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe [8/12/2004 12:20:09 AM]

 

and here is the scan without drivers:

Deckard's System Scanner v20070905.67
Run by HP_Owner on 2007-09-29 14:28:37
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------



-- Last 5 Restore Point(s) --
24: 2007-09-28 21:28:47 UTC - RP758 - Deckard's System Scanner Restore Point
23: 2007-09-28 05:11:21 UTC - RP757 - Removed Wal-Mart Music Downloads Store
22: 2007-09-26 22:25:09 UTC - RP756 - Installed AVG 7.5
21: 2007-09-26 02:33:36 UTC - RP755 - Removed Motorola Wireless USB Adapter
20: 2007-09-26 02:21:14 UTC - RP754 - Installed Motorola Wireless USB Adapter


-- First Restore Point --
1: 2007-08-07 05:52:07 UTC - RP735 - System Checkpoint


Performed disk cleanup.

Total Physical Memory: 448 MiB (512 MiB recommended).


-- HijackThis (run as HP_Owner.exe) --------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:28:41 PM, on 9/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\WildTangent\Apps\GameChannel.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe
C:\Program Files\Common Files\AOL\1147061569\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1147061569\ee\AOLServiceHost.exe
C:\Program Files\BellSouth\Alert Manager\BellSouthAlertManager.exe
C:\Program Files\BellSouthWCC\McciTrayApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Documents and Settings\HP_Owner\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\HP_Owner.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://empnads.com/servlet/ajrotator/121229/0/viewHTML?zone=enternet
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [WT GameChannel] C:\Program Files\WildTangent\Apps\GameChannel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1147061569\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [ViewpointPhotosDeviceConnect] C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\BellSouth\hcenter.exe" /starthidden /tgcmdwrapper
O4 - HKLM\..\Run: [BellSouthAlertManager.exe] C:\Program Files\BellSouth\Alert Manager\BellSouthAlertManager.exe
O4 - HKLM\..\Run: [BellSouthWCC_McciTrayApp] C:\Program Files\BellSouthWCC\McciTrayApp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ISUSScheduler] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" -start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares Lite Edition\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: HP Organize.lnk = ?
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 4.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6632A7E9-FE1F-43D2-A04A-A15951ED63E0} - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sun Java (SJava) - Unknown owner - C:\WINDOWS\java\javaw.exe (file missing)
O23 - Service: Software Jukebox v2.0 Service - Unknown owner - C:\Program Files\Common Files\MSJB NA01D Shared\Service\Software Jukebox v2.0 Service File.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 9079 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20070925-212911-105 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
backup-20070925-212911-197 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
backup-20070925-212911-302 O4 - HKLM\..\Run: [Ultimate Cleaner] C:\Program Files\Ultimate Cleaner\App.exe
backup-20070925-212911-467 O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
backup-20070925-212911-480 O4 - HKLM\..\Run: [Ultimate Defender] "C:\Program Files\Ultimate Defender\App.exe" hide
backup-20070925-212911-523 O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - http://eztracks.aavalue.com/EZT/Toolbar/eztdl.cab
backup-20070925-212911-570 O4 - HKLM\..\Run: [mav_startupmon] "C:\Program Files\Common Files\WinAntiVirus Pro 2007\mav_startupmon.exe "
backup-20070925-212911-768 O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab
backup-20070925-212911-802 O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe "
backup-20070928-010340-146 O4 - HKCU\..\Run: [ErrorSafeFree] "C:\Program Files\ErrorSafe Free\uers.exe" /min
backup-20070928-010340-290 O4 - HKCU\..\Run: [uwa7pcw] "C:\Program Files\Common Files\WinAntiVirus Pro 2007\uwa7pcw.exe" -c

-- File Associations -----------------------------------------------------------

All associations okay.


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>

S2 SJava (Sun Java) - "c:\windows\java\javaw.exe" (file missing)
S3 Software Jukebox v2.0 Service - "c:\program files\common files\msjb na01d shared\service\software jukebox v2.0 service file.exe "


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E968-E325-11CE-BFC1-08002BE10318}
Description: VIA/S3G UniChrome IGP
Device ID: PCI\VEN_1106&DEV_7205&SUBSYS_81181043&REV_01\4&10AF1F73&0&0008
Manufacturer: VIA/S3G
Name: VIA/S3G UniChrome IGP
PNP Device ID: PCI\VEN_1106&DEV_7205&SUBSYS_81181043&REV_01\4&10AF1F73&0&0008
Service: viagfx

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\995D1FE01800
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\995D1FE01800
Service: NIC1394


-- Process Modules -------------------------------------------------------------

C:\WINDOWS\explorer.exe (pid 484)
2005-04-04 03:09:04 40960 --a------ C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL <Not Verified; MyWebSearch.com; My Web Search Bar for Internet Explorer, email clients, and messenger clients>
2005-08-31 14:16:02 45056 --a------ C:\Program Files\Support.com\bin\sdchook.dll <Not Verified; Support.com, Inc.; Support.com sdchook>
-- :: 0 --------- C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\IadHide5.dll

C:\WINDOWS\system32\rundll32.exe (pid 1672)
2005-08-31 14:16:02 45056 --a------ C:\Program Files\Support.com\bin\sdchook.dll <Not Verified; Support.com, Inc.; Support.com sdchook>


-- Files created between 2007-08-29 and 2007-09-29 -----------------------------

2007-09-28 19:32:40 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\InterVideo
2007-09-26 18:58:49 0 dr-h----- C:\$VAULT$.AVG
2007-09-26 18:25:41 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\AVG7
2007-09-26 18:25:31 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2007-09-26 18:25:10 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7
2007-09-26 00:25:48 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-09-25 22:21:15 94208 --a------ C:\WINDOWS\system32\W32N50CT.dll <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2007-09-25 22:21:15 17142 --a------ C:\WINDOWS\system32\CBTNDIS5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2007-09-25 22:20:47 62673 -ra------ C:\WINDOWS\system32\drivers\odysseyIM3.sys <Not Verified; Funk Software, Inc.; Odyssey>
2007-09-24 23:20:55 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\Grisoft
2007-09-24 23:20:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-09-24 17:36:30 0 d-------- C:\Documents and Settings\All Users\Application Data\muvee Technologies
2007-09-23 21:29:51 0 d-------- C:\Program Files\Trend Micro


-- Find3M Report ---------------------------------------------------------------

2007-09-29 14:25:36 4120 --a------ C:\WINDOWS\viassary-hp.reg
2007-09-29 13:54:54 0 d-------- C:\Program Files\Ares
2007-09-29 13:42:55 0 d-------- C:\Program Files\Common Files
2007-09-28 13:31:19 0 d-------- C:\Program Files\Ares Lite Edition
2007-09-28 00:42:11 0 d-------- C:\Program Files\LimeWire
2007-09-27 11:45:27 0 d-------- C:\Program Files\America Online 9.0
2007-09-27 02:24:42 0 d-------- C:\Program Files\Messenger
2007-09-27 02:23:36 0 d-------- C:\Program Files\iTunes
2007-09-27 02:19:19 0 d-------- C:\Program Files\Common Files\Motive
2007-09-27 02:17:39 0 d-------- C:\Program Files\BellSouthWCC
2007-09-25 22:21:14 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-09-25 22:09:23 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-09-25 13:49:58 0 d-a------ C:\Program Files\PC-Doctor for Windows
2007-09-25 10:08:19 0 d-------- C:\Program Files\IntelliMover Data Transfer Demo


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched "= "C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe" [04/13/2005 04:48 AM]
"hpsysdrv "= "c:\windows\system\hpsysdrv.exe" [05/07/1998 07:04 PM]
"HPHUPD06 "= "c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [06/07/2004 09:53 PM]
"HPHmon06 "= "C:\WINDOWS\system32\hphmon06.exe" [06/07/2004 09:42 PM]
"KBD "= "C:\HP\KBD\KBD.EXE" [02/11/2003 11:02 PM]
"Recguard "= "C:\WINDOWS\SMINST\RECGUARD.EXE" [04/14/2004 11:43 PM]
"VTTimer "= "VTTimer.exe" [10/22/2004 12:53 PM C:\WINDOWS\system32\VTTimer.exe]
"AGRSMMSG "= "AGRSMMSG.exe" [03/04/2005 12:01 PM C:\WINDOWS\AGRSMMSG.exe]
"PS2 "= "C:\WINDOWS\system32\ps2.exe" [10/16/2002 07:57 PM]
"ISUSPM Startup "= "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [06/16/2004 07:03 AM]
"WT GameChannel "= "C:\Program Files\WildTangent\Apps\GameChannel.exe" [10/09/2003 05:31 PM]
"NvCplDaemon "= "C:\WINDOWS\system32\NvCpl.dll" [09/16/2004 04:39 PM]
"nwiz "= "nwiz.exe" [09/16/2004 04:39 PM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter "= "C:\WINDOWS\system32\NvMcTray.dll" [09/16/2004 04:39 PM]
"AlcxMonitor "= "ALCXMNTR.EXE" [09/07/2004 02:47 PM C:\WINDOWS\ALCXMNTR.EXE]
"MyWebSearch Email Plugin "= "C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe" [04/04/2005 03:09 AM]
"iTunesHelper "= "C:\Program Files\iTunes\iTunesHelper.exe" [12/18/2004 12:20 AM]
"HostManager "= "C:\Program Files\Common Files\AOL\1147061569\ee\AOLHostManager.exe" [08/02/2005 03:33 PM]
"ViewpointPhotosDeviceConnect "= "C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe" [11/21/2005 06:57 PM]
"tgcmd "= "C:\Program Files\Support.com\BellSouth\hcenter.exe" [08/31/2005 02:14 PM]
"BellSouthAlertManager.exe "= "C:\Program Files\BellSouth\Alert Manager\BellSouthAlertManager.exe" [01/10/2006 04:56 PM]
"BellSouthWCC_McciTrayApp "= "C:\Program Files\BellSouthWCC\McciTrayApp.exe" [11/17/2005 02:19 PM]
"!AVG Anti-Spyware "= "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 05:25 AM]
"AVG7_CC "= "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [09/26/2007 06:25 PM]
"ISUSScheduler "= "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" [06/16/2004 07:03 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 08:00 AM]
"MSMSGS "= "C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]
"Aim6 "= "C:\Program Files\AIM6\aim6.exe" [11/07/2006 11:29 AM]
"ares "= "C:\Program Files\Ares Lite Edition\Ares.exe" []

C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\
HP Organize.lnk - C:\Program Files\Hewlett-Packard\HP Organize\bin\displayAgent.exe [8/12/2004 12:15:52 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
America Online 9.0 Tray Icon.lnk - C:\Program Files\America Online 9.0\aoltray.exe [11/26/2004 7:16:57 PM]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [5/12/2005 12:23:26 AM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2/17/1999 11:05:56 PM]
MyWebSearch Email Plugin.lnk - C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE [4/4/2005 3:09:04 AM]
Updates from HP.lnk - C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe [8/12/2004 12:20:09 AM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools "=0 (0x0)




-- End of Deckard's System Scanner: finished at 2007-09-29 14:30:46 ------------

 

Looks good.

Fix the Ares run entry with HijackThis.

O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares Lite Edition\Ares.exe" -h

Then click config>Backups and delete all HijackThis backups.


If the folders for Ares, Ares Lite and Limewire are still in C:\Program Files, delete them.

Empty the recycle bin.

Can you connect it to the internet for an online scan now? Use either panda or Kaspersky. I've posted instructions and links for both here.

 

yes I think I can get to the internet and will do a scan. The recyling been definately needs to be emptied. I have been cleaning lots of mpg, jpg, and avi files off the hd. I am wondering 1)is there and easy way to remove the xrated files 2)Is there any way to tell if the files were downloaded by the owner or if they came along with some of the infections?

 

1. Doing a search of the drive for *.avi, then using Ctrl+click or Shift+click to select multiple files, then delete all selected is about the fastest way I know. Then do mpg, then jpg.

2. Unfortunately no, there's really no way to tell. But I will say that I know of no infections that will litter a drive with **** pics ........ that just isn't what they're designed to do. If I was a bettin man, I'd lay large amounts of $$ (if I had them ) on those pics being selectively saved.

 

that is my guess also, but I wondered since I did come across two that when I tried to delete it created a shortcut instead. Looking at this computer makes me glad that I didn't come down too hard on my son when I found some of that in his history. I didn't find any picture or movie files saved to the hd just what I considered questionable website in the history. This one is lots of pics and movie clips but not my problem..my job is cleaning it off and then letting his mother know what I removed.

I have been doing seaches the same way I just keep finding more, was looking for a simpler way, oh well can't have everything, lol

 

Agent Ransack will make the searching much faster.

 

here is the report from panda, going out to run some errands but I will be back later tonight.

Incident Status Location

Potentially unwanted tool:Application/MyWebSearch Not disinfected c:\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoestb.dll
Potentially unwanted tool:application/mywebsearch Not disinfected c:\documents and settings\all users\start menu\programs\startup\MyWebSearch Email Plugin.lnk
Adware:adware/gator Not disinfected c:\windows\GatorHDPlugin.log
Adware:adware/elitebar Not disinfected C:\Documents and Settings\HP_Owner\Favorites\Finances & Business
Potentially unwanted tool:application/funweb Not disinfected hkey_local_machine\software\Fun Web Products
Adware:adware/navhelper Not disinfected Windows Registry
Adware:adware/maxifiles Not disinfected Windows Registry
Dialer:dialer.yz Not disinfected HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02C20140-76F8-4763-83D5-B660107B7A90}
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Administrator\Desktop\SmitfraudFix\Process.exe
Potentially unwanted tool:Application/SuperFast Not disinfected C:\Documents and Settings\Administrator\Desktop\SmitfraudFix\restart.exe
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\HP_Owner\Cookies\hp_owner@2o7[1].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\HP_Owner\Desktop\SmitfraudFix\Process.exe
Potentially unwanted tool:Application/SuperFast Not disinfected C:\Documents and Settings\HP_Owner\Desktop\SmitfraudFix\restart.exe
Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
Potentially unwanted tool:Application/FunWeb Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR[contents.rdf]
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
Potentially unwanted tool:Application/FunWeb Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
Potentially unwanted tool:Application/FunWeb Not disinfected C:\Program Files\Trend Micro\HijackThis\backups\backup-20070925-212911-467.inf
Adware:Adware/Zango Not disinfected C:\WINDOWS\Downloaded Program Files\clientax.inf
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\WINDOWS\system32\f3PSSavr.scr

 

Delete the following.

C:\Documents and Settings\Administrator\Desktop\SmitfraudFix
C:\Documents and Settings\HP_Owner\Favorites\Finances & Business
C:\WINDOWS\GatorHDPlugin.log
C:\WINDOWS\Downloaded Program Files\clientax.inf
C:\WINDOWS\system32\f3PSSavr.scr

Right click the fix.reg we created earlier and select Edit to open it with notepad. Replace the contents with the contents of the quote box below. Close and save the changes, then double click to merge with the registry.

If you have removed MyWebSearch and FunWebProducts, add the next registry entry to the reg file too (on the next line down), and delete the files/folders below.

[-HKEY_LOCAL_MACHINE\Software\Fun Web Products]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MyWebSearch Email Plugin.lnk
C:\Program Files\MyWebSearch


Now I recommend you install/update both Ad-aware and Spybot S&D, then do full system scans, fixing whatever they find.

Let me know how things are when done.

 

well I am back from the latest battle with this computer, and I am not sure (may still be too soon to tell), but I think I am winning. I have fixed all the entries you suggested as well as installed and updates ad aware 2007 and spybot s&d.

Here is the latest hjt log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:38:59 PM, on 9/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\WildTangent\Apps\GameChannel.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\AOL\1147061569\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1147061569\ee\AOLServiceHost.exe
C:\Program Files\BellSouth\Alert Manager\BellSouthAlertManager.exe
C:\Program Files\BellSouthWCC\McciTrayApp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\aol\aol toolbar 4.0\AolTbServer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://empnads.com/servlet/ajrotator/121229/0/viewHTML?zone=enternet
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [WT GameChannel] C:\Program Files\WildTangent\Apps\GameChannel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1147061569\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [ViewpointPhotosDeviceConnect] C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\BellSouth\hcenter.exe" /starthidden /tgcmdwrapper
O4 - HKLM\..\Run: [BellSouthAlertManager.exe] C:\Program Files\BellSouth\Alert Manager\BellSouthAlertManager.exe
O4 - HKLM\..\Run: [BellSouthWCC_McciTrayApp] C:\Program Files\BellSouthWCC\McciTrayApp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ISUSScheduler] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" -start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: HP Organize.lnk = ?
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 4.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6632A7E9-FE1F-43D2-A04A-A15951ED63E0} - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A72F5144-A423-443B-9B03-5374BCD4B99E}: NameServer = 198.6.100.98 198.6.1.98
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sun Java (SJava) - Unknown owner - C:\WINDOWS\java\javaw.exe (file missing)
O23 - Service: Software Jukebox v2.0 Service - Unknown owner - C:\Program Files\Common Files\MSJB NA01D Shared\Service\Software Jukebox v2.0 Service File.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 9675 bytes

 

here is another scan of dss, it still will not run all the way through normally
Deckard's System Scanner v20070905.67
Run by HP_Owner on 2007-09-30 15:42:56
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------



-- Last 5 Restore Point(s) --
27: 2007-09-30 19:41:44 UTC - RP761 - Deckard's System Scanner Restore Point
26: 2007-09-30 17:40:34 UTC - RP760 - Installed Ad-Aware 2007
25: 2007-09-30 16:40:43 UTC - RP759 - System Checkpoint
24: 2007-09-28 21:28:47 UTC - RP758 - Deckard's System Scanner Restore Point
23: 2007-09-28 05:11:21 UTC - RP757 - Removed Wal-Mart Music Downloads Store


-- First Restore Point --
1: 2007-08-07 05:52:07 UTC - RP735 - System Checkpoint


Performed disk cleanup.

Total Physical Memory: 448 MiB (512 MiB recommended).


-- HijackThis (run as HP_Owner.exe) --------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:42:57 PM, on 9/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\WildTangent\Apps\GameChannel.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\AOL\1147061569\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1147061569\ee\AOLServiceHost.exe
C:\Program Files\BellSouth\Alert Manager\BellSouthAlertManager.exe
C:\Program Files\BellSouthWCC\McciTrayApp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\aol\aol toolbar 4.0\AolTbServer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\HP_Owner\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\HP_Owner.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://empnads.com/servlet/ajrotator/121229/0/viewHTML?zone=enternet
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [WT GameChannel] C:\Program Files\WildTangent\Apps\GameChannel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1147061569\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [ViewpointPhotosDeviceConnect] C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\BellSouth\hcenter.exe" /starthidden /tgcmdwrapper
O4 - HKLM\..\Run: [BellSouthAlertManager.exe] C:\Program Files\BellSouth\Alert Manager\BellSouthAlertManager.exe
O4 - HKLM\..\Run: [BellSouthWCC_McciTrayApp] C:\Program Files\BellSouthWCC\McciTrayApp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ISUSScheduler] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" -start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: HP Organize.lnk = ?
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 4.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6632A7E9-FE1F-43D2-A04A-A15951ED63E0} - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A72F5144-A423-443B-9B03-5374BCD4B99E}: NameServer = 198.6.100.98 198.6.1.98
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sun Java (SJava) - Unknown owner - C:\WINDOWS\java\javaw.exe (file missing)
O23 - Service: Software Jukebox v2.0 Service - Unknown owner - C:\Program Files\Common Files\MSJB NA01D Shared\Service\Software Jukebox v2.0 Service File.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 9748 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20070925-212911-105 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
backup-20070925-212911-197 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
backup-20070925-212911-302 O4 - HKLM\..\Run: [Ultimate Cleaner] C:\Program Files\Ultimate Cleaner\App.exe
backup-20070925-212911-467 O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
backup-20070925-212911-480 O4 - HKLM\..\Run: [Ultimate Defender] "C:\Program Files\Ultimate Defender\App.exe" hide
backup-20070925-212911-523 O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - http://eztracks.aavalue.com/EZT/Toolbar/eztdl.cab
backup-20070925-212911-570 O4 - HKLM\..\Run: [mav_startupmon] "C:\Program Files\Common Files\WinAntiVirus Pro 2007\mav_startupmon.exe "
backup-20070925-212911-768 O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab
backup-20070925-212911-802 O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe "
backup-20070928-010340-146 O4 - HKCU\..\Run: [ErrorSafeFree] "C:\Program Files\ErrorSafe Free\uers.exe" /min
backup-20070928-010340-290 O4 - HKCU\..\Run: [uwa7pcw] "C:\Program Files\Common Files\WinAntiVirus Pro 2007\uwa7pcw.exe" -c
backup-20070929-155541-245 O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares Lite Edition\Ares.exe" -h

-- File Associations -----------------------------------------------------------

All associations okay.


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 aawservice (Ad-Aware 2007 Service) - "c:\program files\lavasoft\ad-aware 2007\aawservice.exe" <Not Verified; Lavasoft AB; Ad-Aware 2007 Service>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>

S2 SJava (Sun Java) - "c:\windows\java\javaw.exe" (file missing)
S3 Software Jukebox v2.0 Service - "c:\program files\common files\msjb na01d shared\service\software jukebox v2.0 service file.exe "


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E968-E325-11CE-BFC1-08002BE10318}
Description: VIA/S3G UniChrome IGP
Device ID: PCI\VEN_1106&DEV_7205&SUBSYS_81181043&REV_01\4&10AF1F73&0&0008
Manufacturer: VIA/S3G
Name: VIA/S3G UniChrome IGP
PNP Device ID: PCI\VEN_1106&DEV_7205&SUBSYS_81181043&REV_01\4&10AF1F73&0&0008
Service: viagfx

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\995D1FE01800
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\995D1FE01800
Service: NIC1394


-- Process Modules -------------------------------------------------------------

C:\WINDOWS\explorer.exe (pid 184)
2005-08-31 14:16:02 45056 --a------ C:\Program Files\Support.com\bin\sdchook.dll <Not Verified; Support.com, Inc.; Support.com sdchook>
-- :: 0 --------- C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\IadHide5.dll


-- Files created between 2007-08-30 and 2007-09-30 -----------------------------

2007-09-30 15:35:40 0 d-------- C:\WINDOWS\LastGood
2007-09-30 13:40:38 0 d-------- C:\Program Files\Lavasoft
2007-09-30 13:40:37 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-09-30 13:39:44 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-09-30 13:33:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-09-29 16:43:54 0 d-------- C:\Program Files\Mythicsoft
2007-09-28 19:32:40 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\InterVideo
2007-09-26 18:58:49 0 dr-h----- C:\$VAULT$.AVG
2007-09-26 18:25:41 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\AVG7
2007-09-26 18:25:31 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2007-09-26 18:25:10 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7
2007-09-26 00:25:48 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-09-25 22:21:15 94208 --a------ C:\WINDOWS\system32\W32N50CT.dll <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2007-09-25 22:21:15 17142 --a------ C:\WINDOWS\system32\CBTNDIS5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2007-09-25 22:20:47 62673 -ra------ C:\WINDOWS\system32\drivers\odysseyIM3.sys <Not Verified; Funk Software, Inc.; Odyssey>
2007-09-24 23:20:55 0 d-------- C:\Documents and Settings\HP_Owner\Application Data\Grisoft
2007-09-24 23:20:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-09-24 17:36:30 0 d-------- C:\Documents and Settings\All Users\Application Data\muvee Technologies
2007-09-23 21:29:51 0 d-------- C:\Program Files\Trend Micro


-- Find3M Report ---------------------------------------------------------------

2007-09-30 15:23:15 4120 --a------ C:\WINDOWS\viassary-hp.reg
2007-09-30 13:39:44 0 d-------- C:\Program Files\Common Files
2007-09-30 11:27:02 0 d-------- C:\Program Files\MyWebSearch
2007-09-29 17:56:18 0 d-------- C:\Program Files\Messenger
2007-09-29 17:55:23 0 d-------- C:\Program Files\iTunes
2007-09-29 17:51:30 0 d-------- C:\Program Files\Common Files\Motive
2007-09-29 17:49:54 0 d-------- C:\Program Files\BellSouthWCC
2007-09-27 11:45:27 0 d-------- C:\Program Files\America Online 9.0
2007-09-25 22:21:14 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-09-25 22:09:23 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-09-25 13:49:58 0 d-a------ C:\Program Files\PC-Doctor for Windows
2007-09-25 10:08:19 0 d-------- C:\Program Files\IntelliMover Data Transfer Demo


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched "= "C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe" [04/13/2005 04:48 AM]
"hpsysdrv "= "c:\windows\system\hpsysdrv.exe" [05/07/1998 07:04 PM]
"HPHUPD06 "= "c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [06/07/2004 09:53 PM]
"HPHmon06 "= "C:\WINDOWS\system32\hphmon06.exe" [06/07/2004 09:42 PM]
"KBD "= "C:\HP\KBD\KBD.EXE" [02/11/2003 11:02 PM]
"Recguard "= "C:\WINDOWS\SMINST\RECGUARD.EXE" [04/14/2004 11:43 PM]
"VTTimer "= "VTTimer.exe" [10/22/2004 12:53 PM C:\WINDOWS\system32\VTTimer.exe]
"AGRSMMSG "= "AGRSMMSG.exe" [03/04/2005 12:01 PM C:\WINDOWS\AGRSMMSG.exe]
"PS2 "= "C:\WINDOWS\system32\ps2.exe" [10/16/2002 07:57 PM]
"ISUSPM Startup "= "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [06/16/2004 07:03 AM]
"WT GameChannel "= "C:\Program Files\WildTangent\Apps\GameChannel.exe" [10/09/2003 05:31 PM]
"NvCplDaemon "= "C:\WINDOWS\system32\NvCpl.dll" [09/16/2004 04:39 PM]
"nwiz "= "nwiz.exe" [09/16/2004 04:39 PM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter "= "C:\WINDOWS\system32\NvMcTray.dll" [09/16/2004 04:39 PM]
"AlcxMonitor "= "ALCXMNTR.EXE" [09/07/2004 02:47 PM C:\WINDOWS\ALCXMNTR.EXE]
"iTunesHelper "= "C:\Program Files\iTunes\iTunesHelper.exe" [12/18/2004 12:20 AM]
"HostManager "= "C:\Program Files\Common Files\AOL\1147061569\ee\AOLHostManager.exe" [08/02/2005 03:33 PM]
"ViewpointPhotosDeviceConnect "= "C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe" [11/21/2005 06:57 PM]
"tgcmd "= "C:\Program Files\Support.com\BellSouth\hcenter.exe" [08/31/2005 02:14 PM]
"BellSouthAlertManager.exe "= "C:\Program Files\BellSouth\Alert Manager\BellSouthAlertManager.exe" [01/10/2006 04:56 PM]
"BellSouthWCC_McciTrayApp "= "C:\Program Files\BellSouthWCC\McciTrayApp.exe" [11/17/2005 02:19 PM]
"!AVG Anti-Spyware "= "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 05:25 AM]
"AVG7_CC "= "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [09/26/2007 06:25 PM]
"ISUSScheduler "= "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" [06/16/2004 07:03 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 08:00 AM]
"MSMSGS "= "C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]
"Aim6 "= "C:\Program Files\AIM6\aim6.exe" [11/07/2006 11:29 AM]
"SpybotSD TeaTimer "= "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [08/31/2007 04:46 PM]

C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\
HP Organize.lnk - C:\Program Files\Hewlett-Packard\HP Organize\bin\displayAgent.exe [8/12/2004 12:15:52 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
America Online 9.0 Tray Icon.lnk - C:\Program Files\America Online 9.0\aoltray.exe [11/26/2004 7:16:57 PM]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [5/12/2005 12:23:26 AM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2/17/1999 11:05:56 PM]
Updates from HP.lnk - C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe [8/12/2004 12:20:09 AM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools "=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@= "Service "




-- End of Deckard's System Scanner: finished at 2007-09-30 15:45:19 ------------

 

The computer is responding more like I thingk it should. Windows update is in on and downloading, I have enabled the windows firewall, have spybot s&d, as well as avg as, and avg av all installed and updating automatically . The webpages are loading a bit slow, but maybe because of all the things I currently have going on at the same time?