Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijackthis Log, Pls Help Analyse.


  • Please log in to reply
8 replies to this topic

#1 Daven81

Daven81

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:49 PM

Posted 27 August 2006 - 12:08 AM

Hi,

I'm facing a problem of spyware. Below here is my hijackthis log.
I'm indeed appreciated if you guys help up to analyse. Thanks a lot.


Logfile of HijackThis v1.99.1
Scan saved at 12:51:33 PM, on 8/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Dell Support\DSAgnt.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Documents and Settings\Lee Pek Shan\My Documents\installer\Anti spyware\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://dellsearchedit.myway.com/samisc/del...ebar.jhtml?p=DT
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.ap.dell.com/content/default.as...;l=en&s=gen
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.ap.dell.com/content/default.as...;l=en&s=gen
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www1.ap.dell.com/content/default.as...;l=en&s=gen
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee Privacy Service Popup Blocker - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe


Regards,
Daven81

BC AdBot (Login to Remove)

 


m

#2 Daven81

Daven81
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:49 PM

Posted 29 August 2006 - 08:54 AM

bump

#3 Daven81

Daven81
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:49 PM

Posted 01 September 2006 - 04:24 AM

bump

is it very serious and hard to solve? Could someone tell me what's wrong is this, please....

#4 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:11:49 PM

Posted 04 September 2006 - 11:07 AM

Hello Daven81. As an HJT Trainee you should realise that posts are handled in the order that they come in. Replying to your own post only pushes it back in line since it appears that it has been responded to. See the guidelines at the top of each page.

Now for the log. I do not see any signs of viruses or malware in the log. It is clean. Can you give me some details regarding the specific problems you are currently enountering?

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#5 Daven81

Daven81
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:49 PM

Posted 05 September 2006 - 07:07 AM

Hi OldTimer,

Thanks for replying me:)
Actually I found my laptop is much slowing down compared to last time. Fyi, I just bought in this laptop since 3 months ago, and the hard disk space is more than 70%. I can't see any reason it will slow down (even I open an IE).
Furthermore, I'm having a 'double click problem'. I click once is means double click already. If I double click, it will become 4 times click. Sometimes, out of sudden many windows will just pop up with no reason and no title untill my laptop hanging (up to 20-30 windows at the same time).
Thus, i suspect virus in my laptop. I used spybot & adware to scan my laptop before, and they found many virus. But the problem is these software will not help to fix.
Hope you can give me some advise.

Regards

#6 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:11:49 PM

Posted 05 September 2006 - 05:42 PM

Hi Daven81. Since HijackThis isn't showing anything let's try 1 other scanner just to be sure. As for the mouse, check the mouse properties in Control Panel to see if they are set to open objects with a single click. That would explain why it is doing that.

Download WinPFind2.zip and unzip it to your Desktop. It will create a folder named WinPFind2. Do NOT run the program directly from the zip file.
  • Open the WinPFind2 folder and double-click on winpfind2.exe to start the program.
  • In the File Options group click the 'Select All' button and then in the AddOn-Options box click the checkboxes for
    • HKCU_IEDesktop.def
    • Policies.def
    • SID_Run_Policies.def
    to select them.
  • Now click the Run All Scans button on the toolbar.
  • When the scans are complete click the Simple Report button in the lower right-hand corner to create a report file. Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button to post the information back here and I will review it when it comes in.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#7 Daven81

Daven81
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:49 PM

Posted 08 September 2006 - 07:33 AM

Dear OT,

Really thanks for reply & guidances. Your instruction steps are very clear. I scan thru already and here is he simple report of it. Really thanks a lot :thumbsup:

One more question to ask you, what is the normal CPU usage percentage if I run only one to two windows.

Thanks
cheers

Daven



Logfile created on: 09/08/2006 20:23
WinPFind2 by OldTimer - Version 1.0.8 Folder = C:\Documents and Settings\Lee Pek Shan\Desktop\winpfind2\WinPFind2\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)


< Processes (Non-Microsoft Only) >
c:\progra~1\intel\wireless\bin\1xconfig.exe - (Intel )
c:\program files\symantec\liveupdate\aluschedulersvc.exe - (Symantec Corporation )
c:\program files\common files\symantec shared\ccevtmgr.exe - (Symantec Corporation )
c:\program files\common files\symantec shared\ccsetmgr.exe - (Symantec Corporation )
c:\program files\digital line detect\dlg.exe - (BVRP Software )
c:\program files\dell support\dsagnt.exe - (Gteko Ltd. )
c:\program files\intel\wireless\bin\evteng.exe - (Intel Corporation )
c:\windows\system32\hkcmd.exe - (Intel Corporation )
c:\program files\intel\wireless\bin\ifrmewrk.exe - (Intel Corporation )
c:\windows\system32\igfxpers.exe - (Intel Corporation )
c:\windows\system32\igfxsrvc.exe - (Intel Corporation )
c:\program files\java\j2re1.4.2_03\bin\jusched.exe - ( )
c:\program files\mcafee.com\agent\mcdetect.exe - (McAfee, Inc )
c:\progra~1\mcafee.com\vso\mcshield.exe - (McAfee Inc. )
c:\progra~1\mcafee.com\agent\mctskshd.exe - (McAfee, Inc )
c:\progra~1\mcafee.com\person~1\mpfservice.exe - (McAfee Corporation )
c:\program files\norton antivirus\navapsvc.exe - (Symantec Corporation )
c:\program files\norton antivirus\iwp\npfmntor.exe - (Symantec Corporation )
c:\program files\common files\real\update_ob\realsched.exe - (RealNetworks, Inc. )
c:\program files\intel\wireless\bin\regsrvc.exe - (Intel Corporation )
c:\program files\intel\wireless\bin\s24evmon.exe - (Intel Corporation )
c:\program files\spyware doctor\sdhelp.exe - (PC Tools Research Pty Ltd )
c:\program files\common files\symantec shared\sndsrvc.exe - (Symantec Corporation )
c:\program files\common files\symantec shared\spbbc\spbbcsvc.exe - (Symantec Corporation )
c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe - (Symantec Corporation )
c:\program files\synaptics\syntp\syntpenh.exe - (Synaptics, Inc. )
c:\windows\system32\dla\tfswctrl.exe - (Sonic Solutions )
c:\documents and settings\lee pek shan\desktop\winpfind2\winpfind2\winpfind2.exe - (OldTimer Tools )
c:\program files\intel\wireless\bin\wlkeeper.exe - (Intel® Corporation )
c:\progra~1\yahoo!\messen~1\ymsgr_tray.exe - ( )
c:\program files\intel\wireless\bin\zcfgsvc.exe - (Intel Corporation )

< Registry Entries >

[>> Internet Explorer Settings <<]
HKLM->Main\\Start Page - http://www1.ap.dell.com/content/default.as...;l=en&s=gen
HKLM->Main\\Search Page - http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
HKLM->Main\\Default_Page_URL - http://www1.ap.dell.com/content/default.as...;l=en&s=gen
HKLM->Main\\Default_Search_URL - http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
HKLM->Main\\Local Page - %SystemRoot%\system32\blank.htm
HKCU->Main\\Start Page - http://www.google.com.my/
HKCU->Main\\Search Bar - http://dellsearchedit.myway.com/samisc/del...ebar.jhtml?p=DT
HKCU->Main\\Search Page - http://www.google.com
HKCU->Main\\Local Page - C:\WINDOWS\system32\blank.htm
HKLM->Search\\CustomizeSearch - http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM->Search\\SearchAssistant - http://www.google.com/ie
HKCU->URLSearchHooks\\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} - = C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (MyWay.com )
HKCU->URLSearchHooks\\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Microsoft Url Search Hook = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation )
HKCU->URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc. )
HKCU->Internet Settings\\ProxyEnable - 0
HKCU->Internet Settings\\ProxyOverride -

[>> BHO's <<]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} - Yahoo! Toolbar Helper = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc. )
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated )
{227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - McBrwHelper Class = c:\program files\mcafee.com\mps\mcbrhlpr.dll (McAfee, Inc. )
{3EC8255F-E043-4cae-8B3B-B191550C2A22} - McAfee Privacy Service Popup Blocker = c:\program files\mcafee.com\mps\popupkiller.dll (McAfee, Inc. )
{41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - McAfee AntiPhishing Filter = c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll (McAfee, Inc. )
{4D25F921-B9FE-4682-BF72-8AB8210D6D75} - = C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (MyWay.com )
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - Yahoo! IE Services Button = C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc. )
{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - PCTools Site Guard = C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll (PC Tools )
{5CA3D70E-1895-11CF-8E15-001234567890} - DriveLetterAccess = C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions )
{AA58ED58-01DD-4d91-8333-CF10577473F7} - Google Toolbar Helper = c:\program files\google\googletoolbar2.dll (Google Inc. )
{B56A7D7D-6927-48C8-A975-17DF180C71AC} - PCTools Browser Monitor = C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll (PC Tools )
{BDF3E430-B101-42AD-A544-FADC6B084872} - CNavExtBho Class = C:\Program Files\Norton AntiVirus\NavShExt.dll (Symantec Corporation )

[>> Internet Explorer Bars, Toolbars and Extensions <<]

[HKLM-> Internet Explorer Bars]
{4D5C8C25-D075-11d0-B416-00C04FB90376} - &Tip of the Day = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation )

[HKCU-> Internet Explorer Bars]
{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} - File Search Explorer Band = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation )
{EFA24E64-B078-11D0-89E4-00C04FC9E26E} - Explorer Band = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation )

[HKLM-> Internet Explorer ToolBars]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google = c:\program files\google\googletoolbar2.dll (Google Inc. )
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Norton AntiVirus = C:\Program Files\Norton AntiVirus\NavShExt.dll (Symantec Corporation )
{BA52B914-B692-46c4-B683-905236F6F655} - McAfee VirusScan = c:\progra~1\mcafee.com\vso\mcvsshl.dll (McAfee, Inc. )
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc. )

[HKCU-> Internet Explorer ToolBars]
ShellBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Address = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )
ShellBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} - &Links = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation )
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Norton AntiVirus = C:\Program Files\Norton AntiVirus\NavShExt.dll (Symantec Corporation )
WebBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Address = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )
WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} - &Links = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation )
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} - &Google = c:\program files\google\googletoolbar2.dll (Google Inc. )
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc. )

[HKCU-> Internet Explorer CmdMapping]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - 8192 - Sun Java Console
{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - 8198 -
{39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - 8193 - McAfee AntiPhishing Filter
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - 8194 -
{92780B25-18CC-41C8-B9BE-3C9C571A8263} - 8195 -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - 8196 - Yahoo! Messenger
{FB5F1910-F110-11d2-BB9E-00C04F795683} - 8197 - Windows Messenger
NextId - 8199

[HKLM-> Internet Explorer Extensions]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - MenuText: Sun Java Console = Reg Data missing or invalid (File not found))
{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - ButtonText: Spyware Doctor = (File not found))
{39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - MenuText: McAfee AntiPhishing Filter = c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll (McAfee, Inc. )
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - ButtonText: Yahoo! Services = (File not found))
{92780B25-18CC-41C8-B9BE-3C9C571A8263} - ButtonText: Research = (File not found))
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - ButtonText: Yahoo! Messenger = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc. )
{FB5F1910-F110-11d2-BB9E-00C04F795683} - ButtonText: Messenger = C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation )

[HKCU-> Internet Explorer Menu Extensions]
&Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html (Google Inc. )
&Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html (Google Inc. )
&Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm (File not found))
Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html (Google Inc. )
Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html (Google Inc. )
E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation )
Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html (Google Inc. )
Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html (Google Inc. )
Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm (File not found))
Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm (File not found))
Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm (File not found))

[>> Approved Shell Extensions (Non-Microsoft only) <<]

[HKLM-> Approved Shell Extensions]
{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} - Autoplay for SlideShow = Reg Data missing or invalid (File not found))
{0DF44EAA-FF21-4412-828E-260A8728E7F1} - Taskbar and Start Menu = Reg Data missing or invalid (File not found))
{2F603045-309F-11CF-9774-0020AFD0CFF6} - Synaptics Control Panel = C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics, Inc. )
{42071714-76d4-11d1-8b24-00a0c9068ff3} - Display Panning CPL Extension = deskpan.dll (File not found))
{5464D816-CF16-4784-B9F3-75C0DB52B499} - Yahoo! Mail = C:\PROGRA~1\Yahoo!\Common\ymmapi.dll (Yahoo! Inc. )
{5CA3D70E-1895-11CF-8E15-001234567890} - DriveLetterAccess = C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions )
{764BF0E1-F219-11ce-972D-00AA00A14F56} - Shell extensions for file compression = Reg Data missing or invalid (File not found))
{7A9D77BD-5403-11d2-8785-2E0420524153} - User Accounts = Reg Data missing or invalid (File not found))
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - Encryption Context Menu = Reg Data missing or invalid (File not found))
{88895560-9AA2-1069-930E-00AA0030EBC8} - HyperTerminal Icon Ext = C:\WINDOWS\system32\hticons.dll (Hilgraeve, Inc. )
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - Shell Extensions for RealOne Player = C:\Program Files\Real\RealPlayer\rpshell.dll (RealNetworks, Inc. )

[>> ContextMenuHandlers (Non-Microsoft only) <<]

[HKLM-> ContextMenuHandlers]
* - {CFC7205E-2792-4378-9591-3879CC6C9022} - = c:\progra~1\mcafee.com\vso\mcvsshl.dll (McAfee, Inc. )
* - Symantec.Norton.Antivirus.IEContextMenu - {5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} = C:\Program Files\Norton AntiVirus\NavShExt.dll (Symantec Corporation )
* - Yahoo! Mail - {5464D816-CF16-4784-B9F3-75C0DB52B499} = C:\PROGRA~1\Yahoo!\Common\ymmapi.dll (Yahoo! Inc. )
Directory\Background - igfxcui - {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} = C:\WINDOWS\system32\igfxpph.dll (Intel Corporation )
Folder - {CFC7205E-2792-4378-9591-3879CC6C9022} - = c:\progra~1\mcafee.com\vso\mcvsshl.dll (McAfee, Inc. )
Folder - Symantec.Norton.Antivirus.IEContextMenu - {5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} = C:\Program Files\Norton AntiVirus\NavShExt.dll (Symantec Corporation )

[>> ColumnHandlers (Non-Microsoft only) <<]

[HKLM-> ColumnHandlers]
Folder - {F9DB5320-233E-11D1-9F84-707F02C10627} - PDF Shell Extension = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (Adobe Systems, Inc. )

[>> Registry Run Keys <<]
HKLM->Run\\dla - C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions )
HKLM->Run\\igfxhkcmd - C:\WINDOWS\system32\hkcmd.exe (Intel Corporation )
HKLM->Run\\igfxpers - C:\WINDOWS\system32\igfxpers.exe (Intel Corporation )
HKLM->Run\\igfxtray - C:\WINDOWS\system32\igfxtray.exe (Intel Corporation )
HKLM->Run\\IMJPMIG8.1 - "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation )
HKLM->Run\\IntelWireless - C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless (Intel Corporation )
HKLM->Run\\MCUpdateExe - c:\PROGRA~1\mcafee.com\agent\mcupdate.exe (McAfee, Inc )
HKLM->Run\\MSPY2002 - C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC ( )
HKLM->Run\\PHIME2002A - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName (Microsoft Corporation )
HKLM->Run\\PHIME2002ASync - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC (Microsoft Corporation )
HKLM->Run\\SunJavaUpdateSched - C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe ( )
HKLM->Run\\Symantec NetDriver Monitor - C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer (Symantec Corporation )
HKLM->Run\\SynTPEnh - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc. )
HKLM->Run\\TkBellExe - "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc. )
HKLM->Run\OptionalComponents\IMAIL - Installed = 1
HKLM->Run\OptionalComponents\MAPI - Installed = 1
HKLM->Run\OptionalComponents\MSFS - Installed = 1
HKCU->Run\\ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation )
HKCU->Run\\DellSupport - "C:\Program Files\Dell Support\DSAgnt.exe" /startup (Gteko Ltd. )
HKCU->Run\\MsnMsgr - "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (Microsoft Corporation )
HKCU->Run\\Yahoo! Pager - "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (Yahoo! Inc. )

[>> Startup Lnks <<]
HKLM->Common Startup - desktop.ini - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini ( )
HKLM->Common Startup - Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software )
HKCU->Startup - desktop.ini - C:\Documents and Settings\Lee Pek Shan\Start Menu\Programs\Startup\desktop.ini ( )

[>> Disabled MSConfig Items <<]
StartUpFolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk - Adobe Reader Speed Launch = C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE (Adobe Systems Incorporated )
StartUpReg\Adobe Photo Downloader - apdproxy = "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" (File not found))
StartUpReg\ccApp - ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" (Symantec Corporation )
StartUpReg\DMXLauncher - DMXLauncher = C:\Program Files\Dell\Media Experience\DMXLauncher.exe ( )
StartUpReg\DVDLauncher - DVDLauncher = "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" (CyberLink Corp. )
StartUpReg\ISUSPM Startup - isuspm = c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup (InstallShield Software Corporation )
StartUpReg\ISUSScheduler - issch = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation )
StartUpReg\MCAgentExe - McAgent = c:\PROGRA~1\mcafee.com\agent\McAgent.exe (McAfee, Inc )
StartUpReg\MCUpdateExe - mcupdate = c:\PROGRA~1\mcafee.com\agent\mcupdate.exe (McAfee, Inc )
StartUpReg\mmtask - mmtask = "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" (Musicmatch Inc. )
StartUpReg\MPFExe - MpfTray = C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe (McAfee Security )
StartUpReg\MPSExe - mscifapp = c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding (McAfee, Inc. )
StartUpReg\MSKAGENTEXE - MskAgent = C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe (McAfee Inc. )
StartUpReg\MSKDetectorExe - MSKDetct = C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup (McAfee, Inc. )
StartUpReg\OASClnt - oasclnt = C:\Program Files\McAfee.com\VSO\oasclnt.exe (McAfee, Inc. )
StartUpReg\QuickTime Task - qttask = "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Computer, Inc. )
StartUpReg\Registry Cleaner - Regclean = "C:\Program Files\Registry Cleaner Trial\Regclean.exe" -startminimize (SoftwareOnline.Com Inc )
StartUpReg\TkBellExe - realsched = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc. )
StartUpReg\VirusScan Online - mcvsshld = C:\Program Files\McAfee.com\VSO\mcvsshld.exe (McAfee, Inc. )
StartUpReg\VSOCheckTask - mcmnhdlr = "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask (McAfee, Inc. )
StartUpReg\Windows Defender - MSASCui = "C:\Program Files\Windows Defender\MSASCui.exe" -hide (Microsoft Corporation )

[>> User Agent Post Platform <<]
SV1 -

[>> AppInit DLLs <<]

[>> Image File Execution Options <<]
Your Image File Name Here without a path - Debugger = ntsd -d

[>> Shell Service Object Delay Load <<]
CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation )
PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation )
SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\system32\stobject.dll (Microsoft Corporation )
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\system32\webcheck.dll (Microsoft Corporation )

[>> Shell Execute Hooks <<]
{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - Microsoft AntiMalware ShellExecuteHook = C:\PROGRA~1\WINDOW~4\MpShHook.dll (Microsoft Corporation )
{AEB6717E-7E19-11d0-97EE-00C04FD91972} - URL Exec Hook = shell32.dll (Microsoft Corporation )

[>> Shared Task Scheduler <<]
{438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )
{8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon = %SystemRoot%\system32\browseui.dll (Microsoft Corporation )

[>> Winlogon <<]
UserInit - C:\WINDOWS\system32\userinit.exe, (Microsoft Corporation )
Shell - Explorer.exe (Microsoft Corporation )
System - (File not found))
Notify\crypt32chain - crypt32.dll (Microsoft Corporation )
Notify\cryptnet - cryptnet.dll (Microsoft Corporation )
Notify\cscdll - cscdll.dll (Microsoft Corporation )
Notify\igfxcui - igfxdev.dll (Intel Corporation )
Notify\IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation )
Notify\ScCertProp - wlnotify.dll (Microsoft Corporation )
Notify\Schedule - wlnotify.dll (Microsoft Corporation )
Notify\sclgntfy - sclgntfy.dll (Microsoft Corporation )
Notify\SensLogn - WlNotify.dll (Microsoft Corporation )
Notify\termsrv - wlnotify.dll (Microsoft Corporation )
Notify\WgaLogon - WgaLogon.dll (Microsoft Corporation )
Notify\wlballoon - wlnotify.dll (Microsoft Corporation )

[>> DNS Name Servers <<]
{23021FE2-2D16-4CAB-ADFB-5418CE9FAA34} - (Intel® PRO/Wireless 2200BG Network Connection)
{6B3ED435-9A6D-49F1-BCCB-7E3592D35220} - (1394 Net Adapter)
{E447D43E-06FD-409E-892B-425B16835236} - (Broadcom 440x 10/100 Integrated Controller)

[>> All Winsock2 Catalogs <<]
NameSpace_Catalog5\Catalog_Entries\000000000001 - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation )
NameSpace_Catalog5\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll (Microsoft Corporation )
NameSpace_Catalog5\Catalog_Entries\000000000003 - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000001 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000002 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000003 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000004 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000005 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000006 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000007 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000008 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000009 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000010 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000011 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000012 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000013 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000014 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000015 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000016 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000017 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000018 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000019 - CC:\WINDOWS\system32\mclsp.dll (File not found))
Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000023 - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000024 - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000025 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000026 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000027 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000028 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000029 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000030 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000031 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000032 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000033 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000034 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000035 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000036 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000037 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000038 - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation )
Protocol_Catalog9\Catalog_Entries\000000000039 - CC:\WINDOWS\system32\mclsp.dll (File not found))

[>> Protocol Handlers (Non-Microsoft only) <<]
ipp - (File not found))
msdaipp - (File not found))

[>> Protocol Filters (Non-Microsoft only) <<]

< Services (Non-Microsoft Only) >
Automatic LiveUpdate Scheduler (Automatic LiveUpdate Scheduler) - "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Symantec Event Manager (ccEvtMgr) - "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Symantec Settings Manager (ccSetMgr) - "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
EvtEng (EvtEng) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation ) [Automatic - Running - Win32, running in it's own process]
McAfee WSC Integration (McDetect.exe) - c:\program files\mcafee.com\agent\mcdetect.exe (McAfee, Inc ) [Automatic - Running - Win32, running in it's own process]
McAfee.com McShield (McShield) - c:\PROGRA~1\mcafee.com\vso\mcshield.exe (McAfee Inc. ) [Automatic - Running - Win32, running in it's own process]
McAfee Task Scheduler (McTskshd.exe) - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe (McAfee, Inc ) [Automatic - Running - Win32, running in it's own process]
McAfee Personal Firewall Service (MpfService) - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe (McAfee Corporation ) [Automatic - Running - Win32, running in it's own process]
Norton AntiVirus Auto-Protect Service (navapsvc) - "C:\Program Files\Norton AntiVirus\navapsvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Norton AntiVirus Firewall Monitor Service (NPFMntor) - "C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
RegSrvc (RegSrvc) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation ) [Automatic - Running - Win32, running in it's own process]
Spectrum24 Event Monitor (S24EventMonitor) - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) [Automatic - Running - Win32, running in it's own process]
PC Tools Spyware Doctor (SDhelper) - C:\Program Files\Spyware Doctor\sdhelp.exe (PC Tools Research Pty Ltd ) [Automatic - Running - Win32, running in it's own process]
Symantec Network Drivers Service (SNDSrvc) - "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Symantec SPBBCSvc (SPBBCSvc) - "C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Symantec Core LC (Symantec Core LC) - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
WLANKEEPER (WLANKEEPER) - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe (Intel® Corporation ) [Automatic - Running - Win32, running in it's own process]

< Files >

%SystemDrive%

%ProgramFilesDir%

%WinDir%

%System%
C:\WINDOWS\SYSTEM32\dfrg.msc - PEC2 ( [Ver = | Size = 41397 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\LegitCheckControl.dll - PTech (Microsoft Corporation [Ver = 1.5.0540.0 | Size = 571184 bytes | Date = 06/19/2006 16:19 | Attr = ])
C:\WINDOWS\SYSTEM32\MRT.exe - PECompact2 (Microsoft Corporation [Ver = 1.19.1567.0 | Size = 8325544 bytes | Date = 08/10/2006 03:03 | Attr = ])
C:\WINDOWS\SYSTEM32\MRT.exe - aspack (Microsoft Corporation [Ver = 1.19.1567.0 | Size = 8325544 bytes | Date = 08/10/2006 03:03 | Attr = ])
C:\WINDOWS\SYSTEM32\ntdll.dll - aspack (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 708096 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\nusrmgr.cpl - WSUD (Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 257024 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\rasdlg.dll - Umonitor (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 657920 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\wbdbase.deu - winsync ( [Ver = | Size = 1309184 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\WgaTray.exe - PTech (Microsoft Corporation [Ver = 1.5.0540.0 | Size = 304944 bytes | Date = 06/19/2006 16:19 | Attr = ])

%System%\Drivers folder and sub-folders

%windir% + sub-dirs for System or Hidden files less than 60 days old
C:\WINDOWS\bootstat.dat - ( [Ver = | Size = 2048 bytes | Date = 09/08/2006 19:52 | Attr = S])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB918899.cat - ( [Ver = | Size = 23751 bytes | Date = 07/28/2006 20:16 | Attr = S])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920214.cat - ( [Ver = | Size = 10337 bytes | Date = 07/27/2006 22:00 | Attr = S])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920670.cat - ( [Ver = | Size = 10925 bytes | Date = 07/21/2006 17:03 | Attr = S])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB921398.cat - ( [Ver = | Size = 13050 bytes | Date = 07/13/2006 22:24 | Attr = S])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB921883.cat - ( [Ver = | Size = 10925 bytes | Date = 07/15/2006 00:13 | Attr = S])
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB922616.cat - ( [Ver = | Size = 10925 bytes | Date = 07/14/2006 23:53 | Attr = S])
C:\WINDOWS\system32\config\default.LOG - ( [Ver = | Size = 1024 bytes | Date = 09/08/2006 19:58 | Attr = H ])
C:\WINDOWS\system32\config\SAM.LOG - ( [Ver = | Size = 1024 bytes | Date = 09/08/2006 19:53 | Attr = H ])
C:\WINDOWS\system32\config\SECURITY.LOG - ( [Ver = | Size = 1024 bytes | Date = 09/08/2006 20:03 | Attr = H ])
C:\WINDOWS\system32\config\software.LOG - ( [Ver = | Size = 1024 bytes | Date = 09/08/2006 20:18 | Attr = H ])
C:\WINDOWS\system32\config\system.LOG - ( [Ver = | Size = 1024 bytes | Date = 09/08/2006 19:58 | Attr = H ])
C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT.LOG - ( [Ver = | Size = 1024 bytes | Date = 08/24/2006 19:21 | Attr = H ])
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - ( [Ver = | Size = 1024 bytes | Date = 09/06/2006 23:45 | Attr = H ])
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\24f8f041-7451-4b13-884b-8e3a14350f7d - ( [Ver = | Size = 388 bytes | Date = 08/05/2006 17:17 | Attr = HS])
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\Preferred - ( [Ver = | Size = 24 bytes | Date = 08/05/2006 17:17 | Attr = HS])
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\bc0f0da8-ae5e-45c4-91f6-633367c7e533 - ( [Ver = | Size = 388 bytes | Date = 07/21/2006 22:00 | Attr = HS])
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred - ( [Ver = | Size = 24 bytes | Date = 07/21/2006 22:00 | Attr = HS])
C:\WINDOWS\Tasks\MP Scheduled Scan.job - ( [Ver = | Size = 330 bytes | Date = 09/08/2006 19:56 | Attr = H ])
C:\WINDOWS\Tasks\SA.DAT - ( [Ver = | Size = 6 bytes | Date = 09/08/2006 19:53 | Attr = H ])
CPL files -
C:\WINDOWS\SYSTEM32\access.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 68608 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\appwiz.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 549888 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\BACSCPL.cpl - ( [Ver = 7, 0, 13, 0 | Size = 24576 bytes | Date = 12/15/2003 12:09 | Attr = ])
C:\WINDOWS\SYSTEM32\bthprops.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 110592 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\desk.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 135168 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\firewall.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 80384 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\hdwwiz.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 155136 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\igfxcpl.cpl - (Intel Corporation [Ver = 3.0.0.4396 | Size = 77824 bytes | Date = 09/20/2005 09:35 | Attr = ])
C:\WINDOWS\SYSTEM32\inetcpl.cpl - (Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 358400 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\intl.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\irprops.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 380416 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\ISUSPM.cpl - (InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 73728 bytes | Date = 07/27/2004 16:50 | Attr = ])
C:\WINDOWS\SYSTEM32\joy.cpl - (Microsoft Corporation [Ver = 5.03.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 68608 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\jpicpl32.cpl - (Sun Microsystems [Ver = 1, 4, 2, 30 | Size = 61555 bytes | Date = 11/19/2003 17:48 | Attr = ])
C:\WINDOWS\SYSTEM32\main.cpl - (Microsoft Corporation [Ver = 5.1.2403.1 | Size = 187904 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\mmsys.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 618496 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\ncpa.cpl - (Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 35840 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\netsetup.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 25600 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\nusrmgr.cpl - (Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 257024 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\odbccp32.cpl - (Microsoft Corporation [Ver = 3.525.1117.0 (xpsp_sp2_rtm.040803-2158) | Size = 32768 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\powercfg.cpl - (Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 114688 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\QuickTime.cpl - (Apple Computer, Inc. [Ver = 7.0.2a38 | Size = 843776 bytes | Date = 06/03/2005 21:42 | Attr = ])
C:\WINDOWS\SYSTEM32\stac97.cpl - (SigmaTel Inc. [Ver = 1, 0, 0, 12 | Size = 102481 bytes | Date = 07/20/2004 15:14 | Attr = ])
C:\WINDOWS\SYSTEM32\sysdm.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 298496 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\telephon.cpl - (Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 28160 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\timedate.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 94208 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\wscui.cpl - (Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 148480 bytes | Date = 08/04/2004 05:00 | Attr = ])
C:\WINDOWS\SYSTEM32\wuaucpl.cpl - (Microsoft Corporation [Ver = 5.8.0.2469 built by: lab01_n(wmbla) | Size = 174360 bytes | Date = 05/26/2005 04:16 | Attr = ])
C:\WINDOWS\SYSTEM32\dllcache\wuaucpl.cpl - (Microsoft Corporation [Ver = 5.8.0.2469 built by: lab01_n(wmbla) | Size = 174360 bytes | Date = 05/26/2005 04:16 | Attr = ])
C:\WINDOWS\SYSTEM32\ReinstallBackups\0008\DriverFiles\igfxcpl.cpl - (Intel Corporation [Ver = 3.0.0.4363 | Size = 77824 bytes | Date = 07/19/2005 23:08 | Attr = ])
C:\WINDOWS\SYSTEM32\ReinstallBackups\0009\DriverFiles\igfxcpl.cpl - (Intel Corporation [Ver = 3.0.0.4396 | Size = 77824 bytes | Date = 09/20/2005 09:35 | Attr = ])

AllUsers Startup Folder
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini - ( [Ver = | Size = 84 bytes | Date = 08/10/2004 13:04 | Attr = HS])
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk - ( [Ver = | Size = 493 bytes | Date = 04/19/2006 00:46 | Attr = ])

AllUsers ApplicationData Folder
C:\Documents and Settings\All Users\Application Data\desktop.ini - ( [Ver = | Size = 62 bytes | Date = 08/10/2004 12:57 | Attr = HS])

CurrentUser Startup Folder
C:\Documents and Settings\Lee Pek Shan\Start Menu\Programs\Startup\desktop.ini - ( [Ver = | Size = 84 bytes | Date = 08/10/2004 13:04 | Attr = HS])

CurrentUser ApplicationData Folder
C:\Documents and Settings\Lee Pek Shan\Application Data\desktop.ini - ( [Ver = | Size = 62 bytes | Date = 08/10/2004 12:57 | Attr = HS])

DPF files
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - YInstStarter Class - CodeBase = C:\Program Files\Yahoo!\Common\yinsthelper.dll
{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - McAfee.com Operating System Class - CodeBase = http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} - Java Plug-in 1.4.2_03 - CodeBase = http://java.sun.com/products/plugin/autodl...indows-i586.cab
{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - Java Plug-in 1.4.2_03 - CodeBase = http://java.sun.com/products/plugin/autodl...indows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} - - CodeBase = http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab

Hosts file = 734 bytes. Reading all entries. C:\WINDOWS\System32\drivers\etc\Hosts
# Copyright © 1993-1999 Microsoft Corp. -
# -
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. -
# -
# This file contains the mappings of IP addresses to host names. Each -
# entry should be kept on an individual line. The IP address should -
# be placed in the first column followed by the corresponding host name. -
# The IP address and the host name should be separated by at least one -
# space. -
# -
# Additionally, comments (such as these) may be inserted on individual -
# lines or following the machine name denoted by a '#' symbol. -
# -
# For example: -
# -
# 102.54.94.97 rhino.acme.com # source server -
# 38.25.63.10 x.acme.com # x client host -
-
127.0.0.1 localhost -

< Add On's >

>>>>Output for AddOn file HKCU_IEDesktop.def<<<<

KEY - HKCU\Software\Microsoft\Internet Explorer\Desktop - Include SUBKEYS
HKCU\Software\Microsoft\Internet Explorer\Desktop -
Desktop\Components -
Desktop\Components\\DeskHtmlVersion - 272
Desktop\Components\\DeskHtmlMinorVersion - 5
Desktop\Components\\Settings - 1
Desktop\Components\\GeneralFlags - 1
Desktop\Components\0 -
Desktop\Components\0\\Source - About:Home
Desktop\Components\0\\SubscribedURL - About:Home
Desktop\Components\0\\FriendlyName - My Current Home Page
Desktop\Components\0\\Flags - 2
Desktop\Components\0\\Position - 2C 00 00 00 00 01 00 00 00 00 00 00 00 04 00 00 FA 02 00 00 00 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00
Desktop\Components\0\\CurrentState - 04 00 00 40
Desktop\Components\0\\OriginalStateInfo - 18 00 00 00 FF FF 00 00 FF FF 00 00 FF FF FF FF FF FF FF FF 04 00 00 00
Desktop\Components\0\\RestoredStateInfo - 18 00 00 00 6A 02 00 00 23 00 00 00 A4 00 00 00 9A 00 00 00 01 00 00 00
Desktop\General -
Desktop\General\\BackupWallpaper - %USERPROFILE%\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
Desktop\General\\WallpaperFileTime - 20 D0 8E D6 1E D0 C6 01
Desktop\General\\WallpaperLocalFileTime - 20 10 B2 E4 61 D0 C6 01
Desktop\General\\TileWallpaper - 0
Desktop\General\\WallpaperStyle - 2
Desktop\General\\Wallpaper - %USERPROFILE%\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
Desktop\General\\ComponentsPositioned - 1
Desktop\Old WorkAreas -
Desktop\Old WorkAreas\\NoOfOldWorkAreas - 1
Desktop\Old WorkAreas\\OldWorkAreaRects - 00 00 00 00 00 00 00 00 00 05 00 00 FA 02 00 00
Desktop\SafeMode -
Desktop\SafeMode\General -
Desktop\SafeMode\General\\Wallpaper - %SystemRoot%\Web\SafeMode.htt
Desktop\SafeMode\General\\VisitGallery - 0
Desktop\Scheme -
Desktop\Scheme\\Edit -
Desktop\Scheme\\Display -

>>>>Output for AddOn file Policies.def<<<<

KEY - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies - Include SUBKEYS
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies -
policies\Attachments -
policies\Attachments\\ScanWithAntiVirus - 2
policies\NonEnum -
policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} - 1
policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} - 1073741857
policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} - 32
policies\Ratings -
policies\system -
policies\system\\dontdisplaylastusername - 0
policies\system\\legalnoticecaption -
policies\system\\legalnoticetext -
policies\system\\shutdownwithoutlogon - 1
policies\system\\undockwithoutlogon - 1

KEY - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies - Include SUBKEYS
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies -
policies\Explorer -
policies\Explorer\\NoDriveTypeAutoRun - 145

>>>>Output for AddOn file SID_Run_Policies.def<<<<

KEY - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run - No SUBKEYS
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run -
Run\\Spyware Doctor -

KEY - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run - No SUBKEYS
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run -
Run\\Spyware Doctor -

KEY - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies - Include SUBKEYS
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies -
Policies\Explorer -
Policies\Explorer\\NoDriveTypeAutoRun - 145

KEY - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies - Include SUBKEYS
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies -
Policies\Explorer -
Policies\Explorer\\NoDriveTypeAutoRun - 145

< End of report >

#8 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:11:49 PM

Posted 08 September 2006 - 05:50 PM

Hi Daven81. That log looks pretty normal. No viruses or malware to be seen. There are a couple of items for you to consider.

It now appears that both Norton and McAfee anti-virus programs are installed and running. This in itself can cause problems. Since both programs are trying to control file access they can conflict with each other and cause various file access problems. I would recommend removing one or the other.

As for CPU usage. "Normal" is dependent on the system. Even though you might only have 1 or 2 programs open, there are lots of programs and services running in the background. Without any programs open the machine is still processing lots of items.

I also see that your java version is out of date. To update it do the following:

Updating Java:
  • Go to Start > Control Panel double-click on the Software icon > add/remove programs.
  • Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
    It should have next icon next to it: Posted Image
    Select it and click Remove.
  • Then Download and install the newest version from here:http://www.java.com/en/download/manual.jsp
Other than those items things are looking good.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#9 Daven81

Daven81
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:49 PM

Posted 17 September 2006 - 10:34 AM

Dear OldTimer,

Thanks for your advise. I'll try and see how is the outcome.
Very thank you for your guidance. Really happy to know you.

Regards
Daven




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users