I got home today and my roomate has brilliantly installed the most anoying spyware I've ever experienced. I cannot get rid of it so I am coming here for help since I have gotten great help in the past from here.

thanks in advanced for any help that you all can give me.

Here is my HijackThis log file.

Logfile of HijackThis v1.99.1
Scan saved at 9:48:11 PM, on 12/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\SpyAxe\spyaxe.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SpyAxe\spyaxe.exe
C:\Program Files\ICQ\ICQ.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\pandasar\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
O2 - BHO: HomepageBHO - {1ca480cd-c0e5-4548-874e-b85b17905b3a} - C:\WINDOWS\system32\hp963E.tmp (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Program Files\Security Toolbar\Security Toolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\Program Files\ICQ\NDetect.exe
O4 - HKLM\..\Run: [SpyAxe] C:\Program Files\SpyAxe\spyaxe.exe /h
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\RunOnce: [ICQ] C:\Program Files\ICQ\ICQ.exe -trayboot
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1128186964250
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Copy these instructions to notepad and save them to your desktop for easy reference.


You will be restarting into Safe mode later. Here's help if you need it.

To use the F8 key to start Windows XP in Safe mode
Restart the computer.
Some computers have a progress bar that refers to the word BIOS. Others may not let you know what is happening.
As soon as the BIOS loads, begin tapping the F8 key on your keyboard. Do so until the Windows Advanced Options menu appears.
If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. If this happens, restart the computer and try again.
Using the arrow keys on the keyboard, select Safe mode and then press Enter.

------

Download
smitrem.zip


Save the file to your desktop.
Double click on smitRem.exe to extract the files it contains.

This will create a folder named smitrem on your desktop.
We'll use it later.
------------

Download CCleaner.

http://www.filehippo.com/download_ccleaner.html

Install CCleaner
Launch CCleaner and look in the upper right corner and click on the "Options" button.
Click "Advanced" and remove the check by "Only delete files in Windows temp folders older than 48 hours".
Click OK
Do not run CCleaner yet. You will run it later in safe mode.


Download the trial version of Ewido Security Suite:

http://www.ewido.net/en/download/

Install ewido.
During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
Launch ewido
It will prompt you to update click the OK button and it will go to the main screen
On the left side of the main screen click update
Click on Start and let it update.
DO NOT run a scan yet. You will do that later in safe mode.
--------------------------

Restart into Safe Mode.


Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.


Run Ewido:
Click on scanner
Click Complete System Scan and the scan will begin.
During the scan it will prompt you to clean files, click OK
When the scan is finished, look at the bottom of the screen and click the Save report button.
Save the report to your desktop


Start Ccleaner and click Run Cleaner


Go to Control Panel > Internet Options. Click on the Programs tab then click the "Reset Web Settings" button. Click Apply then OK.

Go to Control Panel > Display. Click on the "Desktop" tab then click the "Customize Desktop" button. Click on the "Web" tab. Under "Web Pages" you should see an entry checked called something like "Security info" or similar.If it is there, select that entry and click the "Delete" button. Click OK then Apply and OK.




Restart back into regular windows.




Go for a free online Virus scan here:

http://www.pandasoftware.com/activescan/

Allow it to clean

Panda will have the option to create a log afer the scan has finished. Click the See Report button. Then click the save Report button. It will be saved under the name activescan.txt Do that and post that log into your next reply here.


Post a new HiJackThis log along with the results from ActiveScan and the ewido scan


Open C:\smitfiles.txt and post the contents of that file

Sorry it took so long to post back my results. It's finals week, so you can probably guess how busy I've been.

Here is the panda log, and panda would not allow me to do a clean after I did their active scan.


Incident Status Location

Adware:adware/ist.istbar Not disinfected Windows Registry


here is the smitfiles.txt


smitRem © log file
version 2.8

by noahdfear


Microsoft Windows XP [Version 5.1.2600]
The current date is: Tue 12/13/2005
The current time is: 22:29:37.65

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

checking for ShudderLTD key

ShudderLTD key not present!

checking for PSGuard.com key


PSGuard.com key not present!




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SpyAxeFix © by noahdfear

spyaxe directory present

spyaxe uninstaller present

Starting spyaxe uninstaller

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{A1D9D3F0-8C2A-9A1D-A376-2CACFB10AB72}"="Reload Browse"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Existing Pre-run Files


~~~ Program Files ~~~

Security Toolbar


~~~ Shortcuts ~~~



~~~ Favorites ~~~

Antivirus Test Online.url


~~~ system32 folder ~~~

svchosts.dll
1024 dir
logfiles


~~~ Icons in System32 ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 Craig.Peaco*k@beyondlogic.org
Killing PID 752 'explorer.exe'
Killing PID 752 'explorer.exe'

Starting registry repairs

Deleting files


Remaining Post-run Files


~~~ Program Files ~~~



~~~ Shortcuts ~~~



~~~ Favorites ~~~



~~~ system32 folder ~~~



~~~ Icons in System32 ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~



~~~ Miscellaneous Files/folders ~~~




~~~ Wininet.dll ~~~

CLEAN! :)


Here is the ewido_scan report.

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 6:35:33 AM, 12/14/2005
+ Report-Checksum: E936616B

+ Scan result:

:mozilla.11:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\98g2wu7y.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\98g2wu7y.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\98g2wu7y.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\98g2wu7y.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\98g2wu7y.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\98g2wu7y.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@valueclick[1].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temp\temp.frCB36\SpyAxe.exe -> Adware.Spyaxe : Cleaned with backup
:mozilla.7:C:\Documents and Settings\matt\Application Data\Mozilla\Firefox\Profiles\ccsp46zc.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.11:C:\Documents and Settings\matt\Application Data\Mozilla\Firefox\Profiles\ccsp46zc.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.12:C:\Documents and Settings\matt\Application Data\Mozilla\Firefox\Profiles\ccsp46zc.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.16:C:\Documents and Settings\matt\Application Data\Mozilla\Firefox\Profiles\ccsp46zc.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.30:C:\Documents and Settings\matt\Application Data\Mozilla\Firefox\Profiles\ccsp46zc.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.31:C:\Documents and Settings\matt\Application Data\Mozilla\Firefox\Profiles\ccsp46zc.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.32:C:\Documents and Settings\matt\Application Data\Mozilla\Firefox\Profiles\ccsp46zc.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.9:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.10:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.11:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.12:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.13:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.14:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.21:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.22:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.23:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.24:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.25:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.26:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.27:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.28:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.29:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.30:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.31:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.32:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.33:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.34:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.35:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.36:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.37:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.38:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.39:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.40:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.41:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.42:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.43:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.44:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.45:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.46:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.47:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.48:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.49:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.50:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.51:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.52:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.53:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.54:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.55:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.56:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.57:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.58:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.59:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.60:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.61:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.62:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.63:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.64:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.65:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.66:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.67:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.68:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.69:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.70:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --counter : Cleaned with backup
:mozilla.74:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --list : Cleaned with backup
:mozilla.75:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --list : Cleaned with backup
:mozilla.76:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --list : Cleaned with backup
:mozilla.77:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --list : Cleaned with backup
:mozilla.78:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --list : Cleaned with backup
:mozilla.79:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --list : Cleaned with backup
:mozilla.80:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --list : Cleaned with backup
:mozilla.81:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --list : Cleaned with backup
:mozilla.82:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --list : Cleaned with backup
:mozilla.83:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --list : Cleaned with backup
:mozilla.84:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --list : Cleaned with backup
:mozilla.85:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --list : Cleaned with backup
:mozilla.86:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --list : Cleaned with backup
:mozilla.87:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --list : Cleaned with backup
:mozilla.88:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --list : Cleaned with backup
:mozilla.89:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --list : Cleaned with backup
:mozilla.90:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --list : Cleaned with backup
:mozilla.91:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --list : Cleaned with backup
:mozilla.92:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Masterstats : Cleaned with backup
:mozilla.98:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --tracker : Cleaned with backup
:mozilla.99:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --tracker : Cleaned with backup
:mozilla.100:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --tracker : Cleaned with backup
:mozilla.101:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.-- The nicest hobby on Earth ;) --tracker : Cleaned with backup
:mozilla.102:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Spylog : Cleaned with backup
:mozilla.104:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.110:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.111:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.112:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.113:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.114:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.115:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.116:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.117:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.118:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.135:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.137:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.138:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.139:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.140:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.142:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.144:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.145:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.146:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.147:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Paycounter : Cleaned with backup
:mozilla.171:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.176:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.177:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.178:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.192:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.193:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.194:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.195:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.196:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.201:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.202:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.213:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.222:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.223:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.224:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.227:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.230:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.231:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.232:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.233:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.234:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.235:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.236:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.237:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.238:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.239:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.240:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.241:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.242:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.243:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.244:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.262:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.263:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.264:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.265:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.266:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.277:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.278:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.279:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.293:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.294:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.305:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
:mozilla.308:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.309:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.312:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.315:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.316:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.317:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.318:C:\Documents and Settings\pandasar\Application Data\Mozilla\Firefox\Profiles\6b67bjq8.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Documents and Settings\pandasar\Cookies\pandasar@atdmt[1].txt -> Spyware.Cookie.Atdmt : Cleaned with backup


::Report End


And finaly here is my Hijack this file

Logfile of HijackThis v1.99.1
Scan saved at 6:44:13 AM, on 12/15/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\pandasar\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\Program Files\ICQ\NDetect.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\RunOnce: [ICQ] C:\Program Files\ICQ\ICQ.exe -trayboot
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1128186964250
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1134605803343
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Finals week! I remember. (Very stressful) Good luck with your exams.

This one can be selected and fixed using Hijackthis. It's an orphan.
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} -


How is everything running now?

Let's take one more type of log as a triple check.

Download Autoruns from this page:
http://www.sysinternals.com/Utilities/Autoruns.html

Unzip to a folder and the double click on autoruns.exe

Wait until the program has finished running (the status line will show 'Ready')
Under the 'Options' menu, make sure that 'Include Empty Sections' is checked.
Wait again until ready.

Be sure the 'Everything' tab is selected.
Select 'File -> Save' and save the output file.

Copy the contents of the Autoruns text file and post its contents in your next reply here.

Everything seems to running a lot smoother plus that nasty spyaxe is now gown.

thank you for all the help
here is the log file for autorns

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit

+ C:\WINDOWS\system32\userinit.exe Userinit Logon Application Microsoft Corporation c:\windows\system32\userinit.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell

+ Explorer.exe Windows Explorer Microsoft Corporation c:\windows\explorer.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ Acrobat Assistant 7.0 AcroTray Adobe Systems Inc. c:\program files\adobe\adobe acrobat 7.0\distillr\acrotray.exe

+ ccApp Symantec User Session Symantec Corporation c:\program files\common files\symantec shared\ccapp.exe

+ HP Component Manager HP Framework Component Manager Service Hewlett-Packard Company c:\program files\hp\hpcoretech\hpcmpmgr.exe

+ HP Software Update hpwuSchd Hewlett-Packard Company c:\program files\hp\hp software update\hpwuschd2.exe

+ iTunesHelper iTunesHelper Module Apple Computer, Inc. c:\program files\itunes\ituneshelper.exe

+ Mirabilis ICQ c:\program files\icq\ndetect.exe

+ NvCplDaemon NVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll

+ NvMediaCenter NVIDIA Media Center Library NVIDIA Corporation c:\windows\system32\nvmctray.dll

+ nwiz NVIDIA nView Wizard, Version 105.32 NVIDIA Corporation c:\windows\system32\nwiz.exe

+ POINTER Microsoft IntelliPoint Microsoft Corporation C:\Program Files\Microsoft Hardware\Mouse\point32.exe

+ QuickTime Task QuickTime Task Apple Computer, Inc. c:\program files\quicktime\qttask.exe

+ SunJavaUpdateSched Java™ 2 Platform Standard Edition binary Sun Microsystems, Inc. c:\program files\java\jre1.5.0_06\bin\jusched.exe

+ Symantec NetDriver Monitor Symantec Security Drivers Install Monitor Symantec Corporation c:\program files\symnetdrv\sndmon.exe

+ tgcmd Qwest approved - QuickCare Qwest c:\program files\support.com\bin\tgcmd.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

+ MsnMsgr MSN Messenger Microsoft Corporation c:\program files\msn messenger\msnmsgr.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

+ ICQ ICQ ICQ Inc. c:\program files\icq\icq.exe

HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components

+ Address Book 6 Outlook Express Setup Library Microsoft Corporation c:\program files\outlook express\setup50.exe

+ Browser Customizations Microsoft Internet Explorer Customization DLL Microsoft Corporation c:\windows\system32\iedkcs32.dll

+ Internet Explorer Windows NT User Data Migration Tool Microsoft Corporation c:\windows\system32\shmgrate.exe

+ Internet Explorer Windows Setup API Microsoft Corporation c:\windows\system32\setupapi.dll

+ Internet Explorer 6 IE 5.0 Per-User Install Utility Microsoft Corporation c:\windows\system32\ie4uinit.exe

+ Microsoft Outlook Express 6 Outlook Express Setup Library Microsoft Corporation c:\program files\outlook express\setup50.exe

+ Microsoft Windows Media Player Microsoft Windows Media Player Setup Utility Microsoft Corporation c:\windows\inf\unregmp2.exe

+ Microsoft Windows Media Player ADVPACK Microsoft Corporation c:\windows\system32\advpack.dll

+ NetMeeting 3.01 ADVPACK Microsoft Corporation c:\windows\system32\advpack.dll

+ Outlook Express Windows NT User Data Migration Tool Microsoft Corporation c:\windows\system32\shmgrate.exe

+ Themes Setup Microsoft© Register Server Microsoft Corporation c:\windows\system32\regsvr32.exe

+ Windows Desktop Update Microsoft© Register Server Microsoft Corporation c:\windows\system32\regsvr32.exe

+ Windows Messenger 4.7 ADVPACK Microsoft Corporation c:\windows\system32\advpack.dll

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler

+ Browseui preloader Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Component Categories cache daemon Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Reload Browse File not found: C:\WINDOWS\system32\svchosts.dll

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

+ CDBurn Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll

+ PostBootReminder Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll

+ SysTray Systray shell service object Microsoft Corporation c:\windows\system32\stobject.dll

+ WebCheck Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

+ ewido shell guard File not found: C:\Program Files\ewido\security suite\shellhook.dll

+ shell32.dll Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ %DESC_PublishDropTarget% Photo Printing Wizard Microsoft Corporation c:\windows\system32\photowiz.dll

+ &Address Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ .CAB file viewer Cabinet File Viewer Shell Extension Microsoft Corporation c:\windows\system32\cabview.dll

+ Accessible Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ ActiveX Cache Folder Object Control Viewer Microsoft Corporation c:\windows\system32\occache.dll

+ Address EditBox Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Administrative Tools Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ Adobe.Acrobat.ContextMenu Adobe Acrobat Context Menu Adobe Systems Inc. c:\program files\adobe\adobe acrobat 7.0\acrobat elements\contextmenu.dll

+ Audio Media Properties Handler Media File Property Extractor Shell Extension Microsoft Corporation c:\windows\system32\shmedia.dll

+ Augmented Shell Folder Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Augmented Shell Folder 2 Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Auto Update Property Sheet Extension Automatic Updates Control Panel Microsoft Corporation c:\windows\system32\wuaucpl.cpl

+ Avi Properties Handler Media File Property Extractor Shell Extension Microsoft Corporation c:\windows\system32\shmedia.dll

+ BandProxy Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Briefcase Windows Briefcase Microsoft Corporation c:\windows\system32\syncui.dll

+ CDF Extension Copy Hook Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ Channel File Channel Definition File Viewer Microsoft Corporation c:\windows\system32\cdfview.dll

+ Channel Handler Object Channel Definition File Viewer Microsoft Corporation c:\windows\system32\cdfview.dll

+ Channel Menu Channel Definition File Viewer Microsoft Corporation c:\windows\system32\cdfview.dll

+ Channel Properties Channel Definition File Viewer Microsoft Corporation c:\windows\system32\cdfview.dll

+ Channel Shortcut Channel Definition File Viewer Microsoft Corporation c:\windows\system32\cdfview.dll

+ Code Download Agent Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll

+ Compatibility Page Compatibility Tab Shell Extension DLL Microsoft Corporation c:\windows\system32\slayerxp.dll

+ Compressed (zipped) Folder Compressed (zipped) Folders Microsoft Corporation c:\windows\system32\zipfldr.dll

+ Compressed (zipped) Folder Right Drag Handler Compressed (zipped) Folders Microsoft Corporation c:\windows\system32\zipfldr.dll

+ Compressed (zipped) Folder SendTo Target Compressed (zipped) Folders Microsoft Corporation c:\windows\system32\zipfldr.dll

+ ConnectionAgent Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll

+ Crypto PKO Extension Crypto Shell Extensions Microsoft Corporation c:\windows\system32\cryptext.dll

+ Crypto Sign Extension Crypto Shell Extensions Microsoft Corporation c:\windows\system32\cryptext.dll

+ Custom MRU AutoCompleted List Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Darwin App Publisher Shell Application Manager Microsoft Corporation c:\windows\system32\appwiz.cpl

+ Desktop Explorer NVIDIA Desktop Explorer, Version 105.32 NVIDIA Corporation c:\windows\system32\nvshell.dll

+ Desktop Explorer Menu NVIDIA Desktop Explorer, Version 105.32 NVIDIA Corporation c:\windows\system32\nvshell.dll

+ Developer Studio Components Microsoft® Developer Studio Explorer Shell Extensions Microsoft Corporation c:\program files\microsoft visual studio\common\msdev98\bin\ide\devxpgl.dll

+ DfsShell Distributed File System shell extension Microsoft Corporation c:\windows\system32\dfsshlex.dll

+ Directory Context Menu Verbs Directory Service Common UI Microsoft Corporation c:\windows\system32\dsuiext.dll

+ Directory Object Find Directory Service Find Microsoft Corporation c:\windows\system32\dsquery.dll

+ Directory Property UI Directory Service Common UI Microsoft Corporation c:\windows\system32\dsuiext.dll

+ Directory Query UI Directory Service Find Microsoft Corporation c:\windows\system32\dsquery.dll

+ Directory Start/Search Find Directory Service Find Microsoft Corporation c:\windows\system32\dsquery.dll

+ Disk Copy Extension Windows DiskCopy Microsoft Corporation c:\windows\system32\diskcopy.dll

+ Disk Quota UI Windows Shell Disk Quota UI DLL Microsoft Corporation c:\windows\system32\dskquoui.dll

+ Display Adapter CPL Extension Advanced display adapter properties Microsoft Corporation c:\windows\system32\deskadp.dll

+ Display Monitor CPL Extension Advanced display monitor properties Microsoft Corporation c:\windows\system32\deskmon.dll

+ Display Panning CPL Extension File not found: deskpan.dll

+ Display TroubleShoot CPL Extension Advanced display performance properties Microsoft Corporation c:\windows\system32\deskperf.dll

+ Download Status Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ DS Security Page Directory Service Security UI Microsoft Corporation c:\windows\system32\dssec.dll

+ E-mail Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ Explorer Band Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ Extensions Manager Folder Extensions Manager Microsoft Corporation c:\windows\system32\extmgr.dll

+ Favorites Band Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ Fonts Windows Font Folder Microsoft Corporation c:\windows\system32\fontext.dll

+ Fonts Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ For &People... Find People Microsoft Corporation c:\program files\outlook express\wabfind.dll

+ FTP Folders Webview Microsoft Internet Explorer FTP Folder Shell Extension Microsoft Corporation c:\windows\system32\msieftp.dll

+ Fusion Cache Microsoft .NET Runtime Execution Engine Microsoft Corporation c:\windows\system32\mscoree.dll

+ GDI+ file thumbnail extractor Windows Picture and Fax Viewer Microsoft Corporation c:\windows\system32\shimgvw.dll

+ Get a Passport Wizard Map Network Drives/Network Places Wizard Microsoft Corporation c:\windows\system32\netplwiz.dll

+ Global Folder Settings Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Help and Support Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ Help and Support Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ History Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ HTML Thumbnail Extractor Windows Picture and Fax Viewer Microsoft Corporation c:\windows\system32\shimgvw.dll

+ HyperTerminal Icon Ext HyperTerminal Applet Library Hilgraeve, Inc. c:\windows\system32\hticons.dll

+ ICC Profile Microsoft Color Matching System User Interface DLL Microsoft Corporation c:\windows\system32\icmui.dll

+ ICM Monitor Management Microsoft Color Matching System User Interface DLL Microsoft Corporation c:\windows\system32\icmui.dll

+ ICM Printer Management Microsoft Color Matching System User Interface DLL Microsoft Corporation c:\windows\system32\icmui.dll

+ ICM Scanner Management Microsoft Color Matching System User Interface DLL Microsoft Corporation c:\windows\system32\icmui.dll

+ ICQ Shell Extension ICQ Shell Extension ICQ c:\program files\icq\icqshext.dll

+ IE4 Suite Splash Screen Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ IIS Shell Extension IIS W3ext Module Microsoft Corporation c:\windows\system32\inetsrv\w3ext.dll

+ In-pane search Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Installed Apps Enumerator Shell Application Manager Microsoft Corporation c:\windows\system32\appwiz.cpl

+ Internet Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ Internet Name Space Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ InternetShortcut Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ ISFBand OC Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ iTunes iTunes Mini Player DLL Apple Computer, Inc. c:\program files\itunes\itunesminiplayer.dll

+ Microsoft Agent Character Property Sheet Handler Microsoft Agent Property Sheet Handler Microsoft Corporation c:\windows\msagent\agentpsh.dll

+ Microsoft AutoComplete Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Microsoft Browser Architecture Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ Microsoft BrowserBand Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Microsoft Data Link Microsoft Data Access - OLE DB Core Services Microsoft Corporation c:\program files\common files\system\ole db\oledb32.dll

+ Microsoft DocProp Inplace Calendar Control Microsoft DocProp Shell Ext Microsoft Corporation c:\windows\system32\docprop2.dll

+ Microsoft DocProp Inplace Droplist Combo Control Microsoft DocProp Shell Ext Microsoft Corporation c:\windows\system32\docprop2.dll

+ Microsoft DocProp Inplace Edit Box Control Microsoft DocProp Shell Ext Microsoft Corporation c:\windows\system32\docprop2.dll

+ Microsoft DocProp Inplace ML Edit Box Control Microsoft DocProp Shell Ext Microsoft Corporation c:\windows\system32\docprop2.dll

+ Microsoft DocProp Inplace Time Control Microsoft DocProp Shell Ext Microsoft Corporation c:\windows\system32\docprop2.dll

+ Microsoft DocProp Shell Ext Microsoft DocProp Shell Ext Microsoft Corporation c:\windows\system32\docprop2.dll

+ Microsoft History AutoComplete List Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Microsoft Internet Toolbar Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Microsoft Multiple AutoComplete List Container Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Microsoft Office HTML Icon Handler Microsoft Office 2003 component Microsoft Corporation c:\program files\microsoft office\office11\msohev.dll

+ Microsoft Office Outlook Custom Icon Handler Outlook Shell Hook for Start/Find Microsoft Corporation c:\program files\microsoft office\office11\olkfstub.dll

+ Microsoft Office Outlook Desktop Icon Handler Microsoft Shell Extension Library Microsoft Corporation c:\program files\microsoft office\office11\mlshext.dll

+ Microsoft Shell Folder AutoComplete List Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Microsoft Url History Service Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ Microsoft Url Search Hook Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ Midi Properties Handler Media File Property Extractor Shell Extension Microsoft Corporation c:\windows\system32\shmedia.dll

+ MMC Icon Handler MMC Shell Extension DLL Microsoft Corporation c:\windows\system32\mmcshext.dll

+ MRU AutoComplete List Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Multimedia File Property Sheet Control Panel Drivers Applet Microsoft Corporation c:\windows\system32\mmsys.cpl

+ MyDocs Copy Hook My Documents Folder UI Microsoft Corporation c:\windows\system32\mydocs.dll

+ MyDocs Drop Target My Documents Folder UI Microsoft Corporation c:\windows\system32\mydocs.dll

+ MyDocs Properties My Documents Folder UI Microsoft Corporation c:\windows\system32\mydocs.dll

+ Network Connections Network Connections Shell Microsoft Corporation c:\windows\system32\netshell.dll

+ Network Connections Network Connections Shell Microsoft Corporation c:\windows\system32\netshell.dll

+ NTFS Security Page Security Shell Extension Microsoft Corporation c:\windows\system32\rshx32.dll

+ NvCpl DesktopContext Class NVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll

+ nView Desktop Context Menu NVIDIA Desktop Explorer, Version 105.32 NVIDIA Corporation c:\windows\system32\nvshell.dll

+ Offline Files Folder Client Side Caching UI Microsoft Corporation c:\windows\system32\cscui.dll

+ Offline Files Folder Options Client Side Caching UI Microsoft Corporation c:\windows\system32\cscui.dll

+ Offline Files Menu Client Side Caching UI Microsoft Corporation c:\windows\system32\cscui.dll

+ OLE Docfile Property Page OLE DocFile Property Page Microsoft Corporation c:\windows\system32\docprop.dll

+ OpenOffice.org Column Handler Sun Microsystems, Inc. c:\program files\openoffice.org 2.0\program\shlxthdl.dll

+ OpenOffice.org Infotip Handler Sun Microsystems, Inc. c:\program files\openoffice.org 2.0\program\shlxthdl.dll

+ OpenOffice.org Property Sheet Handler Sun Microsystems, Inc. c:\program files\openoffice.org 2.0\program\shlxthdl.dll

+ OpenOffice.org Thumbnail Viewer Sun Microsystems, Inc. c:\program files\openoffice.org 2.0\program\shlxthdl.dll

+ Play on my TV helper NVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll

+ PlusPack CPL Extension Windows Theme API Microsoft Corporation c:\windows\system32\themeui.dll

+ Portable Media Devices Portable Media Devices Shell Extension Microsoft Corporation c:\windows\system32\audiodev.dll

+ Portable Media Devices Menu Portable Media Devices Shell Extension Microsoft Corporation c:\windows\system32\audiodev.dll

+ PostAgent Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll

+ Previous Versions Previous Versions property page Microsoft Corporation c:\windows\system32\twext.dll

+ Previous Versions Property Page Previous Versions property page Microsoft Corporation c:\windows\system32\twext.dll

+ Print Ordering via the Web Map Network Drives/Network Places Wizard Microsoft Corporation c:\windows\system32\netplwiz.dll

+ Printers Security Page Security Shell Extension Microsoft Corporation c:\windows\system32\rshx32.dll

+ Registered ActiveX Controls Microsoft® Developer Studio Explorer Shell Extensions Microsoft Corporation c:\program files\microsoft visual studio\common\msdev98\bin\ide\devxpgl.dll

+ Registry Tree Options Utility Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Remote Sessions CPL Extension Remote Sessions CPL Extension Microsoft Corporation c:\windows\system32\remotepg.dll

+ Run... Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Corporation c:\windows\system32\wiashext.dll

+ Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Corporation c:\windows\system32\wiashext.dll

+ Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Corporation c:\windows\system32\wiashext.dll

+ Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Corporation c:\windows\system32\wiashext.dll

+ Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Corporation c:\windows\system32\wiashext.dll

+ Scheduled Tasks Task Scheduler interface DLL Microsoft Corporation c:\windows\system32\mstask.dll

+ Search Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ Search Assistant OC Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ Search Band Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Sendmail service Send Mail Microsoft Corporation c:\windows\system32\sendmail.dll

+ Sendmail service Send Mail Microsoft Corporation c:\windows\system32\sendmail.dll

+ Set Program Access and Defaults Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ Shell Application Manager Shell Application Manager Microsoft Corporation c:\windows\system32\appwiz.cpl

+ Shell Automation Inproc Service Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ Shell Band Site Menu Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Shell DeskBar Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Shell DeskBarApp Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Shell DocObject Viewer Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ Shell extensions for Microsoft Windows Network objects Network object shell UI Microsoft Corporation c:\windows\system32\ntlanui2.dll

+ Shell extensions for sharing Shell extensions for sharing Microsoft Corporation c:\windows\system32\ntshrui.dll

+ Shell extensions for sharing Shell extensions for sharing Microsoft Corporation c:\windows\system32\ntshrui.dll

+ Shell extensions for Windows Script Host Microsoft ® Shell Extension for Windows Script Host Microsoft Corporation c:\windows\system32\wshext.dll

+ Shell Image Data Factory Windows Picture and Fax Viewer Microsoft Corporation c:\windows\system32\shimgvw.dll

+ Shell Image Property Handler Windows Picture and Fax Viewer Microsoft Corporation c:\windows\system32\shimgvw.dll

+ Shell Image Verbs Windows Picture and Fax Viewer Microsoft Corporation c:\windows\system32\shimgvw.dll

+ Shell properties for a DS object Directory Service Find Microsoft Corporation c:\windows\system32\dsquery.dll

+ Shell Publishing Wizard Object Map Network Drives/Network Places Wizard Microsoft Corporation c:\windows\system32\netplwiz.dll

+ Shell Rebar BandSite Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Shell Scrap DataHandler Shell scrap object handler Microsoft Corporation c:\windows\system32\shscrap.dll

+ Subscription Folder Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll

+ Subscription Mgr Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll

+ Summary Info Thumbnail handler (DOCFILES) Windows Picture and Fax Viewer Microsoft Corporation c:\windows\system32\shimgvw.dll

+ Taskbar and Start Menu Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll

+ Tasks Folder Icon Handler Task Scheduler interface DLL Microsoft Corporation c:\windows\system32\mstask.dll

+ Tasks Folder Shell Extension Task Scheduler interface DLL Microsoft Corporation c:\windows\system32\mstask.dll

+ Temporary Internet Files Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ Temporary Internet Files Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ TextPad TextPad shell extension DLL Helios Software Solutions c:\program files\textpad 4\system\shellext.dll

+ The Internet Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

+ Track Popup Bar Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ TrayAgent Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll

+ TridentImageExtractor Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ User Accounts Map Network Drives/Network Places Wizard Microsoft Corporation c:\windows\system32\netplwiz.dll

+ User Assist Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ Video Media Properties Handler Media File Property Extractor Shell Extension Microsoft Corporation c:\windows\system32\shmedia.dll

+ Video Thumbnail Extractor Media File Property Extractor Shell Extension Microsoft Corporation c:\windows\system32\shmedia.dll

+ Wav Properties Handler Media File Property Extractor Shell Extension Microsoft Corporation c:\windows\system32\shmedia.dll

+ Web Folders Microsoft Web Folders Microsoft Corporation c:\program files\common files\microsoft shared\web folders\mson-- The nicest hobby on Earth ;) --t.dll

+ Web Printer Shell Extension Print UI DLL Microsoft Corporation c:\windows\system32\printui.dll

+ Web Publishing Wizard Map Network Drives/Network Places Wizard Microsoft Corporation c:\windows\system32\netplwiz.dll

+ Web Search Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll

+ WebCheck Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll

+ WebCheck SyncMgr Handler Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll

+ WebCheckChannelAgent Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll

+ WebCheckWebCrawler Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll

+ Windows Media Player Add to Playlist Context Menu Handler Windows Media Player Launcher Microsoft Corporation c:\windows\system32\wmpshell.dll

+ Windows Media Player Burn Audio CD Context Menu Handler Windows Media Player Launcher Microsoft Corporation c:\windows\system32\wmpshell.dll

+ Windows Media Player Play as Playlist Context Menu Handler Windows Media Player Launcher Microsoft Corporation c:\windows\system32\wmpshell.dll

HKLM\Software\Classes\Folder\Shellex\ColumnHandlers

+ PDF Shell Extension PDF Shell Extension Adobe Systems, Inc. c:\program files\adobe\adobe acrobat 7.0\activex\pdfshell.dll

+ {0D2E74C4-3C34-11d2-A27E-00C04FC30871} Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll

+ {24F14F01-7B1C-11d1-838f-0000F80461CF} Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll

+ {24F14F02-7B1C-11d1-838f-0000F80461CF} Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll

+ {66742402-F9B9-11D1-A202-0000F81FEDEE} Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll

+ {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} Sun Microsystems, Inc. c:\program files\openoffice.org 2.0\program\shlxthdl.dll

HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks

+ shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar

+ Norton AntiVirus File not found: C:\Program Files\Norton AntiVirus\NavShExt.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions

+ ICQ ICQ ICQ Inc. c:\program files\icq\icq.exe

+ Windows Messenger File not found: C:\Program Files\Messenger\msmsgs.exe

Task Scheduler

+ Norton AntiVirus - Scan my computer - Administrator.job Norton AntiVirus Scanner Module Symantec Corporation c:\program files\norton antivirus\navw32.exe

+ Norton AntiVirus - Scan my computer - pandasar.job Norton AntiVirus Scanner Module Symantec Corporation c:\program files\norton antivirus\navw32.exe

+ Symantec NetDetect.job Symantec NetDetect Symantec Corporation c:\program files\symantec\liveupdate\ndetect.exe

HKLM\System\CurrentControlSet\Services

+ Alerter Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe

+ AudioSrv Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe

+ Browser Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe

+ ccEvtMgr Symantec Event Manager Symantec Corporation c:\program files\common files\symantec shared\ccevtmgr.exe

+ ccSetMgr Symantec Settings Manager Symantec Corporation c:\program files\common files\symantec shared\ccsetmgr.exe

+ CryptSvc Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe

+ DcomLaunch Provides launch functionality for DCOM services. Microsoft Corporation c:\windows\system32\svchost.exe

+ Dhcp Manages network configuration by registering and updating IP addresses and DNS names. Microsoft Corporation c:\windows\system32\svchost.exe

+ dmserver Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe

+ Dnscache Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe

+ ERSvc Allows error reporting for services and applictions running in non-standard environments. Microsoft Corporation c:\windows\system32\svchost.exe

+ Eventlog Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped. Microsoft Corporation c:\windows\system32\services.exe

+ ewido security suite control ewido control ewido networks c:\program files\ewido\security suite\ewidoctrl.exe

+ helpsvc Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe

+ IISADMIN Allows administration of Web and FTP services through the Internet Information Services snap-in Microsoft Corporation c:\windows\system32\inetsrv\inetinfo.exe

+ lanmanserver Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe

+ lanmanworkstation Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe

+ LmHosts Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution. Microsoft Corporation c:\windows\system32\svchost.exe

+ MDM Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly. Microsoft Corporation c:\program files\common files\microsoft shared\vs7debug\mdm.exe

+ MSFtpsvc Provides FTP connectivity and administration through the Internet Information Services snap-in Microsoft Corporation c:\windows\system32\inetsrv\inetinfo.exe

+ navapsvc Handles Norton AntiVirus Auto-Protect events. Symantec Corporation c:\program files\norton antivirus\navapsvc.exe

+ NPFMntor Detects installation of Symantec Firewall clients Symantec Corporation c:\program files\norton antivirus\iwp\npfmntor.exe

+ NVSvc Provides system and desktop level support to the NVIDIA display driver NVIDIA Corporation c:\windows\system32\nvsvc32.exe

+ PlugPlay Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability. Microsoft Corporation c:\windows\system32\services.exe

+ PolicyAgent Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver. Microsoft Corporation c:\windows\system32\lsass.exe

+ ProtectedStorage Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users. Microsoft Corporation c:\windows\system32\lsass.exe

+ RemoteRegistry Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe

+ RpcSs Provides the endpoint mapper and other miscellaneous RPC services. Microsoft Corporation c:\windows\system32\svchost.exe

+ SamSs Stores security information for local user accounts. Microsoft Corporation c:\windows\system32\lsass.exe

+ SBService Norton AntiVirus ScripBlocking Service Symantec Corporation c:\program files\common files\symantec shared\script blocking\sbserv.exe

+ Schedule Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe

+ seclogon Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe

+ SENS Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events. Microsoft Corporation c:\windows\system32\svchost.exe

+ SharedAccess Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. Microsoft Corporation c:\windows\system32\svchost.exe

+ ShellHWDetection Provides notifications for AutoPlay hardware events. Microsoft Corporation c:\windows\system32\svchost.exe

+ SMTPSVC Transports electronic mail across the network Microsoft Corporation c:\windows\system32\inetsrv\inetinfo.exe

+ SNDSrvc Symantec Network Drivers Service Symantec Corporation c:\program files\common files\symantec shared\sndsrvc.exe

+ SPBBCSvc Symantec SPBBC Symantec Corporation c:\program files\common files\symantec shared\spbbc\spbbcsvc.exe

+ Spooler Loads files to memory for later printing. Microsoft Corporation c:\windows\system32\spoolsv.exe

+ srservice Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties Microsoft Corporation c:\windows\system32\svchost.exe

+ stisvc Provides image acquisition services for scanners and cameras. Microsoft Corporation c:\windows\system32\svchost.exe

+ Symantec Core LC Symantec Core LC Symantec Corporation c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe

+ Themes Provides user experience theme management. Microsoft Corporation c:\windows\system32\svchost.exe

+ TrkWks Maintains links between NTFS files within a computer or across computers in a network domain. Microsoft Corporation c:\windows\system32\svchost.exe

+ UMWdf Enables Windows user mode drivers. Microsoft Corporation c:\windows\system32\wdfmgr.exe

+ W32Time Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.

Microsoft Corporation c:\windows\system32\svchost.exe

+ W3SVC Provides Web connectivity and administration through the Internet Information Services snap-in Microsoft Corporation c:\windows\system32\inetsrv\inetinfo.exe

+ WebClient Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe

+ winmgmt Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\svchost.exe

+ wscsvc Monitors system security settings and configurations. Microsoft Corporation c:\windows\system32\svchost.exe

+ wuauserv Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. Microsoft Corporation c:\windows\system32\svchost.exe

+ WZCSVC Provides automatic configuration for the 802.11 adapters Microsoft Corporation c:\windows\system32\svchost.exe

HKLM\System\CurrentControlSet\Services

+ ACPI ACPI Driver for NT Microsoft Corporation c:\windows\system32\drivers\acpi.sys

+ aec Microsoft Acoustic Echo Canceller Microsoft Corporation c:\windows\system32\drivers\aec.sys

+ AFD AFD Networking Support Environment Microsoft Corporation c:\windows\system32\drivers\afd.sys

+ AmdK7 Processor Device Driver Microsoft Corporation c:\windows\system32\drivers\amdk7.sys

+ AsyncMac RAS Asynchronous Media Driver Microsoft Corporation c:\windows\system32\drivers\asyncmac.sys

+ atapi IDE/ATAPI Port Driver Microsoft Corporation c:\windows\system32\drivers\atapi.sys

+ Atmarpc ATM ARP Client Protocol Microsoft Corporation c:\windows\system32\drivers\atmarpc.sys

+ audstub AudStub Driver Microsoft Corporation c:\windows\system32\drivers\audstub.sys

+ cdrmkaun File not found: C:\DOCUME~1\pandasar\LOCALS~1\Temp\cdrmkaun.sys

+ Cdrom SCSI CD-ROM Driver Microsoft Corporation c:\windows\system32\drivers\cdrom.sys

+ Copystar Copystar SCSI miniport An Chen Computer c:\windows\system32\drivers\copystar.sys

+ Disk PnP Disk Driver Microsoft Corporation c:\windows\system32\drivers\disk.sys

+ dmio NT Disk Manager I/O Driver Microsoft Corp., Veritas Software c:\windows\system32\drivers\dmio.sys

+ dmload NT Disk Manager Startup Driver Microsoft Corp., Veritas Software. c:\windows\system32\drivers\dmload.sys

+ DMusic Microsoft Kernel DLS Synthesizer Microsoft Corporation c:\windows\system32\drivers\dmusic.sys

+ drmkaud Microsoft Kernel DRM Audio Descrambler Filter Microsoft Corporation c:\windows\system32\drivers\drmkaud.sys

+ Fdc Floppy Disk Controller Driver Microsoft Corporation c:\windows\system32\drivers\fdc.sys

+ Flpydisk Floppy Driver Microsoft Corporation c:\windows\system32\drivers\flpydisk.sys

+ Ftdisk FT Disk Driver Microsoft Corporation c:\windows\system32\drivers\ftdisk.sys

+ gameenum Game Port Enumerator Microsoft Corporation c:\windows\system32\drivers\gameenum.sys

+ GEARAspiWDM CDRom Class Filter Driver GEAR Software Inc. c:\windows\system32\drivers\gearaspiwdm.sys

+ Gpc Generic Packet Classifier Microsoft Corporation c:\windows\system32\drivers\msgpc.sys

+ HidUsb USB Miniport Driver for Input Devices Microsoft Corporation c:\windows\system32\drivers\hidusb.sys

+ HPZid412 IEEE-1284.4-1999 Driver (Windows 2000) HP c:\windows\system32\drivers\hpzid412.sys

+ HPZipr12 IEEE-1284.4-1999 Print Class Driver HP c:\windows\system32\drivers\hpzipr12.sys

+ HPZius12 1284.4<->Usb Datalink Driver (Windows 2000) HP c:\windows\system32\drivers\hpzius12.sys

+ HTTP This service implements the hypertext transfer protocol (HTTP). If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Corporation c:\windows\system32\drivers\http.sys

+ i8042prt i8042 Port Driver Microsoft Corporation c:\windows\system32\drivers\i8042prt.sys

+ Imapi IMAPI Kernel Driver Microsoft Corporation c:\windows\system32\drivers\imapi.sys

+ Ip6Fw Provides intrusion prevention service for a home or small office network. Microsoft Corporation c:\windows\system32\drivers\ip6fw.sys

+ IPFilter Microsoft IntelliPoint Microsoft Corporation c:\windows\system32\drivers\ipfilter.sys

+ IpFilterDriver IP Traffic Filter Driver Microsoft Corporation c:\windows\system32\drivers\ipfltdrv.sys

+ IpInIp IP in IP Tunnel Driver Microsoft Corporation c:\windows\system32\drivers\ipinip.sys

+ IpNat IP Network Address Translator Microsoft Corporation c:\windows\system32\drivers\ipnat.sys

+ IPSec IPSEC driver Microsoft Corporation c:\windows\system32\drivers\ipsec.sys

+ IRENUM Infra-Red Bus Enumerator Microsoft Corporation c:\windows\system32\drivers\irenum.sys

+ isapnp PNP ISA Bus Driver Microsoft Corporation c:\windows\system32\drivers\isapnp.sys

+ Kbdclass Keyboard Class Driver Microsoft Corporation c:\windows\system32\drivers\kbdclass.sys

+ kmixer Kernel Mode Audio Mixer Microsoft Corporation c:\windows\system32\drivers\kmixer.sys

+ Mouclass Mouse Class Driver Microsoft Corporation c:\windows\system32\drivers\mouclass.sys

+ mouhid HID Mouse Filter Driver Microsoft Corporation c:\windows\system32\drivers\mouhid.sys

+ ms_mpu401 MPU401 Adapter Driver Microsoft Corporation c:\windows\system32\drivers\msmpu401.sys

+ MSKSSRV MS KS Server Microsoft Corporation c:\windows\system32\drivers\mskssrv.sys

+ MSPCLOCK MS Proxy Clock Microsoft Corporation c:\windows\system32\drivers\mspclock.sys

+ MSPQM MS Proxy Quality Manager Microsoft Corporation c:\windows\system32\drivers\mspqm.sys

+ mssmbios System Management BIOS Driver Microsoft Corporation c:\windows\system32\drivers\mssmbios.sys

+ NAVENG AV Engine Symantec Corporation c:\program files\common files\symantec shared\virusdefs\20051214.017\naveng.sys

+ NAVEX15 AV Engine Symantec Corporation c:\program files\common files\symantec shared\virusdefs\20051214.017\navex15.sys

+ NdisTapi Remote Access NDIS TAPI Driver Microsoft Corporation c:\windows\system32\drivers\ndistapi.sys

+ Ndisuio NDIS Usermode I/O Protocol Microsoft Corporation c:\windows\system32\drivers\ndisuio.sys

+ NdisWan Remote Access NDIS WAN Driver Microsoft Corporation c:\windows\system32\drivers\ndiswan.sys

+ NetBT NetBios over Tcpip Microsoft Corporation c:\windows\system32\drivers\netbt.sys

+ nv NVIDIA Compatible Windows 2000 Miniport Driver, Version 78.01 NVIDIA Corporation c:\windows\system32\drivers\nv4_mini.sys

+ nv_agp NVIDIA nForce AGP Filter NVIDIA Corporation c:\windows\system32\drivers\nv_agp.sys

+ nvax NVIDIA® nForce™ MCP Audio Enumerator NVIDIA Corporation c:\windows\system32\drivers\nvax.sys

+ NVENET NVIDIA nForce MCP Networking Driver. NVIDIA Corporation c:\windows\system32\drivers\nvenet.sys

+ nvnforce NVIDIA® nForce™ Audio Driver NVIDIA Corporation c:\windows\system32\drivers\nvapu.sys

+ NwlnkFlt IPX Traffic Filter Driver Microsoft Corporation c:\windows\system32\drivers\nwlnkflt.sys

+ NwlnkFwd IPX Traffic Forwarder Driver Microsoft Corporation c:\windows\system32\drivers\nwlnkfwd.sys

+ Parport Parallel Port Driver Microsoft Corporation c:\windows\system32\drivers\parport.sys

+ PCI NT Plug and Play PCI Enumerator Microsoft Corporation c:\windows\system32\drivers\pci.sys

+ PCIIde Generic PCI IDE Bus Driver Microsoft Corporation c:\windows\system32\drivers\pciide.sys

+ PptpMiniport WAN Miniport (PPTP) Microsoft Corporation c:\windows\system32\drivers\raspptp.sys

+ PSched QoS Packet Scheduler Microsoft Corporation c:\windows\system32\drivers\psched.sys

+ Ptilink Direct Parallel Link Driver Parallel Technologies, Inc. c:\windows\system32\drivers\ptilink.sys

+ PxHelp20 Px Engine Device Driver for Windows 2000/XP Sonic Solutions c:\windows\system32\drivers\pxhelp20.sys

+ RasAcd Remote Access Auto Connection Driver Microsoft Corporation c:\windows\system32\drivers\rasacd.sys

+ Rasl2tp WAN Miniport (L2TP) Microsoft Corporation c:\windows\system32\drivers\rasl2tp.sys

+ RasPppoe Remote Access PPPOE Driver Microsoft Corporation c:\windows\system32\drivers\raspppoe.sys

+ Raspti Direct Parallel Microsoft Corporation c:\windows\system32\drivers\raspti.sys

+ RDPCDD RDP Miniport Microsoft Corporation c:\windows\system32\drivers\rdpcdd.sys

+ rdpdr Microsoft RDP Device redirector Microsoft Corporation c:\windows\system32\drivers\rdpdr.sys

+ redbook Redbook Audio Filter Driver Microsoft Corporation c:\windows\system32\drivers\redbook.sys

+ SAVRT AutoProtect Symantec Corporation c:\program files\norton antivirus\savrt.sys

+ SAVRTPEL SAVRTPEL Symantec Corporation c:\program files\norton antivirus\savrtpel.sys

+ Secdrv SafeDisc driver Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. c:\windows\system32\drivers\secdrv.sys

+ serenum Serial Port Enumerator Microsoft Corporation c:\windows\system32\drivers\serenum.sys

+ Serial Serial Device Driver Microsoft Corporation c:\windows\system32\drivers\serial.sys

+ SPBBCDrv SPBBC Driver Symantec Corporation c:\program files\common files\symantec shared\spbbc\spbbcdrv.sys

+ splitter Microsoft Kernel Audio Splitter Microsoft Corporation c:\windows\system32\drivers\splitter.sys

+ swenum Plug and Play Software Device Enumerator Microsoft Corporation c:\windows\system32\drivers\swenum.sys

+ swmidi Microsoft GS Wavetable Synthesizer Microsoft Corporation c:\windows\system32\drivers\swmidi.sys

+ SYMDNS DNS Filter Driver Symantec Corporation c:\windows\system32\drivers\symdns.sys

+ SymEvent Symantec Event Library Symantec Corporation c:\program files\symantec\symevent.sys

+ SYMFW Firewall Filter Driver Symantec Corporation c:\windows\system32\drivers\symfw.sys

+ SYMIDS IDS Filter Driver Symantec Corporation c:\windows\system32\drivers\symids.sys

+ SYMIDSCO IDS Core Driver Symantec Corporation c:\program files\common files\symantec shared\symcdata\ids-diskless\20051208.051\symidsco.sys

+ symlcbrd Symantec Core Component Symantec Corporation c:\windows\system32\drivers\symlcbrd.sys

+ SYMNDIS NDIS Filter Driver Symantec Corporation c:\windows\system32\drivers\symndis.sys

+ SYMREDRV Redirector Filter Driver Symantec Corporation c:\windows\system32\drivers\symredrv.sys

+ SYMTDI Network Dispatch Driver Symantec Corporation c:\windows\system32\drivers\symtdi.sys

+ sysaudio System Audio WDM Filter Microsoft Corporation c:\windows\system32\drivers\sysaudio.sys

+ Tcpip TCP/IP Protocol Driver Microsoft Corporation c:\windows\system32\drivers\tcpip.sys

+ TermDD Terminal Server Driver Microsoft Corporation c:\windows\system32\drivers\termdd.sys

+ Update Update Driver Microsoft Corporation c:\windows\system32\drivers\update.sys

+ usbccgp USB Common Class Generic Parent Driver Microsoft Corporation c:\windows\system32\drivers\usbccgp.sys

+ usbehci EHCI eUSB Miniport Driver Microsoft Corporation c:\windows\system32\drivers\usbehci.sys

+ usbhub Default Hub Driver for USB Microsoft Corporation c:\windows\system32\drivers\usbhub.sys

+ usbohci OHCI USB Miniport Driver Microsoft Corporation c:\windows\system32\drivers\usbohci.sys

+ usbprint USB Printer driver Microsoft Corporation c:\windows\system32\drivers\usbprint.sys

+ usbscan USB Scanner Driver Microsoft Corporation c:\windows\system32\drivers\usbscan.sys

+ USBSTOR USB Mass Storage Class Driver Microsoft Corporation c:\windows\system32\drivers\usbstor.sys

+ VgaSave VGA/Super VGA Video Driver Microsoft Corporation c:\windows\system32\drivers\vga.sys

+ Wanarp Remote Access IP ARP Driver Microsoft Corporation c:\windows\system32\drivers\wanarp.sys

+ wdmaud MMSYSTEM Wave/Midi API mapper Microsoft Corporation c:\windows\system32\drivers\wdmaud.sys

HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute

+ autocheck autochk * Auto Check Utility Microsoft Corporation c:\windows\system32\autochk.exe

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options

+ Your Image File Name Here without a path Symbolic Debugger for Windows 2000 Microsoft Corporation c:\windows\system32\ntsd.exe

HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls

+ advapi32 Advanced Windows 32 Base API Microsoft Corporation c:\windows\system32\advapi32.dll

+ comdlg32 Common Dialogs DLL Microsoft Corporation c:\windows\system32\comdlg32.dll

+ gdi32 GDI Client DLL Microsoft Corporation c:\windows\system32\gdi32.dll

+ imagehlp Windows NT Image Helper Microsoft Corporation c:\windows\system32\imagehlp.dll

+ kernel32 Windows NT BASE API Client DLL Microsoft Corporation c:\windows\system32\kernel32.dll

+ lz32 LZ Expand/Compress API DLL Microsoft Corporation c:\windows\system32\lz32.dll

+ ole32 Microsoft OLE for Windows Microsoft Corporation c:\windows\system32\ole32.dll

+ oleaut32 Microsoft Corporation c:\windows\system32\oleaut32.dll

+ olecli32 Object Linking and Embedding Client Library Microsoft Corporation c:\windows\system32\olecli32.dll

+ olecnv32 Microsoft OLE for Windows Microsoft Corporation c:\windows\system32\olecnv32.dll

+ olesvr32 Object Linking and Embedding Server Library Microsoft Corporation c:\windows\system32\olesvr32.dll

+ olethk32 Microsoft OLE for Windows Microsoft Corporation c:\windows\system32\olethk32.dll

+ rpcrt4 Remote Procedure Call Runtime Microsoft Corporation c:\windows\system32\rpcrt4.dll

+ shell32 Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll

+ url Internet Shortcut Shell Extension DLL Microsoft Corporation c:\windows\system32\url.dll

+ urlmon OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll

+ user32 Windows XP USER API Client DLL Microsoft Corporation c:\windows\system32\user32.dll

+ version Version Checking and File Installation Libraries Microsoft Corporation c:\windows\system32\version.dll

+ wininet Internet Extensions for Win32 Microsoft Corporation c:\windows\system32\wininet.dll

+ wldap32 Win32 LDAP API DLL Microsoft Corporation c:\windows\system32\wldap32.dll

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

+ crypt32chain Crypto API32 Microsoft Corporation c:\windows\system32\crypt32.dll

+ cryptnet Crypto Network Related API Microsoft Corporation c:\windows\system32\cryptnet.dll

+ cscdll Offline Network Agent Microsoft Corporation c:\windows\system32\cscdll.dll

+ ScCertProp Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll

+ Schedule Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll

+ sclgntfy Secondary Logon Service Notification DLL Microsoft Corporation c:\windows\system32\sclgntfy.dll

+ SensLogn Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll

+ termsrv Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll

+ wlballoon Common DLL to receive Winlogon notifications Microsoft Corporation c:\windows\system32\wlnotify.dll

HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9

+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{1F900875-4C40-4302-BD47-A6AC84D57484}] DATAGRAM 1 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll

+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{1F900875-4C40-4302-BD47-A6AC84D57484}] SEQPACKET 1 Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation c:\windows\system32\mswsock.dll

+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{55D80C91-F7AE-4318-BCC9-9F612A2ECD9E}] DATAGRAM 2 Microsoft Windows Sockets 2.0 Service Provider Microsoft

That looks good. You have one orphaned registry entry to clear.

Please go to start >Run and type

cmd.exe
Press enter.


Copy and paste this command into the command prompt. (Right click in the prompt window and choose paste from the menu)

Regedit /e /a s.txt HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler & Start Notepad s.txt




When s.txt opens, post the contents of that file please.

It didn't open a file. I gave me a warning messages that says:

Cannot find the s.txt file.

Do you want to create a new file?

Yes No Cancle

Thart happens sometimes due to a timing issue. Do not create a new file.

Run the command again please.

here is what is in that file

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{A1D9D3F0-8C2A-9A1D-A376-2CACFB10AB72}"="Reload Browse"

Copy the contents of the code box to notepad.
Name the file reload.reg
Save as type: All files

Double click on reload.reg and say yes to the prompt.





Once you have rebooted a time or two, be sure everything is in working order. It is time to flush your system restore points. Once you do that you will not be able to correct any problems you may have now by going back to a point before today.


After something like this it is a good idea to Flush the Restore Points and start fresh.
To flush the XP system Restore Points.

Go to Start>Run and type msconfig Press enter.

When msconfig opens, click the Launch System Restore Button.
On the next page, click the System Restore Settings Link on the left.

Check the box labeled Turn off System restore.


Reboot. Go back in and Turn System Restore Back on. A new Restore Point will be created.
----------------------------
Also here is an excellent source for tips to tighten security. Follow the advice and get the free downloads to help avoid some of these problems in the future.
http://www.computercops.biz/postt7736.html

Thanks for all the help.

Everything is running smooth once again.

Hi Pandasar,

You're welcome.

I'll close this Topic now that is has been resolved. If you need it reopened please PM a Moderator or Admin to do that.

Anyone else, please start your own topic and someone will help.

Mo