Options
help wth nexplore virus
info.txt logfile of random's system information tool 1.06 2009-11-01 11:38:29
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 K:\WINDOWS\INF\PCHealth.inf
Adobe AIR-->K:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->K:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A92000000001}
Adobe Shockwave Player 11.5-->"K:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AVI to DVD Maker 3.1-->"K:\Program Files\AVI to DVD Maker\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->K:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Critical Update for Windows Media Player 11 (KB959772)-->"K:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Drivers Install For Linksys Easylink Advisor-->MsiExec.exe /I{A1960A82-DB70-474D-A86B-FA74466103C6}
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.3.0-->"K:\Program Files\DVDFab 5\unins000.exe"
DVDFab 6.1.1.8 Beta (20/10/2009)-->"K:\Program Files\DVDFab 6\unins000.exe"
Gamevance-->K:\Program Files\Gamevance\gvun.exe
Gateway Drivers and Applications Recovery-->K:\Program Files\Gateway\HPA\GWMenu.exe UNINSTALL
Google Toolbar for Internet Explorer-->"K:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"K:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->K:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->K:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"K:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"K:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"K:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"K:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"K:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
HP Image Zone 4.2-->K:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.2-->"K:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Software Update-->MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2}
HP Unload DLL Patch-->MsiExec.exe /X{595D0DE8-C38A-4432-B851-47DECC1A99BD}
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Linksys EasyLink Advisor 1.6 (0032)-->rundll32 K:\PROGRA~1\LINKSY~1\AUInst.dll,ExUninstall
magicolor 2400W Mono-->MUINST_S.EXE /PRN:"magicolor 2400W Mono"
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"K:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "K:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->K:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Base Smart Card Cryptographic Service Provider Package-->"K:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP-->"K:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"K:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"K:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"K:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0-->MsiExec.exe /I{428102E6-8A39-48B9-8389-847F5A44A600}
MSXML 4.0-->MsiExec.exe /I{54BB0384-1C33-488F-A95B-877E480D3EDC}
NVIDIA Drivers-->K:\WINDOWS\system32\nvuninst.exe UninstallGUI
Quicken Basic 98-->K:\WINDOWS\uninst.exe -fK:\QUICKENW\DeIsL1.isu
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Reader Rabbit I Can Read! With Phonics-->K:\Program Files\The Learning Company\Reader Rabbit I Can Read! With Phonics\uninstal.exe
Realtek High Definition Audio Driver-->RtlUpd.exe -r
SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6-->K:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{E9ED0801-253D-4FE9-AB20-F63DEFE72547}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"K:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"K:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"K:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"K:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB963027)-->"K:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB969897)-->"K:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB969897)-->"K:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB971961)-->"K:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB972260)-->"K:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB974455)-->"K:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"K:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"K:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"K:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"K:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"K:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"K:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"K:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"K:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->K:\WINDOWS\system32\MacroMed\Flash\genuinst.exe K:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)-->"K:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"K:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"K:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950759)-->"K:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"K:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"K:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"K:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"K:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"K:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"K:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"K:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"K:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"K:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"K:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"K:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"K:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"K:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"K:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"K:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"K:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"K:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"K:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"K:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"K:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"K:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"K:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"K:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"K:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"K:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"K:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"K:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"K:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"K:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"K:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"K:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"K:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"K:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371)-->"K:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"K:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"K:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"K:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"K:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969898)-->"K:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"K:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"K:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"K:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"K:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"K:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"K:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"K:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"K:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"K:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"K:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"K:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"K:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"K:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"K:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Soft Data Fax Modem with SmartCP-->K:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1\HXFSETUP.EXE -U -IPDRSLSM5K.inf
Sprint Desktop Sync-->MsiExec.exe /X{F818A41D-3535-4949-83BB-E41121697A97}
Sprint media manager -->K:\DOCUME~1\ALLUSE~1\APPLIC~1\TARMAI~1\{8912A~1\Setup.exe /remove /q0
Update for Windows Internet Explorer 8 (KB971930)-->"K:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB942763)-->"K:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"K:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"K:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"K:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"K:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"K:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"K:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Visual C++ 8.0 CRT (x86) WinSXS MSM-->MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}
Windows Internet Explorer 7-->"K:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"K:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"K:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"K:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"K:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"K:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows PowerShell(TM) 1.0-->"K:\WINDOWS\$NtUninstallKB926139-v2$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"K:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->K:\Program Files\WinRAR\uninstall.exe
Zoombinis Logical Journey(TM)-->K:\Program Files\The Learning Company\Zoombinis Logical Journey(TM)\uninstall.exe
======Security center information======
AV: AntiVir Desktop
======Environment variables======
"CLASSPATH"=.;K:\Program Files\Java\jre6\lib\ext\QTJava.zip
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;K:\Program Files\QuickTime\QTSystem\;K:\WINDOWS\system32\WindowsPowerShell\v1.0
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 2, GenuineIntel
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=0602
"QTJAVA"=K:\Program Files\Java\jre6\lib\ext\QTJava.zip
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
EOF
Logfile of random's system information tool 1.06 (written by random/random)
Run by Chuck Modisette at 2009-11-01 11:38:17
Microsoft Windows XP Professional Service Pack 3
System drive K: has 24 GB (63%) free of 38 GB
Total RAM: 1022 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:38:27 AM, on 11/1/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
K:\WINDOWS\System32\smss.exe
K:\WINDOWS\system32\winlogon.exe
K:\WINDOWS\system32\services.exe
K:\WINDOWS\system32\lsass.exe
K:\WINDOWS\system32\svchost.exe
K:\WINDOWS\System32\svchost.exe
K:\WINDOWS\system32\spoolsv.exe
K:\Program Files\Avira\AntiVir Desktop\sched.exe
K:\Program Files\Avira\AntiVir Desktop\avguard.exe
K:\Program Files\Bonjour\mDNSResponder.exe
K:\WINDOWS\System32\svchost.exe
K:\Program Files\Java\jre6\bin\jqs.exe
K:\WINDOWS\system32\nvsvc32.exe
K:\WINDOWS\system32\svchost.exe
K:\WINDOWS\Explorer.EXE
K:\WINDOWS\RTHDCPL.EXE
K:\WINDOWS\system32\RUNDLL32.EXE
K:\Program Files\HP\HP Software Update\HPWuSchd2.exe
K:\Program Files\iTunes\iTunesHelper.exe
K:\Program Files\Avira\AntiVir Desktop\avgnt.exe
K:\Program Files\Java\jre6\bin\jusched.exe
K:\Program Files\HP\hpcoretech\hpcmpmgr.exe
K:\WINDOWS\system32\ctfmon.exe
K:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
K:\Program Files\iPod\bin\iPodService.exe
K:\WINDOWS\system32\HPZipm12.exe
K:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
k:\program files\avira\antivir desktop\avcenter.exe
K:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe
K:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
K:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpHost.exe
K:\WINDOWS\system32\restore\rstrui.exe
K:\DOCUME~1\CHUCKM~1\LOCALS~1\Temp\b.exe
K:\Program Files\Internet Explorer\iexplore.exe
K:\Program Files\Internet Explorer\iexplore.exe
K:\Documents and Settings\Chuck Modisette\Local Settings\Temporary Internet Files\Content.IE5\JTUTQHJ3\RSIT[1].exe
K:\Program Files\trend micro\Chuck Modisette.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - K:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Smart-Shopper - {4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E} - K:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
O2 - BHO: (no name) - {5FC1B9B9-DC34-4B16-A925-85BEE72ED151} - K:\WINDOWS\system32\ads.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - K:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - K:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: (no name) - {C427644A-1C56-47DA-9C81-14271B765111} - K:\WINDOWS\system32\adsn.dll (file missing)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - K:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - K:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - K:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - K:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE K:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE K:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] "K:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [iTunesHelper] "K:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "K:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Google Quick Search Box] "K:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [avgnt] "K:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [MSDRV] NetFilter.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "K:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Component Manager] "K:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "K:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "K:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] K:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdloader] "K:\Documents and Settings\Chuck Modisette\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [swg] "K:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WhereSphere] K:\Documents and Settings\Chuck Modisette\Application Data\WhereSphere\wheresphere.exe
O4 - HKCU\..\Run: [PopRock] K:\DOCUME~1\CHUCKM~1\LOCALS~1\Temp\b.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] K:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; FunWebProducts; GTB6; .NET CLR 2.0.50727; Windows-Media-Player/10.00.00.3990; WinNT-PAI 20.07.2009; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.andkon.com/arcade/adventureaction/savethesheriff/"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = K:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = K:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://K:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - K:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - K:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - K:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - K:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - K:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - K:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/profiler/PCPitStop.CAB
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1217457109993
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1217460576180
O16 - DPF: {A1B8A30B-8AAA-4A3E-8869-1DA509E8A011} (Crystal ActiveX Report Viewer Control 10.0) - http://www.cornerstoneamerica.net/crystalreportviewers10/ActiveXControls/ActiveXViewer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: K:\WINDOWS\System32\FM20ENU32.dll
O20 - Winlogon Notify: 6827c4db696 - K:\WINDOWS\System32\FM20ENU32.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - K:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - K:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour Service - Apple Inc. - K:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - K:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Software Updater (gusvc) - Google - K:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - K:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - K:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - K:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - K:\WINDOWS\system32\HPZipm12.exe
--
End of file - 9816 bytes
======Scheduled tasks folder======
K:\WINDOWS\tasks\AppleSoftwareUpdate.job
K:\WINDOWS\tasks\User_Feed_Synchronization-{F6F1D808-9AA8-40BE-88A2-5A6B02ED2299}.job
K:\WINDOWS\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - K:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}]
Smart-Shopper - K:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll [2008-10-07 1172952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5FC1B9B9-DC34-4B16-A925-85BEE72ED151}]
K:\WINDOWS\system32\ads.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - K:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-26 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - K:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-09-20 762864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C427644A-1C56-47DA-9C81-14271B765111}]
K:\WINDOWS\system32\adsn.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - K:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-26 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - K:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - K:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - K:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-26 256112]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=K:\WINDOWS\RTHDCPL.EXE [2005-09-22 14854144]
"KernelFaultCheck"=K:\WINDOWS\system32\dumprep 0 -k []
"NvCplDaemon"=K:\WINDOWS\system32\NvCpl.dll [2008-09-17 13574144]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=K:\WINDOWS\system32\NvMcTray.dll [2008-09-17 86016]
"HP Software Update"=K:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"iTunesHelper"=K:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"QuickTime Task"=K:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"Google Quick Search Box"=K:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-06-07 68592]
"avgnt"=K:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"MSDRV"=NetFilter.exe []
"SunJavaUpdateSched"=K:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"HP Component Manager"=K:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"Adobe Reader Speed Launcher"=K:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=K:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=K:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"cdloader"=K:\Documents and Settings\Chuck Modisette\Application Data\mjusbsp\cdloader2.exe [2009-08-01 50520]
"swg"=K:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-31 68856]
"WhereSphere"=K:\Documents and Settings\Chuck Modisette\Application Data\WhereSphere\wheresphere.exe []
"PopRock"=K:\DOCUME~1\CHUCKM~1\LOCALS~1\Temp\b.exe [2009-10-31 161280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=K:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150596.exe [2009-04-29 468408]
K:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - K:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
HP Image Zone Fast Start.lnk - K:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="K:\WINDOWS\System32\FM20ENU32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\6827c4db696]
K:\WINDOWS\System32\FM20ENU32.dll [2009-10-31 121344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
K:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - K:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"K:\Program Files\LimeWire\LimeWire.exe"="K:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"K:\Documents and Settings\Chuck Modisette\Application Data\mjusbsp\magicJack.exe"="K:\Documents and Settings\Chuck Modisette\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack"
"K:\WINDOWS\explorer.exe"="K:\WINDOWS\explorer.exe:*:Enabled:Windows Shell"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{01d23e14-8ffb-11de-a49b-00161725e5c6}]
shell\AutoRun\command - L:\setup.exe
======List of files/folders created in the last 1 months======
2009-11-01 11:38:20 ----D---- K:\Program Files\trend micro
2009-11-01 11:38:17 ----D---- K:\rsit
2009-11-01 11:00:06 ----SHD---- K:\WINDOWS\system32\LocalService
2009-11-01 09:31:16 ----A---- K:\Program Files\Uninstall Fun Web Products.dll
2009-10-31 17:32:29 ----A---- K:\WINDOWS\system32\I3lHi.vbs
2009-10-31 17:24:00 ----A---- K:\WINDOWS\system32\PVSMt.vbs
2009-10-31 17:23:56 ----A---- K:\WINDOWS\system32\FM20ENU32.dll
2009-10-31 17:23:53 ----A---- K:\WINDOWS\system32\BBKHwhjwlHT4zq3.vbs
2009-10-31 16:56:28 ----D---- K:\Program Files\Kwanzy
2009-10-31 16:56:28 ----D---- K:\Documents and Settings\All Users\Application Data\Kwanzy
2009-10-31 16:56:12 ----D---- K:\Documents and Settings\Chuck Modisette\Application Data\WhereSphere
2009-10-31 16:54:56 ----HD---- K:\WINDOWS\PIF
2009-10-18 15:37:46 ----D---- K:\Program Files\Disney
2009-10-16 19:04:05 ----D---- K:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-10-15 18:39:24 ----RA---- K:\WINDOWS\system32\hpovst08.dll
2009-10-15 18:39:23 ----RA---- K:\WINDOWS\system32\hpotscl.dll
2009-10-15 18:21:36 ----D---- K:\Program Files\Common Files\HP
2009-10-15 18:18:35 ----D---- K:\Program Files\Hewlett-Packard
2009-10-15 18:18:35 ----D---- K:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2009-10-14 20:35:48 ----HDC---- K:\WINDOWS\$NtUninstallKB958869$
2009-10-14 20:33:55 ----HDC---- K:\WINDOWS\$NtUninstallKB969059$
2009-10-14 20:33:29 ----HDC---- K:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-14 20:33:24 ----HDC---- K:\WINDOWS\$NtUninstallKB974112$
2009-10-14 20:33:15 ----HDC---- K:\WINDOWS\$NtUninstallKB975025$
2009-10-14 20:33:08 ----HDC---- K:\WINDOWS\$NtUninstallKB974571$
2009-10-14 20:31:52 ----HDC---- K:\WINDOWS\$NtUninstallKB971486$
2009-10-14 20:31:21 ----HDC---- K:\WINDOWS\$NtUninstallKB973525$
2009-10-14 20:31:11 ----HDC---- K:\WINDOWS\$NtUninstallKB975467$
======List of files/folders modified in the last 1 months======
2009-11-01 11:38:20 ----RD---- K:\Program Files
2009-11-01 11:33:26 ----D---- K:\WINDOWS\system32
2009-11-01 11:27:02 ----SD---- K:\WINDOWS\Tasks
2009-11-01 10:08:51 ----D---- K:\WINDOWS
2009-11-01 09:35:20 ----D---- K:\WINDOWS\system32\Lang
2009-11-01 09:35:18 ----D---- K:\WINDOWS\Temp
2009-11-01 09:34:30 ----D---- K:\WINDOWS\system32\CatRoot2
2009-11-01 09:34:16 ----A---- K:\WINDOWS\SchedLgU.Txt
2009-11-01 09:31:53 ----D---- K:\WINDOWS\system32\drivers
2009-11-01 09:31:52 ----AD---- K:\Documents and Settings\All Users\Application Data\TEMP
2009-11-01 08:02:24 ----D---- K:\Documents and Settings\All Users\Application Data\Adobe
2009-11-01 07:52:59 ----A---- K:\WINDOWS\system32\PerfStringBackup.INI
2009-11-01 07:48:34 ----HD---- K:\Config.Msi
2009-10-31 21:30:57 ----D---- K:\WINDOWS\Prefetch
2009-10-31 21:12:29 ----D---- K:\Documents and Settings\Chuck Modisette\Application Data\LimeWire
2009-10-31 20:42:43 ----D---- K:\Documents and Settings\Chuck Modisette\Application Data\Vso
2009-10-31 17:21:04 ----SHD---- K:\WINDOWS\Installer
2009-10-31 17:19:22 ----D---- K:\Program Files\Common Files\Adobe
2009-10-31 16:56:33 ----D---- K:\WINDOWS\WinSxS
2009-10-31 16:55:09 ----D---- K:\Program Files\Windows Media Player
2009-10-31 16:41:48 ----D---- K:\Documents and Settings\Chuck Modisette\Application Data\Smart-Shopper
2009-10-24 16:08:40 ----A---- K:\WINDOWS\QUICKEN.INI
2009-10-21 19:09:02 ----D---- K:\Program Files\Gamevance
2009-10-21 05:06:29 ----HD---- K:\WINDOWS\inf
2009-10-20 18:06:44 ----D---- K:\Program Files\DVDFab 6
2009-10-20 17:54:38 ----D---- K:\WINDOWS\network diagnostic
2009-10-20 17:47:30 ----D---- K:\Documents and Settings\Chuck Modisette\Application Data\mjusbsp
2009-10-20 08:05:29 ----RSHDC---- K:\WINDOWS\system32\dllcache
2009-10-20 05:10:29 ----D---- K:\WINDOWS\Help
2009-10-15 18:40:42 ----A---- K:\WINDOWS\win.ini
2009-10-15 18:39:32 ----D---- K:\WINDOWS\twain_32
2009-10-15 18:23:13 ----RSD---- K:\WINDOWS\assembly
2009-10-15 18:21:36 ----D---- K:\Program Files\Common Files
2009-10-15 18:18:35 ----D---- K:\Program Files\HP
2009-10-15 06:18:05 ----D---- K:\WINDOWS\Microsoft.NET
2009-10-14 20:36:14 ----D---- K:\Program Files\Internet Explorer
2009-10-14 20:35:53 ----HD---- K:\WINDOWS\$hf_mig$
2009-10-14 20:35:51 ----A---- K:\WINDOWS\imsins.BAK
2009-10-02 11:01:57 ----A---- K:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\K:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; K:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Intel Processor Driver; K:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 ssmdrv;ssmdrv; K:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; K:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-08 55656]
R2 CdaC15BA;CdaC15BA; \??\K:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 elagopro;GoProto Protocol Driver for LELA; K:\WINDOWS\system32\DRIVERS\elagopro.sys [2007-03-22 28672]
R2 elaunidr;UniDriver for LELA; K:\WINDOWS\system32\DRIVERS\elaunidr.sys [2007-03-22 5376]
R2 mdmxsdk;mdmxsdk; K:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; K:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; K:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; K:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; K:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-05-15 49664]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; K:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-05-15 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; K:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-05-15 21568]
R3 HSF_DPV;HSF_DPV; K:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-07-22 1035008]
R3 HSFHWBS2;HSFHWBS2; K:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2005-07-22 231168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); K:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-23 3966976]
R3 mouhid;Mouse HID Driver; K:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; K:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-17 6132576]
R3 pcouffin;VSO Software pcouffin; K:\WINDOWS\System32\Drivers\pcouffin.sys [2008-12-10 47360]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; K:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 usbccgp;Microsoft USB Generic Parent Driver; K:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; K:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; K:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; K:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Microsoft USB PRINTER Class; K:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; K:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;USB Mass Storage Driver; K:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 winachsf;winachsf; K:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-07-22 717952]
S1 kbdhid;Keyboard HID Driver; K:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S1 NDISRD;NDISRD; K:\WINDOWS\system32\drivers\NDISRD.sys [2009-06-22 24576]
S3 Arp1394;1394 ARP Client Protocol; K:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BCM42RLY;BCM42RLY; \??\K:\WINDOWS\System32\BCM42RLY.SYS []
S3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\K:\WINDOWS\system32\GTNDIS5.SYS []
S3 NIC1394;1394 Net Driver; K:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; K:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); K:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; K:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; K:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 sscdserd;SAMSUNG Mobile Modem Diagnostic Serial Port (WDM); K:\WINDOWS\system32\DRIVERS\sscdserd.sys [2007-07-03 86824]
S3 USB_RNDIS;Compact Wireless-G USB Network Adapter with SpeedBooster; K:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
S3 USBAAPL;Apple Mobile USB Driver; K:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbaudio;USB Audio Driver (WDM); K:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; K:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; K:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; K:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; K:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; K:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-08 185089]
R2 Bonjour Service;Bonjour Service; K:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 JavaQuickStarterService;Java Quick Starter; K:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 NVSvc;NVIDIA Display Driver Service; K:\WINDOWS\system32\nvsvc32.exe [2008-09-17 163908]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; K:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
R3 iPod Service;iPod Service; K:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 Pml Driver HPZ12;Pml Driver HPZ12; K:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
S3 aspnet_state;ASP.NET State Service; K:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Boonty Games;Boonty Games; K:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-12-21 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; K:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; K:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; K:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-07 182768]
S3 idsvc;Windows CardSpace; K:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; K:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; K:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
EOF
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 K:\WINDOWS\INF\PCHealth.inf
Adobe AIR-->K:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->K:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A92000000001}
Adobe Shockwave Player 11.5-->"K:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AVI to DVD Maker 3.1-->"K:\Program Files\AVI to DVD Maker\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->K:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Critical Update for Windows Media Player 11 (KB959772)-->"K:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Drivers Install For Linksys Easylink Advisor-->MsiExec.exe /I{A1960A82-DB70-474D-A86B-FA74466103C6}
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.3.0-->"K:\Program Files\DVDFab 5\unins000.exe"
DVDFab 6.1.1.8 Beta (20/10/2009)-->"K:\Program Files\DVDFab 6\unins000.exe"
Gamevance-->K:\Program Files\Gamevance\gvun.exe
Gateway Drivers and Applications Recovery-->K:\Program Files\Gateway\HPA\GWMenu.exe UNINSTALL
Google Toolbar for Internet Explorer-->"K:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"K:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->K:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->K:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"K:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"K:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"K:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"K:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"K:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
HP Image Zone 4.2-->K:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.2-->"K:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Software Update-->MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2}
HP Unload DLL Patch-->MsiExec.exe /X{595D0DE8-C38A-4432-B851-47DECC1A99BD}
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Linksys EasyLink Advisor 1.6 (0032)-->rundll32 K:\PROGRA~1\LINKSY~1\AUInst.dll,ExUninstall
magicolor 2400W Mono-->MUINST_S.EXE /PRN:"magicolor 2400W Mono"
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"K:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "K:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->K:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Base Smart Card Cryptographic Service Provider Package-->"K:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP-->"K:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"K:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"K:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"K:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0-->MsiExec.exe /I{428102E6-8A39-48B9-8389-847F5A44A600}
MSXML 4.0-->MsiExec.exe /I{54BB0384-1C33-488F-A95B-877E480D3EDC}
NVIDIA Drivers-->K:\WINDOWS\system32\nvuninst.exe UninstallGUI
Quicken Basic 98-->K:\WINDOWS\uninst.exe -fK:\QUICKENW\DeIsL1.isu
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Reader Rabbit I Can Read! With Phonics-->K:\Program Files\The Learning Company\Reader Rabbit I Can Read! With Phonics\uninstal.exe
Realtek High Definition Audio Driver-->RtlUpd.exe -r
SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6-->K:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{E9ED0801-253D-4FE9-AB20-F63DEFE72547}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"K:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"K:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"K:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"K:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB963027)-->"K:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB969897)-->"K:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB969897)-->"K:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB971961)-->"K:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB972260)-->"K:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB974455)-->"K:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"K:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"K:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"K:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"K:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"K:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"K:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"K:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"K:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->K:\WINDOWS\system32\MacroMed\Flash\genuinst.exe K:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)-->"K:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"K:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"K:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950759)-->"K:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"K:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"K:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"K:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"K:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"K:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"K:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"K:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"K:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"K:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"K:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"K:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"K:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"K:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"K:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"K:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"K:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"K:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"K:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"K:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"K:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"K:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"K:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"K:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"K:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"K:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"K:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"K:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"K:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"K:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"K:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"K:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"K:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"K:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371)-->"K:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"K:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"K:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"K:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"K:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969898)-->"K:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"K:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"K:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"K:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"K:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"K:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"K:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"K:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"K:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"K:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"K:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"K:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"K:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"K:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"K:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Soft Data Fax Modem with SmartCP-->K:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1\HXFSETUP.EXE -U -IPDRSLSM5K.inf
Sprint Desktop Sync-->MsiExec.exe /X{F818A41D-3535-4949-83BB-E41121697A97}
Sprint media manager -->K:\DOCUME~1\ALLUSE~1\APPLIC~1\TARMAI~1\{8912A~1\Setup.exe /remove /q0
Update for Windows Internet Explorer 8 (KB971930)-->"K:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB942763)-->"K:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"K:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"K:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"K:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"K:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"K:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"K:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Visual C++ 8.0 CRT (x86) WinSXS MSM-->MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}
Windows Internet Explorer 7-->"K:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"K:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"K:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"K:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"K:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"K:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows PowerShell(TM) 1.0-->"K:\WINDOWS\$NtUninstallKB926139-v2$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"K:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->K:\Program Files\WinRAR\uninstall.exe
Zoombinis Logical Journey(TM)-->K:\Program Files\The Learning Company\Zoombinis Logical Journey(TM)\uninstall.exe
======Security center information======
AV: AntiVir Desktop
======Environment variables======
"CLASSPATH"=.;K:\Program Files\Java\jre6\lib\ext\QTJava.zip
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;K:\Program Files\QuickTime\QTSystem\;K:\WINDOWS\system32\WindowsPowerShell\v1.0
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 2, GenuineIntel
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=0602
"QTJAVA"=K:\Program Files\Java\jre6\lib\ext\QTJava.zip
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
EOF
Logfile of random's system information tool 1.06 (written by random/random)
Run by Chuck Modisette at 2009-11-01 11:38:17
Microsoft Windows XP Professional Service Pack 3
System drive K: has 24 GB (63%) free of 38 GB
Total RAM: 1022 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:38:27 AM, on 11/1/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
K:\WINDOWS\System32\smss.exe
K:\WINDOWS\system32\winlogon.exe
K:\WINDOWS\system32\services.exe
K:\WINDOWS\system32\lsass.exe
K:\WINDOWS\system32\svchost.exe
K:\WINDOWS\System32\svchost.exe
K:\WINDOWS\system32\spoolsv.exe
K:\Program Files\Avira\AntiVir Desktop\sched.exe
K:\Program Files\Avira\AntiVir Desktop\avguard.exe
K:\Program Files\Bonjour\mDNSResponder.exe
K:\WINDOWS\System32\svchost.exe
K:\Program Files\Java\jre6\bin\jqs.exe
K:\WINDOWS\system32\nvsvc32.exe
K:\WINDOWS\system32\svchost.exe
K:\WINDOWS\Explorer.EXE
K:\WINDOWS\RTHDCPL.EXE
K:\WINDOWS\system32\RUNDLL32.EXE
K:\Program Files\HP\HP Software Update\HPWuSchd2.exe
K:\Program Files\iTunes\iTunesHelper.exe
K:\Program Files\Avira\AntiVir Desktop\avgnt.exe
K:\Program Files\Java\jre6\bin\jusched.exe
K:\Program Files\HP\hpcoretech\hpcmpmgr.exe
K:\WINDOWS\system32\ctfmon.exe
K:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
K:\Program Files\iPod\bin\iPodService.exe
K:\WINDOWS\system32\HPZipm12.exe
K:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
k:\program files\avira\antivir desktop\avcenter.exe
K:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe
K:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
K:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpHost.exe
K:\WINDOWS\system32\restore\rstrui.exe
K:\DOCUME~1\CHUCKM~1\LOCALS~1\Temp\b.exe
K:\Program Files\Internet Explorer\iexplore.exe
K:\Program Files\Internet Explorer\iexplore.exe
K:\Documents and Settings\Chuck Modisette\Local Settings\Temporary Internet Files\Content.IE5\JTUTQHJ3\RSIT[1].exe
K:\Program Files\trend micro\Chuck Modisette.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - K:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Smart-Shopper - {4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E} - K:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
O2 - BHO: (no name) - {5FC1B9B9-DC34-4B16-A925-85BEE72ED151} - K:\WINDOWS\system32\ads.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - K:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - K:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: (no name) - {C427644A-1C56-47DA-9C81-14271B765111} - K:\WINDOWS\system32\adsn.dll (file missing)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - K:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - K:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - K:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - K:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE K:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE K:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] "K:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [iTunesHelper] "K:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "K:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Google Quick Search Box] "K:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [avgnt] "K:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [MSDRV] NetFilter.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "K:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Component Manager] "K:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "K:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "K:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] K:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdloader] "K:\Documents and Settings\Chuck Modisette\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [swg] "K:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WhereSphere] K:\Documents and Settings\Chuck Modisette\Application Data\WhereSphere\wheresphere.exe
O4 - HKCU\..\Run: [PopRock] K:\DOCUME~1\CHUCKM~1\LOCALS~1\Temp\b.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] K:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; FunWebProducts; GTB6; .NET CLR 2.0.50727; Windows-Media-Player/10.00.00.3990; WinNT-PAI 20.07.2009; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.andkon.com/arcade/adventureaction/savethesheriff/"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = K:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = K:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://K:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - K:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - K:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - K:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - K:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - K:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - K:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/profiler/PCPitStop.CAB
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1217457109993
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1217460576180
O16 - DPF: {A1B8A30B-8AAA-4A3E-8869-1DA509E8A011} (Crystal ActiveX Report Viewer Control 10.0) - http://www.cornerstoneamerica.net/crystalreportviewers10/ActiveXControls/ActiveXViewer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: K:\WINDOWS\System32\FM20ENU32.dll
O20 - Winlogon Notify: 6827c4db696 - K:\WINDOWS\System32\FM20ENU32.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - K:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - K:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour Service - Apple Inc. - K:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - K:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Software Updater (gusvc) - Google - K:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - K:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - K:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - K:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - K:\WINDOWS\system32\HPZipm12.exe
--
End of file - 9816 bytes
======Scheduled tasks folder======
K:\WINDOWS\tasks\AppleSoftwareUpdate.job
K:\WINDOWS\tasks\User_Feed_Synchronization-{F6F1D808-9AA8-40BE-88A2-5A6B02ED2299}.job
K:\WINDOWS\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - K:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}]
Smart-Shopper - K:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll [2008-10-07 1172952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5FC1B9B9-DC34-4B16-A925-85BEE72ED151}]
K:\WINDOWS\system32\ads.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - K:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-26 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - K:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-09-20 762864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C427644A-1C56-47DA-9C81-14271B765111}]
K:\WINDOWS\system32\adsn.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - K:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-26 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - K:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - K:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - K:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-26 256112]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=K:\WINDOWS\RTHDCPL.EXE [2005-09-22 14854144]
"KernelFaultCheck"=K:\WINDOWS\system32\dumprep 0 -k []
"NvCplDaemon"=K:\WINDOWS\system32\NvCpl.dll [2008-09-17 13574144]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=K:\WINDOWS\system32\NvMcTray.dll [2008-09-17 86016]
"HP Software Update"=K:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"iTunesHelper"=K:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"QuickTime Task"=K:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"Google Quick Search Box"=K:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-06-07 68592]
"avgnt"=K:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"MSDRV"=NetFilter.exe []
"SunJavaUpdateSched"=K:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"HP Component Manager"=K:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"Adobe Reader Speed Launcher"=K:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=K:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=K:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"cdloader"=K:\Documents and Settings\Chuck Modisette\Application Data\mjusbsp\cdloader2.exe [2009-08-01 50520]
"swg"=K:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-31 68856]
"WhereSphere"=K:\Documents and Settings\Chuck Modisette\Application Data\WhereSphere\wheresphere.exe []
"PopRock"=K:\DOCUME~1\CHUCKM~1\LOCALS~1\Temp\b.exe [2009-10-31 161280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=K:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150596.exe [2009-04-29 468408]
K:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - K:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
HP Image Zone Fast Start.lnk - K:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="K:\WINDOWS\System32\FM20ENU32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\6827c4db696]
K:\WINDOWS\System32\FM20ENU32.dll [2009-10-31 121344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
K:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - K:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"K:\Program Files\LimeWire\LimeWire.exe"="K:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"K:\Documents and Settings\Chuck Modisette\Application Data\mjusbsp\magicJack.exe"="K:\Documents and Settings\Chuck Modisette\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack"
"K:\WINDOWS\explorer.exe"="K:\WINDOWS\explorer.exe:*:Enabled:Windows Shell"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{01d23e14-8ffb-11de-a49b-00161725e5c6}]
shell\AutoRun\command - L:\setup.exe
======List of files/folders created in the last 1 months======
2009-11-01 11:38:20 ----D---- K:\Program Files\trend micro
2009-11-01 11:38:17 ----D---- K:\rsit
2009-11-01 11:00:06 ----SHD---- K:\WINDOWS\system32\LocalService
2009-11-01 09:31:16 ----A---- K:\Program Files\Uninstall Fun Web Products.dll
2009-10-31 17:32:29 ----A---- K:\WINDOWS\system32\I3lHi.vbs
2009-10-31 17:24:00 ----A---- K:\WINDOWS\system32\PVSMt.vbs
2009-10-31 17:23:56 ----A---- K:\WINDOWS\system32\FM20ENU32.dll
2009-10-31 17:23:53 ----A---- K:\WINDOWS\system32\BBKHwhjwlHT4zq3.vbs
2009-10-31 16:56:28 ----D---- K:\Program Files\Kwanzy
2009-10-31 16:56:28 ----D---- K:\Documents and Settings\All Users\Application Data\Kwanzy
2009-10-31 16:56:12 ----D---- K:\Documents and Settings\Chuck Modisette\Application Data\WhereSphere
2009-10-31 16:54:56 ----HD---- K:\WINDOWS\PIF
2009-10-18 15:37:46 ----D---- K:\Program Files\Disney
2009-10-16 19:04:05 ----D---- K:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-10-15 18:39:24 ----RA---- K:\WINDOWS\system32\hpovst08.dll
2009-10-15 18:39:23 ----RA---- K:\WINDOWS\system32\hpotscl.dll
2009-10-15 18:21:36 ----D---- K:\Program Files\Common Files\HP
2009-10-15 18:18:35 ----D---- K:\Program Files\Hewlett-Packard
2009-10-15 18:18:35 ----D---- K:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2009-10-14 20:35:48 ----HDC---- K:\WINDOWS\$NtUninstallKB958869$
2009-10-14 20:33:55 ----HDC---- K:\WINDOWS\$NtUninstallKB969059$
2009-10-14 20:33:29 ----HDC---- K:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-14 20:33:24 ----HDC---- K:\WINDOWS\$NtUninstallKB974112$
2009-10-14 20:33:15 ----HDC---- K:\WINDOWS\$NtUninstallKB975025$
2009-10-14 20:33:08 ----HDC---- K:\WINDOWS\$NtUninstallKB974571$
2009-10-14 20:31:52 ----HDC---- K:\WINDOWS\$NtUninstallKB971486$
2009-10-14 20:31:21 ----HDC---- K:\WINDOWS\$NtUninstallKB973525$
2009-10-14 20:31:11 ----HDC---- K:\WINDOWS\$NtUninstallKB975467$
======List of files/folders modified in the last 1 months======
2009-11-01 11:38:20 ----RD---- K:\Program Files
2009-11-01 11:33:26 ----D---- K:\WINDOWS\system32
2009-11-01 11:27:02 ----SD---- K:\WINDOWS\Tasks
2009-11-01 10:08:51 ----D---- K:\WINDOWS
2009-11-01 09:35:20 ----D---- K:\WINDOWS\system32\Lang
2009-11-01 09:35:18 ----D---- K:\WINDOWS\Temp
2009-11-01 09:34:30 ----D---- K:\WINDOWS\system32\CatRoot2
2009-11-01 09:34:16 ----A---- K:\WINDOWS\SchedLgU.Txt
2009-11-01 09:31:53 ----D---- K:\WINDOWS\system32\drivers
2009-11-01 09:31:52 ----AD---- K:\Documents and Settings\All Users\Application Data\TEMP
2009-11-01 08:02:24 ----D---- K:\Documents and Settings\All Users\Application Data\Adobe
2009-11-01 07:52:59 ----A---- K:\WINDOWS\system32\PerfStringBackup.INI
2009-11-01 07:48:34 ----HD---- K:\Config.Msi
2009-10-31 21:30:57 ----D---- K:\WINDOWS\Prefetch
2009-10-31 21:12:29 ----D---- K:\Documents and Settings\Chuck Modisette\Application Data\LimeWire
2009-10-31 20:42:43 ----D---- K:\Documents and Settings\Chuck Modisette\Application Data\Vso
2009-10-31 17:21:04 ----SHD---- K:\WINDOWS\Installer
2009-10-31 17:19:22 ----D---- K:\Program Files\Common Files\Adobe
2009-10-31 16:56:33 ----D---- K:\WINDOWS\WinSxS
2009-10-31 16:55:09 ----D---- K:\Program Files\Windows Media Player
2009-10-31 16:41:48 ----D---- K:\Documents and Settings\Chuck Modisette\Application Data\Smart-Shopper
2009-10-24 16:08:40 ----A---- K:\WINDOWS\QUICKEN.INI
2009-10-21 19:09:02 ----D---- K:\Program Files\Gamevance
2009-10-21 05:06:29 ----HD---- K:\WINDOWS\inf
2009-10-20 18:06:44 ----D---- K:\Program Files\DVDFab 6
2009-10-20 17:54:38 ----D---- K:\WINDOWS\network diagnostic
2009-10-20 17:47:30 ----D---- K:\Documents and Settings\Chuck Modisette\Application Data\mjusbsp
2009-10-20 08:05:29 ----RSHDC---- K:\WINDOWS\system32\dllcache
2009-10-20 05:10:29 ----D---- K:\WINDOWS\Help
2009-10-15 18:40:42 ----A---- K:\WINDOWS\win.ini
2009-10-15 18:39:32 ----D---- K:\WINDOWS\twain_32
2009-10-15 18:23:13 ----RSD---- K:\WINDOWS\assembly
2009-10-15 18:21:36 ----D---- K:\Program Files\Common Files
2009-10-15 18:18:35 ----D---- K:\Program Files\HP
2009-10-15 06:18:05 ----D---- K:\WINDOWS\Microsoft.NET
2009-10-14 20:36:14 ----D---- K:\Program Files\Internet Explorer
2009-10-14 20:35:53 ----HD---- K:\WINDOWS\$hf_mig$
2009-10-14 20:35:51 ----A---- K:\WINDOWS\imsins.BAK
2009-10-02 11:01:57 ----A---- K:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\K:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; K:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Intel Processor Driver; K:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 ssmdrv;ssmdrv; K:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; K:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-08 55656]
R2 CdaC15BA;CdaC15BA; \??\K:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 elagopro;GoProto Protocol Driver for LELA; K:\WINDOWS\system32\DRIVERS\elagopro.sys [2007-03-22 28672]
R2 elaunidr;UniDriver for LELA; K:\WINDOWS\system32\DRIVERS\elaunidr.sys [2007-03-22 5376]
R2 mdmxsdk;mdmxsdk; K:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; K:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; K:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; K:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; K:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-05-15 49664]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; K:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-05-15 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; K:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-05-15 21568]
R3 HSF_DPV;HSF_DPV; K:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-07-22 1035008]
R3 HSFHWBS2;HSFHWBS2; K:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2005-07-22 231168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); K:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-23 3966976]
R3 mouhid;Mouse HID Driver; K:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; K:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-17 6132576]
R3 pcouffin;VSO Software pcouffin; K:\WINDOWS\System32\Drivers\pcouffin.sys [2008-12-10 47360]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; K:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 usbccgp;Microsoft USB Generic Parent Driver; K:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; K:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; K:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; K:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Microsoft USB PRINTER Class; K:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; K:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;USB Mass Storage Driver; K:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 winachsf;winachsf; K:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-07-22 717952]
S1 kbdhid;Keyboard HID Driver; K:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S1 NDISRD;NDISRD; K:\WINDOWS\system32\drivers\NDISRD.sys [2009-06-22 24576]
S3 Arp1394;1394 ARP Client Protocol; K:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BCM42RLY;BCM42RLY; \??\K:\WINDOWS\System32\BCM42RLY.SYS []
S3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\K:\WINDOWS\system32\GTNDIS5.SYS []
S3 NIC1394;1394 Net Driver; K:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; K:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); K:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; K:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; K:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 sscdserd;SAMSUNG Mobile Modem Diagnostic Serial Port (WDM); K:\WINDOWS\system32\DRIVERS\sscdserd.sys [2007-07-03 86824]
S3 USB_RNDIS;Compact Wireless-G USB Network Adapter with SpeedBooster; K:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
S3 USBAAPL;Apple Mobile USB Driver; K:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbaudio;USB Audio Driver (WDM); K:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; K:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; K:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; K:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; K:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; K:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-08 185089]
R2 Bonjour Service;Bonjour Service; K:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 JavaQuickStarterService;Java Quick Starter; K:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 NVSvc;NVIDIA Display Driver Service; K:\WINDOWS\system32\nvsvc32.exe [2008-09-17 163908]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; K:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
R3 iPod Service;iPod Service; K:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 Pml Driver HPZ12;Pml Driver HPZ12; K:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
S3 aspnet_state;ASP.NET State Service; K:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Boonty Games;Boonty Games; K:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-12-21 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; K:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; K:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; K:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-07 182768]
S3 idsvc;Windows CardSpace; K:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; K:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; K:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
EOF
0
Comments
A few things before we start....
1. Please Read All Instructions Carefully.
2. If you don't understand something, stop and ask! Don't keep going on.
3. Please do not run any other tools or scans whilst I am helping you.
4. If you have to go away for an extended period of time, let me know.
5. Please continue to respond until I give you the "All Clear".
(Just because you can't see a problem doesn't mean it isn't there)
Please download Malwarebytes' Anti-Malware by clicking the link below:
Malwarebytes Anti-Malware - Reviews and free Malwarebytes Anti-Malware downloads at Download.com
Double Click mbam-setup.exe to install the application.
* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Quick Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* You'll be required to post the contents of this log later.
Please Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
Next let's have you download ComboFix.exe. Please visit this webpage for downloading and instructions for running the tool:
Go here ======> A guide and tutorial on using ComboFix <====== Go here
Please ensure you read this guide carefully and install the Recovery Console first.This applies to XP Pro and XP Home users only.If you have SP3 installed you will need to use the download meant for SP2.
The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.
Once installed, you should get a prompt that says:
The Recovery Console was successfully installed.
Please continue as follows:
(1) Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
(2) Click Yes to allow ComboFix to continue scanning for malware.
When the tool is finished, it will produce a report for you.
Please include MBAM log, C:\ComboFix.txt and a new HijackThis log for further review, so that we may continue cleansing the system.
Caution: Never run and remove files with Combofix unless supervised by a qualified security analyst who is experienced in the use of Combofix. Misuse can cause serious computer problems.