|
Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs |
|
Topic Tools |
#1
|
||||
|
||||
Could someone check a Hijackthis log
I just spent two afternoon's cleaning a friend's PC. It was a mess that started with Malwarrior and then got worse. AVG, Spybot and Malwarebyte's have finally come up clean. I hasn't worked since 06 so I've done all the MS updates also. I've gone in and manually cleaned out everything that was left over I could find. The only thing I don't know about is an entry for "backweb for hp". I thought backweb was bad. Thanks in advance!
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:23:33 PM, on 10/28/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Common Files\AOL\1151045508\ee\AOLSoftware.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe C:\WINDOWS\system32\??pPatch\c?rss.exe C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe C:\Program Files\RALINK\Common\RaUI.exe C:\PROGRA~1\Grisoft\AVG7\avgwb.dat C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.kodak.com/go/regeasyshare...DORIGIN=SKU110 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = actsvr.comcastonline.com:8100 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = actsvr.comcastonline.com;*.local F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, \s, O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar6.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\sw g.dll O2 - BHO: (no name) - {F92A8F98-AE62-4897-9DC2-E31EC007456D} - (no file) O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar6.dll O3 - Toolbar: (no name) - {6E90A503-DDFD-4CC5-9628-0391A05E7212} - (no file) O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1151045508\ee\AOLSoftware.exe O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe O4 - HKCU\..\Run: [Cxhjvv] C:\WINDOWS\system32\??pPatch\c?rss.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Policies\Explorer\Run: [{7C44673F-0BF9-1033-0216-050823200001}] "C:\Program Files\Common Files\{7C44673F-0BF9-1033-0216-050823200001}\Update.exe" te-110-12-0000132 O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Monitor.lnk = C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/pla.../installer.exe O20 - AppInit_DLLs: iSecurity.cpl O20 - Winlogon Notify: awtqpmk - awtqpmk.dll (file missing) O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 8113 bytes |
#2
|
||||
|
||||
Hello Sapper2ID,
Some serious infection showing active there. Let's get more details to start repairs from. To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. Download RSIT (random's system information tool) from here to your desktop, then click on the RSIT.exe to start the scan. If necessary allow it to locate or download a copy of HijackThis as needed. Once the scan completes a textbox will open - copy/paste those contents here for review please. The log can also be found at C:\rsit\log.txt. RSIT will also create a second log, info.txt, which will be minimized to your taskbar. Post that here as well please (it will also be stored at C:\rsit\info.txt). You can break logs into parts and use separate posts here when replying and posting the log files, if needed. |
#3
|
||||
|
||||
Thanks, this is why you ask the experts.
Logfile of random's system information tool 1.04 (written by random/random) Run by HP_Owner at 2008-10-30 14:15:45 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 138 GB (75%) free of 184 GB Total RAM: 503 MB (23% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:15:51 PM, on 10/30/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\AOL\1151045508\ee\AOLSoftware.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\WINDOWS\ALCMTR.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe C:\WINDOWS\system32\??pPatch\c?rss.exe C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\HP_Owner\Desktop\RSIT.exe C:\Program Files\Trend Micro\HijackThis\HP_Owner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.kodak.com/go/regeasyshare...DORIGIN=SKU110 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = actsvr.comcastonline.com:8100 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = actsvr.comcastonline.com;*.local F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, \s, O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar6.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\sw g.dll O2 - BHO: (no name) - {F92A8F98-AE62-4897-9DC2-E31EC007456D} - (no file) O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar6.dll O3 - Toolbar: (no name) - {6E90A503-DDFD-4CC5-9628-0391A05E7212} - (no file) O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1151045508\ee\AOLSoftware.exe O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe O4 - HKCU\..\Run: [Cxhjvv] C:\WINDOWS\system32\??pPatch\c?rss.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Policies\Explorer\Run: [{7C44673F-0BF9-1033-0216-050823200001}] "C:\Program Files\Common Files\{7C44673F-0BF9-1033-0216-050823200001}\Update.exe" te-110-12-0000132 O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Monitor.lnk = C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/pla.../installer.exe O20 - AppInit_DLLs: iSecurity.cpl O20 - Winlogon Notify: awtqpmk - awtqpmk.dll (file missing) O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe |
#4
|
||||
|
||||
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 8132 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\HP Usg Daily.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll [2006-05-03 434279] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar6.dll [2007-01-19 2403392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\sw g.dll [2008-10-28 737776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{F92A8F98-AE62-4897-9DC2-E31EC007456D}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - HP view - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll [2003-11-21 98304] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar6.dll [2007-01-19 2403392] {6E90A503-DDFD-4CC5-9628-0391A05E7212} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run] "HostManager"=C:\Program Files\Common Files\AOL\1151045508\ee\AOLSoftware.exe [2006-03-08 48280] "IPHSend"=C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe [2006-03-27 126104] "AVG7_CC"=C:\PROGRA~1\Grisoft\AVG7\avgcc.exe [2008-10-28 590848] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-09-21 86016] "AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2005-09-21 2807808] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe [2007-08-02 68856] "Cxhjvv"=C:\WINDOWS\system32\??pPatch\c?rss.ex e [2008-09-30 230400] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296] [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\Explorer\Run] "{7C44673F-0BF9-1033-0216-050823200001}"=C:\Program Files\Common Files\{7C44673F-0BF9-1033-0216-050823200001}\Update.exe te-110-12-0000132 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acme.PCHButton] C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\PCHBu tton.exe [2005-03-10 159744] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe [2004-06-29 88363] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd] C:\WINDOWS\ALCWZRD.EXE [2005-09-21 2807808] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut] C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-18 61952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe [2004-11-02 126976] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 9.exe [2004-05-04 176128] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon05] C:\WINDOWS\system32\hphmon05.exe [2004-05-04 491520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06] C:\WINDOWS\system32\hphmon06.exe [2004-06-07 659456] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05] C:\Program Files\HP\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe [2004-03-31 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe [2004-06-07 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv] c:\windows\system\hpsysdrv.exe [1998-05-07 52736] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2004-10-14 278528] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] C:\HP\KBD\KBD.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility] Logi_MwX.Exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2004-10-14 253952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2] C:\WINDOWS\system32\ps2.exe [2004-10-25 90112] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE [2004-04-14 233472] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder] C:\Windows\Creator\Remind_XP.exe [2004-12-14 663552] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] C:\WINDOWS\SOUNDMAN.EXE [2005-09-21 86016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2004-11-05 258048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk] C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE [2005-03-10 757760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak software updater.lnk] C:\PROGRA~1\Kodak\KODAKS~1\7288971\Program\KODAKS~ 1.EXE [2004-02-13 16423] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk] C:\PROGRA~1\UPDATE~1\309731\Program\UPDATE~1.EXE [2005-03-10 45056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Owner^Start Menu^Programs^Startup^OpenOffice.org 2.3.lnk] C:\PROGRA~1\OPENOF~1.3\program\QUICKS~1.EXE [2007-08-17 393216] C:\Documents and Settings\All Users\Start Menu\Programs\Startup Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe Monitor.lnk - C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="iSecurity.cpl" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtqpmk] awtqpmk.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxsrvc.dll [2004-11-02 348160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Lsa] "authentication packages"=msv1_0 C:\WINDOWS\system32\ddaby.dll [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoActiveDesktop"=0 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list] "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Common Files\AOL\1151045508\EE\aim6.exe"="C:\Program Files\Common Files\AOL\1151045508\EE\aim6.exe:*:Enabled:AIM" "C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer" "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealP layer" "C:\Program Files\Rhapsody\rhapsody.exe"="C:\Program Files\Rhapsody\rhapsody.exe:*:Enabled:RealNetworks Rhapsody" "C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.e xe" "C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr .exe" "C:\Program Files\Grisoft\AVG7\avgemc.exe"="C:\Program Files\Grisoft\AVG7\avgemc.exe:*:Enabled:avgemc.exe " "C:\Program Files\Namo\WebEditor 6\bin\WebEditor.exe"="C:\Program Files\Namo\WebEditor 6\bin\WebEditor.exe:*:Enabled:Namo WebEditor 6.0" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\yqkolvqr.exe"="C:\WINDOWS\sys tem32\yqk" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*isabled:Bonjour " "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*isabled:Earthlink" "C:\Documents and Settings\HP_Owner\bjryd.exe"="C:\Documents and Settings\HP_Owner\bjryd.exe:*isabled:ENABLE" "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\syst em32\sessmgr.exe:*isabled:@xpsp2res.dll,-22019" "C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe"="C:\Prog ram Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled :AOL" "C:\Program Files\Common Files\AOL\System Information\sinf.exe"="C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\1151045508\EE\AOLServiceHost.exe"="C:\Pr ogram Files\Common Files\AOL\1151045508\EE\AOLServiceHost.exe:*:Enabl ed:AOL" "C:\Program Files\Common Files\AOL\1139285104\EE\AOLServiceHost.exe"="C:\Pr ogram Files\Common Files\AOL\1139285104\EE\AOLServiceHost.exe:*:Enabl ed:AOL" "C:\Program Files\America Online 9.0c\waol.exe"="C:\Program Files\America Online 9.0c\waol.exe:*:Enabled:AOL" "C:\Program Files\America Online 9.0b\waol.exe"="C:\Program Files\America Online 9.0b\waol.exe:*:Enabled:AOL" "C:\Program Files\America Online 9.0a\waol.exe"="C:\Program Files\America Online 9.0a\waol.exe:*:Enabled:AOL" "C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader" "C:\Program Files\Common Files\AOL\1151045508\EE\aolsoftware.exe"="C:\Progr am Files\Common Files\AOL\1151045508\EE\aolsoftware.exe:*:Enabled: AOL Services" "C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLT opSpeed" "C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLT sMon" "C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe"="C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe:*:Enabled:BackWeb for Pavilion" "%windir%\system32\sessmgr.exe"="%windir%\system32 \sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32 \sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%ProgramFiles%\iTunes\iTunes.exe"="%ProgramFiles% \iTunes\iTunes.exe:*:enabled:iTunes" "C:\Program Files\America Online 9.0a\waol.exe"="C:\Program Files\America Online 9.0a\waol.exe:*:Enabled:AOL" "C:\Program Files\America Online 9.0b\waol.exe"="C:\Program Files\America Online 9.0b\waol.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\D] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480 [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{946850c5-1e27-11d9-baf0-806d6172696f}] shell\AutoRun\command - D:\setup.exe ======List of files/folders created in the last 1 months====== 2008-10-30 14:14:08 ----D---- C:\rsit 2008-10-28 21:36:32 ----D---- C:\Documents and Settings\HP_Owner\Application Data\OpenOffice.org2 2008-10-28 21:27:13 ----D---- C:\Program Files\OpenOffice.org 2.3 2008-10-28 21:26:25 ----D---- C:\Program Files\OpenOffice.org 2.3 Installation Files 2008-10-28 21:17:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2008-10-28 18:33:26 ----D---- C:\Program Files\FLV Player 2008-10-28 18:32:57 ----D---- C:\Program Files\Defraggler 2008-10-28 18:14:52 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2008-10-28 18:14:46 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$ 2008-10-28 18:14:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$ 2008-10-28 18:14:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2008-10-28 18:14:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$ 2008-10-28 18:14:14 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2008-10-28 18:14:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2008-10-28 18:14:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2008-10-28 18:13:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$ 2008-10-28 18:13:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2008-10-28 18:13:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2008-10-28 18:13:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2008-10-28 18:13:22 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2008-10-28 18:13:16 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2008-10-28 18:13:10 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$ 2008-10-28 18:07:38 ----D---- C:\WINDOWS\system32\scripting 2008-10-28 18:07:37 ----D---- C:\WINDOWS\l2schemas 2008-10-28 18:07:36 ----D---- C:\WINDOWS\system32\bits 2008-10-28 18:04:55 ----D---- C:\WINDOWS\ServicePackFiles 2008-10-28 17:58:55 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2008-10-28 17:58:44 ----D---- C:\WINDOWS\EHome 2008-10-28 17:52:34 ----N---- C:\WINDOWS\system32\wmphoto.dll 2008-10-28 17:52:32 ----N---- C:\WINDOWS\system32\wlanapi.dll 2008-10-28 17:52:30 ----N---- C:\WINDOWS\system32\windowscodecsext.dll 2008-10-28 17:52:30 ----N---- C:\WINDOWS\system32\windowscodecs.dll 2008-10-28 17:52:23 ----N---- C:\WINDOWS\system32\tspkg.dll 2008-10-28 17:52:23 ----N---- C:\WINDOWS\system32\tsgqec.dll 2008-10-28 17:52:19 ----N---- C:\WINDOWS\system32\spupdwxp.exe 2008-10-28 17:52:17 ----A---- C:\WINDOWS\system32\spdwnwxp.exe 2008-10-28 17:52:16 ----N---- C:\WINDOWS\system32\slserv.exe 2008-10-28 17:52:16 ----N---- C:\WINDOWS\system32\slrundll.exe 2008-10-28 17:52:16 ----N---- C:\WINDOWS\system32\slgen.dll 2008-10-28 17:52:16 ----N---- C:\WINDOWS\system32\slextspk.dll 2008-10-28 17:52:16 ----N---- C:\WINDOWS\slrundll.exe 2008-10-28 17:52:15 ----N---- C:\WINDOWS\system32\slcoinst.dll 2008-10-28 17:52:12 ----N---- C:\WINDOWS\system32\setupn.exe 2008-10-28 17:52:11 ----N---- C:\WINDOWS\system32\s3gnb.dll 2008-10-28 17:52:10 ----N---- C:\WINDOWS\system32\rhttpaa.dll 2008-10-28 17:52:09 ----N---- C:\WINDOWS\system32\rasqec.dll 2008-10-28 17:52:08 ----N---- C:\WINDOWS\system32\qutil.dll 2008-10-28 17:52:07 ----N---- C:\WINDOWS\system32\qcliprov.dll 2008-10-28 17:52:06 ----N---- C:\WINDOWS\system32\qagentrt.dll 2008-10-28 17:52:06 ----N---- C:\WINDOWS\system32\qagent.dll 2008-10-28 17:52:05 ----N---- C:\WINDOWS\system32\photometadatahandler.dll 2008-10-28 17:52:03 ----N---- C:\WINDOWS\system32\onex.dll 2008-10-28 17:52:00 ----N---- C:\WINDOWS\system32\nv4_disp.dll 2008-10-28 17:51:56 ----N---- C:\WINDOWS\system32\napstat.exe 2008-10-28 17:51:55 ----N---- C:\WINDOWS\system32\napmontr.dll 2008-10-28 17:51:55 ----N---- C:\WINDOWS\system32\napipsec.dll 2008-10-28 17:51:55 ----N---- C:\WINDOWS\system32\mtxparhd.dll 2008-10-28 17:51:54 ----N---- C:\WINDOWS\system32\msxml6r.dll 2008-10-28 17:51:54 ----N---- C:\WINDOWS\system32\msxml6.dll 2008-10-28 17:51:52 ----N---- C:\WINDOWS\system32\msshavmsg.dll 2008-10-28 17:51:52 ----N---- C:\WINDOWS\system32\mssha.dll 2008-10-28 17:51:39 ----N---- C:\WINDOWS\system32\mmcperf.exe 2008-10-28 17:51:38 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll 2008-10-28 17:51:38 ----N---- C:\WINDOWS\system32\mmcex.dll |
#5
|
||||
|
||||
2008-10-28 17:51:38 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dl l
2008-10-28 17:51:36 ----N---- C:\WINDOWS\system32\mdmxsdk.dll 2008-10-28 17:51:28 ----N---- C:\WINDOWS\system32\l2gpstore.dll 2008-10-28 17:51:27 ----N---- C:\WINDOWS\system32\kmsvc.dll 2008-10-28 17:51:27 ----N---- C:\WINDOWS\system32\kbdpash.dll 2008-10-28 17:51:27 ----N---- C:\WINDOWS\system32\kbdnepr.dll 2008-10-28 17:51:26 ----N---- C:\WINDOWS\system32\kbdiultn.dll 2008-10-28 17:51:26 ----N---- C:\WINDOWS\system32\kbdbhc.dll 2008-10-28 17:51:17 ----N---- C:\WINDOWS\system32\hsfcisp2.dll 2008-10-28 17:51:11 ----N---- C:\WINDOWS\system32\faxpatch.exe 2008-10-28 17:51:11 ----A---- C:\WINDOWS\002734_.tmp 2008-10-28 17:51:10 ----N---- C:\WINDOWS\system32\eapsvc.dll 2008-10-28 17:51:10 ----N---- C:\WINDOWS\system32\eapqec.dll 2008-10-28 17:51:10 ----N---- C:\WINDOWS\system32\eappprxy.dll 2008-10-28 17:51:10 ----N---- C:\WINDOWS\system32\eapphost.dll 2008-10-28 17:51:10 ----N---- C:\WINDOWS\system32\eappgnui.dll 2008-10-28 17:51:10 ----N---- C:\WINDOWS\system32\eappcfg.dll 2008-10-28 17:51:10 ----N---- C:\WINDOWS\system32\eapp3hst.dll 2008-10-28 17:51:10 ----N---- C:\WINDOWS\system32\eapolqec.dll 2008-10-28 17:51:07 ----N---- C:\WINDOWS\system32\dot3ui.dll 2008-10-28 17:51:07 ----N---- C:\WINDOWS\system32\dot3svc.dll 2008-10-28 17:51:07 ----N---- C:\WINDOWS\system32\dot3msm.dll 2008-10-28 17:51:07 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll 2008-10-28 17:51:07 ----N---- C:\WINDOWS\system32\dot3dlg.dll 2008-10-28 17:51:07 ----N---- C:\WINDOWS\system32\dot3cfg.dll 2008-10-28 17:51:06 ----N---- C:\WINDOWS\system32\dot3api.dll 2008-10-28 17:51:05 ----N---- C:\WINDOWS\system32\dimsroam.dll 2008-10-28 17:51:05 ----N---- C:\WINDOWS\system32\dimsntfy.dll 2008-10-28 17:51:05 ----N---- C:\WINDOWS\system32\dhcpqec.dll 2008-10-28 17:51:01 ----N---- C:\WINDOWS\system32\credssp.dll 2008-10-28 17:50:55 ----N---- C:\WINDOWS\system32\bitsprx4.dll 2008-10-28 17:50:54 ----N---- C:\WINDOWS\system32\azroles.dll 2008-10-28 17:50:53 ----N---- C:\WINDOWS\system32\ativvaxx.dll 2008-10-28 17:50:53 ----N---- C:\WINDOWS\system32\ativtmxx.dll 2008-10-28 17:50:52 ----N---- C:\WINDOWS\system32\ati3duag.dll 2008-10-28 17:50:52 ----N---- C:\WINDOWS\system32\ati3d1ag.dll 2008-10-28 17:50:52 ----N---- C:\WINDOWS\system32\ati2dvag.dll 2008-10-28 17:50:52 ----N---- C:\WINDOWS\system32\ati2dvaa.dll 2008-10-28 17:50:52 ----N---- C:\WINDOWS\system32\ati2cqag.dll 2008-10-28 17:50:46 ----N---- C:\WINDOWS\system32\aaclient.dll 2008-10-28 17:05:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$ 2008-10-28 17:05:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$ 2008-10-28 17:05:05 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$ 2008-10-28 17:04:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$ 2008-10-28 17:04:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$ 2008-10-28 17:04:45 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$ 2008-10-28 17:04:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$ 2008-10-28 17:04:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$ 2008-10-28 17:03:58 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$ 2008-10-28 17:03:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$ 2008-10-28 17:02:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$ 2008-10-28 17:02:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$ 2008-10-28 17:01:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$ 2008-10-28 17:01:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$ 2008-10-28 17:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$ 2008-10-28 17:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$ 2008-10-28 17:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$ 2008-10-28 17:01:19 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$ 2008-10-28 00:58:24 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2008-10-28 00:23:58 ----RHD---- C:\$VAULT$.AVG 2008-10-28 00:14:20 ----D---- C:\Documents and Settings\HP_Owner\Application Data\AVG7 2008-10-28 00:13:46 ----D---- C:\Documents and Settings\All Users\Application Data\Grisoft 2008-10-28 00:13:46 ----D---- C:\Documents and Settings\All Users\Application Data\avg7 2008-10-27 23:59:15 ----D---- C:\Documents and Settings\HP_Owner\Application Data\Malwarebytes 2008-10-27 23:58:59 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-10-27 22:05:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2008-10-27 22:05:42 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-10-27 22:01:25 ----D---- C:\Program Files\Trend Micro 2008-10-27 22:00:54 ----D---- C:\Program Files\SpywareBlaster 2008-10-24 18:03:20 ----D---- C:\Program Files\CCleaner 2008-10-24 17:28:55 ----A---- C:\WINDOWS\system32\hidserv.dll ======List of files/folders modified in the last 1 months====== 2008-10-30 14:12:34 ----D---- C:\WINDOWS\Temp 2008-10-30 14:12:33 ----D---- C:\WINDOWS 2008-10-28 22:02:25 ----SHD---- C:\System Volume Information 2008-10-28 22:02:25 ----D---- C:\WINDOWS\system32\Restore 2008-10-28 22:01:14 ----D---- C:\Program Files 2008-10-28 21:59:02 ----HD---- C:\Program Files\InstallShield Installation Information 2008-10-28 21:59:02 ----D---- C:\WINDOWS\system32 2008-10-28 21:56:08 ----HD---- C:\WINDOWS\inf 2008-10-28 21:56:08 ----DC---- C:\WINDOWS\system32\DRVSTORE 2008-10-28 21:56:08 ----D---- C:\WINDOWS\system32\drivers 2008-10-28 21:47:36 ----D---- C:\WINDOWS\pss 2008-10-28 21:28:40 ----SHD---- C:\WINDOWS\Installer 2008-10-28 21:28:36 ----HD---- C:\Config.Msi 2008-10-28 21:27:43 ----RSD---- C:\WINDOWS\Fonts 2008-10-28 21:25:28 ----D---- C:\Program Files\Mozilla Firefox 2008-10-28 21:18:00 ----D---- C:\WINDOWS\system32\CatRoot 2008-10-28 21:17:35 ----RSHD---- C:\WINDOWS\system32\dllcache 2008-10-28 21:16:59 ----D---- C:\WINDOWS\system32\RTCOM 2008-10-28 21:16:01 ----HD---- C:\WINDOWS\$hf_mig$ 2008-10-28 21:07:12 ----D---- C:\WINDOWS\Prefetch 2008-10-28 21:04:12 ----D---- C:\WINDOWS\system32\CatRoot2 2008-10-28 20:23:06 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-10-28 20:15:43 ----D---- C:\Program Files\Common Files 2008-10-28 19:59:56 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-10-28 18:51:33 ----D---- C:\Documents and Settings\HP_Owner\Application Data\Lavasoft 2008-10-28 18:47:42 ----D---- C:\WINDOWS\pchealth 2008-10-28 18:47:42 ----D---- C:\Program Files\MSN Messenger 2008-10-28 18:47:41 ----D---- C:\Program Files\Common Files\Microsoft Shared 2008-10-28 18:43:15 ----D---- C:\Program Files\Microsoft Office 2008-10-28 18:43:08 ----D---- C:\Program Files\Common Files\System 2008-10-28 18:42:13 ----A---- C:\WINDOWS\win.ini 2008-10-28 18:37:21 ----D---- C:\Program Files\Spybot - Search & Destroy 2008-10-28 18:26:40 ----D---- C:\WINDOWS\Debug 2008-10-28 18:21:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2008-10-28 18:18:44 ----D---- C:\WINDOWS\system32\Setup 2008-10-28 18:18:44 ----D---- C:\WINDOWS\ime 2008-10-28 18:18:44 ----D---- C:\WINDOWS\AppPatch 2008-10-28 18:18:43 ----D---- C:\WINDOWS\system32\wbem 2008-10-28 18:18:05 ----D---- C:\WINDOWS\security 2008-10-28 18:13:18 ----D---- C:\Program Files\Messenger 2008-10-28 18:07:58 ----D---- C:\WINDOWS\WinSxS 2008-10-28 18:07:52 ----D---- C:\WINDOWS\network diagnostic 2008-10-28 18:07:51 ----D---- C:\WINDOWS\Help 2008-10-28 18:07:39 ----D---- C:\WINDOWS\system32\usmt 2008-10-28 18:07:39 ----D---- C:\WINDOWS\system32\en-US 2008-10-28 18:07:37 ----AD---- C:\WINDOWS\system32\en 2008-10-28 18:07:36 ----D---- C:\WINDOWS\PeerNet 2008-10-28 18:07:36 ----D---- C:\Program Files\Movie Maker 2008-10-28 18:04:51 ----D---- C:\WINDOWS\system32\npp 2008-10-28 18:04:50 ----D---- C:\WINDOWS\msagent 2008-10-28 18:04:49 ----D---- C:\WINDOWS\srchasst 2008-10-28 18:04:48 ----D---- C:\Program Files\NetMeeting 2008-10-28 18:04:47 ----D---- C:\WINDOWS\system32\Com 2008-10-28 18:04:45 ----D---- C:\Program Files\Windows Media Player 2008-10-28 18:04:44 ----D---- C:\Program Files\Windows NT 2008-10-28 18:04:44 ----D---- C:\Program Files\Outlook Express 2008-10-28 18:04:29 ----D---- C:\WINDOWS\system32\oobe 2008-10-28 18:04:27 ----D---- C:\WINDOWS\system 2008-10-28 18:02:15 ----D---- C:\WINDOWS\system32\ReinstallBackups 2008-10-28 17:04:36 ----D---- C:\Program Files\Internet Explorer 2008-10-28 10:59:51 ----D---- C:\Documents and Settings\HP_Owner\Application Data\Mozilla 2008-10-28 10:56:54 ----D---- C:\Program Files\Online Services 2008-10-28 10:39:26 ----D---- C:\Program Files\Common Files\{7C44673F-0BF9-1033-0216-050823200001} 2008-10-28 08:57:56 ----D---- C:\WINDOWS\Minidump 2008-10-28 08:29:37 ----HD---- C:\temp 2008-10-28 00:36:04 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2008-10-28 00:24:05 ----D---- C:\Program Files\kernel 2008-10-28 00:23:59 ----D---- C:\Program Files\?dobe 2008-10-28 00:22:56 ----D---- C:\WINDOWS\system32\??pPatch 2008-10-28 00:17:11 ----D---- C:\WINDOWS\SoftwareDistribution 2008-10-28 00:05:06 ----SD---- C:\WINDOWS\Tasks 2008-10-27 23:57:07 ----D---- C:\Program Files\RcvSystem 2008-10-27 21:44:35 ----SHD---- C:\RECYCLER 2008-10-27 21:41:26 ----D---- C:\Documents and Settings 2008-10-24 17:56:13 ----SH---- C:\WINDOWS\system32\edkkabde.ini 2008-10-15 09:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll 2008-10-07 12:19:42 ----A---- C:\WINDOWS\system32\MRT.exe 2008-10-03 10:41:15 ----A---- C:\WINDOWS\system32\ieframe.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2005-12-02 43672] R1 Avg7Core;AVG7 Kernel; C:\WINDOWS\System32\Drivers\avg7core.sys [2008-10-28 821856] R1 Avg7RsW;AVG7 Wrap Driver; C:\WINDOWS\System32\Drivers\avg7rsw.sys [2007-03-02 4224] R1 Avg7RsXP;AVG7 Resident Driver XP; C:\WINDOWS\System32\Drivers\avg7rsxp.sys [2007-03-02 27776] R1 AvgClean;AVG7 Clean Driver; C:\WINDOWS\System32\Drivers\avgclean.sys [2008-10-28 10760] R1 DcCam;Kodak Camera Proxy; C:\WINDOWS\system32\DRIVERS\DcCam.sys [2004-05-20 36918] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352] R2 AvgTdi;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdi.sys [2007-03-02 4960] R2 CdaD10BA;CdaD10BA; \??\C:\WINDOWS\system32\drivers\CdaD10BA.SYS [] R2 DCFS2K;Kodak DCFS2K Driver; C:\WINDOWS\system32\drivers\dcfs2k.sys [2004-06-02 38705] R2 MCSTRM;MCSTRM; C:\WINDOWS\system32\drivers\MCSTRM.sys [2007-09-18 8413] R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776] R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776] R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2004-09-14 13872] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-11-02 773565] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-23 3966976] R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060] R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368] R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2001-06-04 14112] R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-02-25 105088] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588] S1 Exportit;Exportit; C:\WINDOWS\system32\DRIVERS\exportit.sys [2004-07-07 152049] S3 DcFpoint;DcFpoint; C:\WINDOWS\system32\DRIVERS\DcFpoint.sys [2004-05-20 61564] S3 DcLps;Legacy Polling Service; C:\WINDOWS\system32\DRIVERS\DcLps.sys [2004-05-20 8022] S3 DcPTP;dcptp; C:\WINDOWS\system32\DRIVERS\DcPTP.sys [2004-07-07 70070] S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-18 113664] S3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-03-18 51088] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-03-18 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-03-18 21744] S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160] S3 passthru;Service; C:\WINDOWS\system32\DRIVERS\ndisio.sys [] S3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [] S3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2002-10-04 46976] S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AOL ACS;AOL Connectivity Service; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [2005-04-18 46680] R2 AOL TopSpeedMonitor;AOL TopSpeed Monitor; C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe [2004-10-15 100016] R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94 B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376] R2 KodakCCS;Kodak Camera Connection Software; C:\WINDOWS\system32\drivers\KodakCCS.exe [2004-05-24 322104] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2008-03-18 13312] S2 Avg7Alrt;AVG7 Alert Manager Server; C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe [2008-10-28 418816] S2 Avg7UpdSvc;AVG7 Update Service; C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe [2007-03-02 49664] S2 AVGEMS;AVG E-mail Scanner; C:\PROGRA~1\Grisoft\AVG7\avgemc.exe [2008-10-28 406528] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspne t_state.exe [2004-07-15 32768] S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-06-26 654848] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-02 138168] |
#6
|
||||
|
||||
info.txt logfile of random's system information tool 1.04 2008-10-30 14:14:22
======Uninstall list====== -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Acoustica Beatcraft-->C:\PROGRA~1\ACOUST~1\UNWISE.EXE C:\PROGRA~1\ACOUST~1\INSTALL.LOG Acoustica Effects Pack-->C:\PROGRA~1\UNWISE.EXE C:\PROGRA~1\INSTALL.LOG Adobe Acrobat - Reader 6.0.2 Update-->MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01} Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E} Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6 ab2e\Setup.exe Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF} Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8} Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\5bc0f8414ec36c555a3e7e5ec2e 225e\Setup.exe Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{1BCEA516-B4C5-4B2D-BFA0-AB7910BAD862} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_acti veX.exe Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plug in.exe Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb91 9b58\Setup.exe Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05} Adobe Reader 6.0.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001} Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1} Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462} Adobe Setup-->MsiExec.exe /I{D504303A-717D-414C-BA9F-FE01093E2EF8} Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EX E C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} Agere Systems PCI Soft Modem-->agrsmdel AOL Coach Version 2.0(Build:20041026.5 en)-->C:\Program Files\Common Files\AolCoach\en_en\AolCInUn.exe -lang=en_en -ext=UDP AOL Uninstaller (Choose which Products to Remove)-->C:\Program Files\Common Files\AOL\uninstaller.exe AOL You've Got Pictures Screensaver-->C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exe ArcSoft Media Card Companion-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3580211E-3BB7-42C0-ADC3-9A8C1EFFF2CB}\SETUP.EXE" -l0x9 ArcSoft MediaConverter 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFF08881-43E4-4082-91C4-0E17F82E849D}\setup.exe" -l0x9 ArcSoft MediaConverter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E5BD1F9C-8BBA-410E-837D-94D523269F8F}\SETUP.EXE" -l0x9 ArcSoft PhotoImpression 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93F599DF-519B-4706-A3F1-9530DF2590B4}\SETUP.EXE" -l0x9 AudibleManager-->C:\Program Files\Audible\Bin\Upgrade.exe /Uninstall AVG 7.5-->C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL Best Buy Digital Music Store-->C:\PROGRA~1\BESTBU~1\Unwise32.exe /A C:\PROGRA~1\BESTBU~1\install.log Best Buy Rhapsody-->C:\PROGRA~1\BESTBU~1\Unwise32.exe /A C:\PROGRA~1\BESTBU~1\install.log BlackjackCD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CDE5EB49-08A7-4AA5-9E72-C8D0A0C786F7}\setup.exe" -l0x9 Camera Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D1B3874F-3057-11D6-B2EA-0050BA18806B}\Setup.exe" Card and Board Games-->C:\PROGRA~1\eGames\CARDAN~1\UNWISE.EXE C:\PROGRA~1\eGames\CARDAN~1\INSTALL.LOG CardRd81-->MsiExec.exe /I{54C8FE84-89C4-40E8-976C-439EB0729BD6} CCHelp-->MsiExec.exe /I{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04} CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992} CR2-->MsiExec.exe /I{432C3720-37BF-4BD7-8E49-F38E090246D0} Defraggler (remove only)-->"C:\Program Files\Defraggler\uninst.exe" DV TS-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{54266945-8A11-424D-B20F-4F747A714FBA}\Setup.exe" Easy Internet Sign-up-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\I Driver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033 eGames GameButler-->C:\PROGRA~1\eGames\GAMEBU~1\UNWISE.EXE C:\PROGRA~1\eGames\GAMEBU~1\INSTALL.LOG ESSAdpt-->MsiExec.exe /I{D15E9DB5-6BEB-4534-901E-80C0A29BAB97} ESSANUP-->MsiExec.exe /I{A6F18A67-B771-4191-8A33-36D2E742D6D9} ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6} ESSCAM-->MsiExec.exe /I{469730CC-78DF-4CD3-B286-562D459EA619} ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD} ESScore-->MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4} ESSCT-->MsiExec.exe /I{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8} ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A} ESShelp-->MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD} ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765} ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5} ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091} ESSSONIC-->MsiExec.exe /I{4F677FC7-7AA8-412B-A957-F13CBE1C7331} ESSTUTOR-->MsiExec.exe /I{CA60320D-6A16-49C8-A34F-84EEF4799567} ESSvpaht-->MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69} ESSvpot-->MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1} EZface ActiveX 204-->C:\PROGRA~1\EZFace\ActiveX\uninst.bat 204 C:\PROGRA~1\EZFace\ActiveX FLV Player 2.0, build 24-->C:\Program Files\FLV Player\uninst.exe Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar6.dll" Help and Support Additions-->C:\PROGRA~1\HELPAN~1\UNWISE.EXE C:\PROGRA~1\HELPAN~1\INSTALL.LOG High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spun inst.exe HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall HLPCCTR-->MsiExec.exe /I{F2D0C1B1-80FF-46F9-BA61-33B01A07FAFC} HLPIndex-->MsiExec.exe /I{38441BE7-79B0-42B8-8297-833704F949FE} HLPPDOCK-->MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21} HLPRFO-->MsiExec.exe /I{AADAC983-FDE9-42FA-8FD9-7BB324155593} Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spunin st.exe" Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spunin st.exe" HP Deskjet Preloaded Printer Drivers-->MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878} HP Image Zone 4.5.3-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP Image Zone Plus 4.5.3-->C:\Program Files\HP\Digital Imaging\{D0420D64-8D33-4374-A2B2-9225C7925CA6}\setup\hpzscr01.exe -datfile hpdscr01.dat HP Memories Disc-->MsiExec.exe /X{D35191B3-F340-4C11-A4E0-8B09477B4302} HP Organize-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0122362-6333-4DE4-93F6-A5A2F3CC101A}\Setup.exe" UNINSTALL HP Photosmart Cameras 4.0-->C:\Program Files\HP\Digital Imaging\{4C04DF1B-6A39-4299-9DD1-1FA60000266E}\setup\hpzscr01.exe -datfile hpiscr01.dat HP PSC & OfficeJet 4.0-->"C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat HP Software Update-->MsiExec.exe /X{64FC0C98-B035-4530-B15D-3D30610B6DF1} HPIZplus450-->MsiExec.exe /X{7B98685A-4E21-4A4F-A2D6-DC557042BADA} Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2I D PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582 IntelliMover Data Transfer Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14589F05-C658-4594-9429-D437BA688686}\Setup.exe" -l0x9 Internet Lottery 1.2.0-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\SPK210.Inf, DefaultUninstall InterVideo DiscLabel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3F058C0-A21C-452D-8D99-95B1A45F417D}\setup.exe" REMOVEALL InterVideo WinDVD Creator-->"C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL InterVideo WinDVD Player-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL iTunes-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BE20E2F5-1903-4AAE-B1AF-2046E586C925} J2SE Runtime Environment 5.0 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150070} Kodak EasyShare software-->C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_9_6c01d7\Setup.ex e /APR-REMOVE KSU-->MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267} Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x9 UNINSTALL Logitech Resource Center-->C:\PROGRA~1\Logitech\RESOUR~1\rem\UNWISE.EXE C:\PROGRA~1\Logitech\RESOUR~1\rem\INSTALL.LOG Mahjongg Master 2 Special Edition-->C:\PROGRA~1\eGames\MAHJON~2\UNWISE.EXE C:\PROGRA~1\eGames\MAHJON~2\INSTALL.LOG MahJongg Master-->C:\PROGRA~1\eGames\MAHJON~1\UNWISE.EXE C:\PROGRA~1\eGames\MAHJON~1\INSTALL.LOG Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Upd ates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Upda tes\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationA PIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMa pping$\spuninst\spuninst.exe" Microsoft Picture It! Photo Creativity 2001-->MsiExec.exe /I{120E6BD1-2149-11d4-A6AD-00A0CC28D961} Microsoft Picture It! Photo Premium 2001-->MsiExec.exe /I{F629C3EE-FD92-4EDC-BE49-3228AC392993} Microsoft Plus! Dancer LE-->MsiExec.exe /X{1A103D70-5C9B-4E1A-B306-5106C68F9914} Microsoft Plus! Digital Media Edition Installer-->MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7} Microsoft Plus! Photo Story 2 LE-->MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuni nst.exe" Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44} Mozilla Firefox (3.0)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} Musicmatch® Jukebox-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x9 -uninst MysticForest-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F33EEE5-A176-4608-A81D-578472627695}\setup.exe" -l0x9 -removeonly Namo WebEditor 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF3FA287-2622-4340-AAF6-0AD29F21A691}\setup.exe" -l0x9 Nancy Drew: Secret of Shadow Ranch-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Nancy Drew\Secret of Shadow Ranch\setup.exe" -l0x9 Nancy Drew: The Creature of Kapu Cave-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\Nancy Drew\The Creature of Kapu Cave\setup.exe" -l0x9 NetBeans IDE 5.0-->C:\Program Files\netbeans-5.0\_uninst\uninstaller.exe Notifier-->MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2} OpenOffice.org 2.3-->MsiExec.exe /I{28BAF389-4421-4B88-ACCC-FBEF95F69D6D} OTtBP-->MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C} OTtBPSDK-->MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353} PCDLNCH-->MsiExec.exe /I{69BD6399-3D8F-45B7-81D9-819361F5101D} PC-Doctor for Windows-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{0C66761E-497A-4BE3-AE0D-8EC30FC9A9AA} /l1033 PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} Photosmart 140,240,7200,7600,7700,7900 Series-->c:\Program Files\HP\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\setup\hpzscr01.exe -datfile hphscr01.dat Photosmart 320,370,7400,8100,8400 Series-->C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\setup\hpzscr01.exe -datfile hphscr01.dat PS2-->C:\WINDOWS\system32\ps2.exe uninstall Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log" Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG Quicken 2005-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\I Driver.exe /M{2DBE41DD-2129-4C65-A3D3-5647236A60F3} anything QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Realtek High Definition Audio Driver-->RtlUpd.exe -r Reason 3.0-->"C:\Program Files\Propellerhead\Reason\Uninstall Reason\unins000.exe" Reel Deal Slots 2nd Volume-->"c:\Program Files\Phantom\Reel Deal Slots 2nd Volume\unins000.exe" Rhapsody Player Engine-->MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spunin st.exe" Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\ spuninst.exe" Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\ spuninst.exe" Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spunin st.exe" Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spunin st.exe" Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spunin st.exe" Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spunin st.exe" Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spunin st.exe" Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spunin st.exe" |
#7
|
||||
|
||||
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spunin st.exe" Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spunin st.exe" Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spunin st.exe" Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spunin st.exe" Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spunin st.exe" Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spunin st.exe" Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spunin st.exe" Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spunin st.exe" Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spunin st.exe" SFR-->MsiExec.exe /I{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314} SFR2-->MsiExec.exe /I{A0AF08BA-3630-4505-BFB2-A41F3837B0D0} Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EX E C:\WINDOWS\system32\Macromed\SHOCKW~1\INSTALL.LOG SimCity 3000-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Maxis\SimCity 3000\Uninst.isu" Slingo Wild 7's-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6105C9EA-FFC3-484A-950A-90F48CD7C73E}\setup.exe" -l0x9 Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe" The Sims Complete Collection-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}\setup.exe" -l0x9 -l0009 Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spunin st.exe" Updates from HP-->C:\WINDOWS\BWUnin-6.3.2.62.exe -AppId 309731 VCAMCEN-->MsiExec.exe /I{10E98E14-832C-4AF7-A4D1-6A9EF83B282E} Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u Virtools 3D Life Player-->C:\Program Files\Virtools\3D Life Player\WebplayerConfig.exe -u VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuni nst.exe" Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spu ninst.exe" Word Skramble-->C:\PROGRA~1\eGames\WORDSK~1\UNWISE.EXE C:\PROGRA~1\eGames\WORDSK~1\INSTALL.LOG Word Wiz-->C:\PROGRA~1\eGames\WORDWI~1\UNWISE.EXE C:\PROGRA~1\eGames\WORDWI~1\INSTALL.LOG =====HijackThis Backups===== O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing) O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.listen.com O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing) ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: AVG 7.5.549 ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemR oot%\System32\Wbem;c:\Python22;C:\Program Files\PC-Doctor for Windows\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel "PROCESSOR_REVISION"=0401 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;. WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- |
#8
|
||||
|
||||
I can see you have already had Malwarebytes remove quite a bit of the active parts of the infection. Let's make other changes then scan after.
First follow the steps here to disable SpyBot's TeaTimer, as it will interfere with the repairs. Be sure to do all the steps, including the required reboot. If you have any difficulties accomplishing those then please go ahead and uninstall SpyBot - TeaTimer has been causing too many problems in repairs to make it worth any extra effort while we do them. You can always reinstall it after if you choose to. Then To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. Download OTMoveIt3 by OldTimer to your desktop. Then click OTMoveIt3.exe to run it (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator"). Copy the file path(s) below to the clipboard by highlighting ALL of them and pressing CTRL + C, or right-click and choose Copy): Code:
:files C:\Documents and Settings\All Users\Application Data\TEMP C:\Program Files\kernel C:\Program Files\?dobe /u C:\WINDOWS\system32\??pPatch /u C:\Program Files\RcvSystem C:\RECYCLER C:\WINDOWS\system32\edkkabde.ini :reg [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "Authentication Packages"=hex(7):6d,00,73,00,76,00,31,00,5f,00,30,00,00,00,00,\ 00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="" [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtqpmk] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Cxhjvv"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "{7C44673F-0BF9-1033-0216-050823200001}"=- A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder, in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply. If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose "Yes". ----------- Then Go here and run the Kaspersky online scan, and post back the log it creates. To use the scan, accept the agreement and make sure you allow the ActiveX object to download and install (check the "yellow bar" at the top if needed to allow this). Once the Database download is completed, under Scan in the left column click My Computer to start the scan. This may take a very long time, so allow the scan to run and perhaps find something else to do. When the scan completes click View Scan Report. Then click Save Report As, and using the dropdown box save the report as "Files of Type: -> Text file (.txt)" to a location where you can find it again. Use any name you wish for the log. Then locate that log and copy/paste those contents back here please. Post back that log, the OTMoveIt log and a new RSIT log please. |
#9
|
||||
|
||||
It looks like I have copies of the sytem files that have been moved. Everything works OK. Im not going to be able to get to the Kapersky scan until later. Has this solved most of the problem?
========== FILES ========== File/Folder C:\Documents and Settings\All Users\Application Data\TEMP not found. File/Folder C:\Program Files\kernel not found. File/Folder C:\Program Files\?dobe not found. Folder move failed. C:\WINDOWS\system32\ΑрpPatch scheduled to be moved on reboot. File/Folder C:\Program Files\RcvSystem not found. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009\Dc69\Con Banda Grandes Exitos moved successfully. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009\Dc69 moved successfully. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009\Dc68\Un-Break My Heart_ The Remix Collection moved successfully. Folder move failed. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009\Dc68\Ultimate Toni Braxton scheduled to be moved on reboot. Folder move failed. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009\Dc68\Toni Braxton scheduled to be moved on reboot. Folder move failed. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009\Dc68\The Heat scheduled to be moved on reboot. Folder move failed. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009\Dc68\Secrets scheduled to be moved on reboot. Folder move failed. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009\Dc68\Platinum & Gold Collection scheduled to be moved on reboot. Folder move failed. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009\Dc68\More Than A Woman scheduled to be moved on reboot. Folder move failed. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009\Dc68 scheduled to be moved on reboot. Folder move failed. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009 scheduled to be moved on reboot. C:\RECYCLER\S-1-5-21-205159755-1399173751-3437419066-500\Dc4.com\AntiVirusPro\BrowserObjects moved successfully. C:\RECYCLER\S-1-5-21-205159755-1399173751-3437419066-500\Dc4.com\AntiVirusPro\Autorun\StartMenuCurrentU ser moved successfully. C:\RECYCLER\S-1-5-21-205159755-1399173751-3437419066-500\Dc4.com\AntiVirusPro\Autorun\StartMenuAllUsers moved successfully. C:\RECYCLER\S-1-5-21-205159755-1399173751-3437419066-500\Dc4.com\AntiVirusPro\Autorun\HKLMRun\RunOnceEx moved successfully. C:\RECYCLER\S-1-5-21-205159755-1399173751-3437419066-500\Dc4.com\AntiVirusPro\Autorun\HKLMRun\RunOnce moved successfully. C:\RECYCLER\S-1-5-21-205159755-1399173751-3437419066-500\Dc4.com\AntiVirusPro\Autorun\HKLMRun moved successfully. C:\RECYCLER\S-1-5-21-205159755-1399173751-3437419066-500\Dc4.com\AntiVirusPro\Autorun\HKCURun\RunOnceEx moved successfully. C:\RECYCLER\S-1-5-21-205159755-1399173751-3437419066-500\Dc4.com\AntiVirusPro\Autorun\HKCURun\RunOnce moved successfully. C:\RECYCLER\S-1-5-21-205159755-1399173751-3437419066-500\Dc4.com\AntiVirusPro\Autorun\HKCURun moved successfully. C:\RECYCLER\S-1-5-21-205159755-1399173751-3437419066-500\Dc4.com\AntiVirusPro\Autorun moved successfully. C:\RECYCLER\S-1-5-21-205159755-1399173751-3437419066-500\Dc4.com\AntiVirusPro moved successfully. C:\RECYCLER\S-1-5-21-205159755-1399173751-3437419066-500\Dc4.com moved successfully. C:\RECYCLER\S-1-5-21-205159755-1399173751-3437419066-500 moved successfully. C:\RECYCLER\S-1-5-21-205159755-1399173751-3437419066-1010 moved successfully. C:\RECYCLER\S-1-5-21-205159755-1399173751-3437419066-1009 moved successfully. C:\RECYCLER\S-1-5-21-1894439395-1094390820-1578581422-1003 moved successfully. Folder move failed. C:\RECYCLER scheduled to be moved on reboot. C:\WINDOWS\system32\edkkabde.ini moved successfully. ========== REGISTRY ========== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Lsa\\"Authentication Packages"|hex(7):6d,00,73,00,76,00,31,00,5f,00,30, 00,00,00,00,00 /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLS"|"" /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtqpmk\\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD\\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility\\ deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run\\Cxhjvv deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\Explorer\Run\\{7C44673F-0BF9-1033-0216-050823200001} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C44673 F-0BF9-1033-0216-050823200001}\ not found. OTMoveIt3 by OldTimer - Version 1.0.7.0 log created on 10312008_132626 |
#10
|
||||
|
||||
I tried it again seeing as it failed on some things.
========== FILES ========== File/Folder C:\Documents and Settings\All Users\Application Data\TEMP not found. File/Folder C:\Program Files\kernel not found. File/Folder C:\Program Files\?dobe not found. File/Folder C:\WINDOWS\system32\??pPatch not found. File/Folder C:\Program Files\RcvSystem not found. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009\Dc68\Ultimate Toni Braxton moved successfully. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009\Dc68\Toni Braxton moved successfully. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009\Dc68\The Heat moved successfully. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009\Dc68\Secrets moved successfully. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009\Dc68\Platinum & Gold Collection moved successfully. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009\Dc68\More Than A Woman moved successfully. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009\Dc68 moved successfully. C:\RECYCLER\S-1-5-21-2748297833-3040879727-769956929-1009 moved successfully. C:\RECYCLER\S-1-5-21-205159755-1399173751-3437419066-1009 moved successfully. C:\RECYCLER moved successfully. File/Folder C:\WINDOWS\system32\edkkabde.ini not found. ========== REGISTRY ========== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Lsa\\"Authentication Packages"|hex(7):6d,00,73,00,76,00,31,00,5f,00,30, 00,00,00,00,00 /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLS"|"" /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtqpmk\\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD\\ not found. Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility\\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run\\Cxhjvv not found. OTMoveIt3 by OldTimer - Version 1.0.7.0 log created on 10312008_170322 |
#11
|
||||
|
||||
Active malware files and functions are diminished in log views, but I couldn't say all issues are resolved until we verify that. Go ahead and complete the Kaspersky scan and post that along with the new RSIT log please.
|
#12
|
||||
|
||||
Kapersky won't be done until tomorrow. Only one wireless card, 2 PCs. sry
Logfile of random's system information tool 1.04 (written by random/random) Run by HP_Owner at 2008-10-31 19:17:13 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 139 GB (76%) free of 184 GB Total RAM: 503 MB (25% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:17:24 PM, on 10/31/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\agrsmsvc.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\AOL\1151045508\ee\AOLSoftware.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\WINDOWS\ALCMTR.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe C:\Documents and Settings\HP_Owner\My Documents\Installers\RSIT.exe C:\Program Files\Trend Micro\HijackThis\HP_Owner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.kodak.com/go/regeasyshare...DORIGIN=SKU110 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = actsvr.comcastonline.com:8100 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = actsvr.comcastonline.com;*.local F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, \s, O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar6.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\sw g.dll O2 - BHO: (no name) - {F92A8F98-AE62-4897-9DC2-E31EC007456D} - (no file) O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar6.dll O3 - Toolbar: (no name) - {6E90A503-DDFD-4CC5-9628-0391A05E7212} - (no file) O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1151045508\ee\AOLSoftware.exe O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O4 - Global Startup: Monitor.lnk = C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/pla.../installer.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 7363 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\HP Usg Daily.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll [2006-05-03 434279] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar6.dll [2007-01-19 2403392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\sw g.dll [2008-10-28 737776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{F92A8F98-AE62-4897-9DC2-E31EC007456D}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - HP view - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll [2003-11-21 98304] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar6.dll [2007-01-19 2403392] {6E90A503-DDFD-4CC5-9628-0391A05E7212} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run] "HostManager"=C:\Program Files\Common Files\AOL\1151045508\ee\AOLSoftware.exe [2006-03-08 48280] "IPHSend"=C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe [2006-03-27 126104] "AVG7_CC"=C:\PROGRA~1\Grisoft\AVG7\avgcc.exe [2008-10-28 590848] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-09-21 86016] "AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2005-09-21 2807808] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe [2007-08-02 68856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acme.PCHButton] C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\PCHBu tton.exe [2005-03-10 159744] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe [2004-06-29 88363] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd] C:\WINDOWS\ALCWZRD.EXE [2005-09-21 2807808] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut] C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-18 61952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe [2004-11-02 126976] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 9.exe [2004-05-04 176128] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon05] C:\WINDOWS\system32\hphmon05.exe [2004-05-04 491520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06] C:\WINDOWS\system32\hphmon06.exe [2004-06-07 659456] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05] C:\Program Files\HP\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe [2004-03-31 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe [2004-06-07 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv] c:\windows\system\hpsysdrv.exe [1998-05-07 52736] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2004-10-14 278528] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2004-10-14 253952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe [] |
#13
|
||||
|
||||
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
C:\WINDOWS\system32\ps2.exe [2004-10-25 90112] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE [2004-04-14 233472] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder] C:\Windows\Creator\Remind_XP.exe [2004-12-14 663552] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] C:\WINDOWS\SOUNDMAN.EXE [2005-09-21 86016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2004-11-05 258048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk] C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE [2005-03-10 757760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak software updater.lnk] C:\PROGRA~1\Kodak\KODAKS~1\7288971\Program\KODAKS~ 1.EXE [2004-02-13 16423] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk] C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMC onf.exe [2006-03-12 169472] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk] C:\PROGRA~1\UPDATE~1\309731\Program\UPDATE~1.EXE [2005-03-10 45056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Owner^Start Menu^Programs^Startup^OpenOffice.org 2.3.lnk] C:\PROGRA~1\OPENOF~1.3\program\QUICKS~1.EXE [2007-08-17 393216] C:\Documents and Settings\All Users\Start Menu\Programs\Startup Monitor.lnk - C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxsrvc.dll [2004-11-02 348160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoActiveDesktop"=0 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list] "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Common Files\AOL\1151045508\EE\aim6.exe"="C:\Program Files\Common Files\AOL\1151045508\EE\aim6.exe:*:Enabled:AIM" "C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer" "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealP layer" "C:\Program Files\Rhapsody\rhapsody.exe"="C:\Program Files\Rhapsody\rhapsody.exe:*:Enabled:RealNetworks Rhapsody" "C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.e xe" "C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr .exe" "C:\Program Files\Grisoft\AVG7\avgemc.exe"="C:\Program Files\Grisoft\AVG7\avgemc.exe:*:Enabled:avgemc.exe " "C:\Program Files\Namo\WebEditor 6\bin\WebEditor.exe"="C:\Program Files\Namo\WebEditor 6\bin\WebEditor.exe:*:Enabled:Namo WebEditor 6.0" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\yqkolvqr.exe"="C:\WINDOWS\sys tem32\yqk" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*isabled:Bonjour " "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*isabled:Earthlink" "C:\Documents and Settings\HP_Owner\bjryd.exe"="C:\Documents and Settings\HP_Owner\bjryd.exe:*isabled:ENABLE" "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\syst em32\sessmgr.exe:*isabled:@xpsp2res.dll,-22019" "C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe"="C:\Prog ram Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled :AOL" "C:\Program Files\Common Files\AOL\System Information\sinf.exe"="C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\1151045508\EE\AOLServiceHost.exe"="C:\Pr ogram Files\Common Files\AOL\1151045508\EE\AOLServiceHost.exe:*:Enabl ed:AOL" "C:\Program Files\Common Files\AOL\1139285104\EE\AOLServiceHost.exe"="C:\Pr ogram Files\Common Files\AOL\1139285104\EE\AOLServiceHost.exe:*:Enabl ed:AOL" "C:\Program Files\America Online 9.0c\waol.exe"="C:\Program Files\America Online 9.0c\waol.exe:*:Enabled:AOL" "C:\Program Files\America Online 9.0b\waol.exe"="C:\Program Files\America Online 9.0b\waol.exe:*:Enabled:AOL" "C:\Program Files\America Online 9.0a\waol.exe"="C:\Program Files\America Online 9.0a\waol.exe:*:Enabled:AOL" "C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader" "C:\Program Files\Common Files\AOL\1151045508\EE\aolsoftware.exe"="C:\Progr am Files\Common Files\AOL\1151045508\EE\aolsoftware.exe:*:Enabled: AOL Services" "C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLT opSpeed" "C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLT sMon" "C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe"="C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe:*:Enabled:BackWeb for Pavilion" "%windir%\system32\sessmgr.exe"="%windir%\system32 \sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32 \sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%ProgramFiles%\iTunes\iTunes.exe"="%ProgramFiles% \iTunes\iTunes.exe:*:enabled:iTunes" "C:\Program Files\America Online 9.0a\waol.exe"="C:\Program Files\America Online 9.0a\waol.exe:*:Enabled:AOL" "C:\Program Files\America Online 9.0b\waol.exe"="C:\Program Files\America Online 9.0b\waol.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\D] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480 [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{6cbb477c-62bc-11da-ab3f-806d6172696f}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480 [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{946850c5-1e27-11d9-baf0-806d6172696f}] shell\AutoRun\command - D:\setup.exe ======List of files/folders created in the last 1 months====== 2008-10-31 17:06:51 ----SHD---- C:\RECYCLER 2008-10-30 14:14:08 ----D---- C:\rsit 2008-10-28 21:36:32 ----D---- C:\Documents and Settings\HP_Owner\Application Data\OpenOffice.org2 2008-10-28 21:27:13 ----D---- C:\Program Files\OpenOffice.org 2.3 2008-10-28 21:26:25 ----D---- C:\Program Files\OpenOffice.org 2.3 Installation Files 2008-10-28 21:17:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2008-10-28 18:33:26 ----D---- C:\Program Files\FLV Player 2008-10-28 18:32:57 ----D---- C:\Program Files\Defraggler 2008-10-28 18:14:52 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2008-10-28 18:14:46 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$ 2008-10-28 18:14:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$ 2008-10-28 18:14:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2008-10-28 18:14:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$ 2008-10-28 18:14:14 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2008-10-28 18:14:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2008-10-28 18:14:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2008-10-28 18:13:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$ 2008-10-28 18:13:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2008-10-28 18:13:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2008-10-28 18:13:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2008-10-28 18:13:22 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2008-10-28 18:13:16 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2008-10-28 18:13:10 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$ 2008-10-28 18:07:38 ----D---- C:\WINDOWS\system32\scripting 2008-10-28 18:07:37 ----D---- C:\WINDOWS\l2schemas 2008-10-28 18:07:36 ----D---- C:\WINDOWS\system32\bits 2008-10-28 18:04:55 ----D---- C:\WINDOWS\ServicePackFiles 2008-10-28 17:58:55 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2008-10-28 17:58:44 ----D---- C:\WINDOWS\EHome 2008-10-28 17:52:34 ----N---- C:\WINDOWS\system32\wmphoto.dll 2008-10-28 17:52:32 ----N---- C:\WINDOWS\system32\wlanapi.dll 2008-10-28 17:52:30 ----N---- C:\WINDOWS\system32\windowscodecsext.dll 2008-10-28 17:52:30 ----N---- C:\WINDOWS\system32\windowscodecs.dll 2008-10-28 17:52:23 ----N---- C:\WINDOWS\system32\tspkg.dll 2008-10-28 17:52:23 ----N---- C:\WINDOWS\system32\tsgqec.dll 2008-10-28 17:52:19 ----N---- C:\WINDOWS\system32\spupdwxp.exe 2008-10-28 17:52:17 ----A---- C:\WINDOWS\system32\spdwnwxp.exe 2008-10-28 17:52:16 ----N---- C:\WINDOWS\system32\slserv.exe 2008-10-28 17:52:16 ----N---- C:\WINDOWS\system32\slrundll.exe 2008-10-28 17:52:16 ----N---- C:\WINDOWS\system32\slgen.dll 2008-10-28 17:52:16 ----N---- C:\WINDOWS\system32\slextspk.dll 2008-10-28 17:52:16 ----N---- C:\WINDOWS\slrundll.exe 2008-10-28 17:52:15 ----N---- C:\WINDOWS\system32\slcoinst.dll 2008-10-28 17:52:12 ----N---- C:\WINDOWS\system32\setupn.exe 2008-10-28 17:52:11 ----N---- C:\WINDOWS\system32\s3gnb.dll 2008-10-28 17:52:10 ----N---- C:\WINDOWS\system32\rhttpaa.dll 2008-10-28 17:52:09 ----N---- C:\WINDOWS\system32\rasqec.dll 2008-10-28 17:52:08 ----N---- C:\WINDOWS\system32\qutil.dll 2008-10-28 17:52:07 ----N---- C:\WINDOWS\system32\qcliprov.dll 2008-10-28 17:52:06 ----N---- C:\WINDOWS\system32\qagentrt.dll 2008-10-28 17:52:06 ----N---- C:\WINDOWS\system32\qagent.dll 2008-10-28 17:52:05 ----N---- C:\WINDOWS\system32\photometadatahandler.dll 2008-10-28 17:52:03 ----N---- C:\WINDOWS\system32\onex.dll 2008-10-28 17:52:00 ----N---- C:\WINDOWS\system32\nv4_disp.dll 2008-10-28 17:51:56 ----N---- C:\WINDOWS\system32\napstat.exe 2008-10-28 17:51:55 ----N---- C:\WINDOWS\system32\napmontr.dll 2008-10-28 17:51:55 ----N---- C:\WINDOWS\system32\napipsec.dll 2008-10-28 17:51:55 ----N---- C:\WINDOWS\system32\mtxparhd.dll 2008-10-28 17:51:54 ----N---- C:\WINDOWS\system32\msxml6r.dll 2008-10-28 17:51:54 ----N---- C:\WINDOWS\system32\msxml6.dll 2008-10-28 17:51:52 ----N---- C:\WINDOWS\system32\msshavmsg.dll 2008-10-28 17:51:52 ----N---- C:\WINDOWS\system32\mssha.dll 2008-10-28 17:51:39 ----N---- C:\WINDOWS\system32\mmcperf.exe 2008-10-28 17:51:38 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll 2008-10-28 17:51:38 ----N---- C:\WINDOWS\system32\mmcex.dll 2008-10-28 17:51:38 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dl l 2008-10-28 17:51:36 ----N---- C:\WINDOWS\system32\mdmxsdk.dll 2008-10-28 17:51:28 ----N---- C:\WINDOWS\system32\l2gpstore.dll 2008-10-28 17:51:27 ----N---- C:\WINDOWS\system32\kmsvc.dll 2008-10-28 17:51:27 ----N---- C:\WINDOWS\system32\kbdpash.dll 2008-10-28 17:51:27 ----N---- C:\WINDOWS\system32\kbdnepr.dll 2008-10-28 17:51:26 ----N---- C:\WINDOWS\system32\kbdiultn.dll 2008-10-28 17:51:26 ----N---- C:\WINDOWS\system32\kbdbhc.dll 2008-10-28 17:51:17 ----N---- C:\WINDOWS\system32\hsfcisp2.dll 2008-10-28 17:51:11 ----N---- C:\WINDOWS\system32\faxpatch.exe 2008-10-28 17:51:11 ----A---- C:\WINDOWS\002734_.tmp 2008-10-28 17:51:10 ----N---- C:\WINDOWS\system32\eapsvc.dll 2008-10-28 17:51:10 ----N---- C:\WINDOWS\system32\eapqec.dll 2008-10-28 17:51:10 ----N---- C:\WINDOWS\system32\eappprxy.dll 2008-10-28 17:51:10 ----N---- C:\WINDOWS\system32\eapphost.dll 2008-10-28 17:51:10 ----N---- C:\WINDOWS\system32\eappgnui.dll 2008-10-28 17:51:10 ----N---- C:\WINDOWS\system32\eappcfg.dll 2008-10-28 17:51:10 ----N---- C:\WINDOWS\system32\eapp3hst.dll 2008-10-28 17:51:10 ----N---- C:\WINDOWS\system32\eapolqec.dll 2008-10-28 17:51:07 ----N---- C:\WINDOWS\system32\dot3ui.dll 2008-10-28 17:51:07 ----N---- C:\WINDOWS\system32\dot3svc.dll 2008-10-28 17:51:07 ----N---- C:\WINDOWS\system32\dot3msm.dll 2008-10-28 17:51:07 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll |
#14
|
||||
|
||||
2008-10-28 17:51:07 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-10-28 17:51:07 ----N---- C:\WINDOWS\system32\dot3dlg.dll 2008-10-28 17:51:07 ----N---- C:\WINDOWS\system32\dot3cfg.dll 2008-10-28 17:51:06 ----N---- C:\WINDOWS\system32\dot3api.dll 2008-10-28 17:51:05 ----N---- C:\WINDOWS\system32\dimsroam.dll 2008-10-28 17:51:05 ----N---- C:\WINDOWS\system32\dimsntfy.dll 2008-10-28 17:51:05 ----N---- C:\WINDOWS\system32\dhcpqec.dll 2008-10-28 17:51:01 ----N---- C:\WINDOWS\system32\credssp.dll 2008-10-28 17:50:55 ----N---- C:\WINDOWS\system32\bitsprx4.dll 2008-10-28 17:50:54 ----N---- C:\WINDOWS\system32\azroles.dll 2008-10-28 17:50:53 ----N---- C:\WINDOWS\system32\ativvaxx.dll 2008-10-28 17:50:53 ----N---- C:\WINDOWS\system32\ativtmxx.dll 2008-10-28 17:50:52 ----N---- C:\WINDOWS\system32\ati3duag.dll 2008-10-28 17:50:52 ----N---- C:\WINDOWS\system32\ati3d1ag.dll 2008-10-28 17:50:52 ----N---- C:\WINDOWS\system32\ati2dvag.dll 2008-10-28 17:50:52 ----N---- C:\WINDOWS\system32\ati2dvaa.dll 2008-10-28 17:50:52 ----N---- C:\WINDOWS\system32\ati2cqag.dll 2008-10-28 17:50:46 ----N---- C:\WINDOWS\system32\aaclient.dll 2008-10-28 17:05:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$ 2008-10-28 17:05:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$ 2008-10-28 17:05:05 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$ 2008-10-28 17:04:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$ 2008-10-28 17:04:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$ 2008-10-28 17:04:45 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$ 2008-10-28 17:04:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$ 2008-10-28 17:04:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$ 2008-10-28 17:03:58 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$ 2008-10-28 17:03:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$ 2008-10-28 17:02:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$ 2008-10-28 17:02:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$ 2008-10-28 17:01:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$ 2008-10-28 17:01:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$ 2008-10-28 17:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$ 2008-10-28 17:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$ 2008-10-28 17:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$ 2008-10-28 17:01:19 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$ 2008-10-28 00:58:24 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2008-10-28 00:23:58 ----RHD---- C:\$VAULT$.AVG 2008-10-28 00:14:20 ----D---- C:\Documents and Settings\HP_Owner\Application Data\AVG7 2008-10-28 00:13:46 ----D---- C:\Documents and Settings\All Users\Application Data\Grisoft 2008-10-28 00:13:46 ----D---- C:\Documents and Settings\All Users\Application Data\avg7 2008-10-27 23:59:15 ----D---- C:\Documents and Settings\HP_Owner\Application Data\Malwarebytes 2008-10-27 23:58:59 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-10-27 22:05:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2008-10-27 22:05:42 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-10-27 22:01:25 ----D---- C:\Program Files\Trend Micro 2008-10-27 22:00:54 ----D---- C:\Program Files\SpywareBlaster 2008-10-24 18:03:20 ----D---- C:\Program Files\CCleaner 2008-10-24 17:28:55 ----A---- C:\WINDOWS\system32\hidserv.dll ======List of files/folders modified in the last 1 months====== 2008-10-31 19:16:39 ----D---- C:\WINDOWS\Temp 2008-10-31 19:16:28 ----D---- C:\WINDOWS 2008-10-31 16:57:26 ----D---- C:\WINDOWS\system32 2008-10-31 16:36:43 ----D---- C:\WINDOWS\Prefetch 2008-10-31 16:02:31 ----D---- C:\WINDOWS\system32\Restore 2008-10-31 16:01:25 ----D---- C:\Program Files 2008-10-31 15:59:25 ----D---- C:\WINDOWS\pss 2008-10-31 15:02:40 ----HD---- C:\WINDOWS\inf 2008-10-31 15:02:40 ----D---- C:\WINDOWS\system32\drivers 2008-10-31 14:53:14 ----D---- C:\WINDOWS\system32\CatRoot2 2008-10-31 14:49:53 ----HD---- C:\Program Files\InstallShield Installation Information 2008-10-31 14:39:36 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-10-28 22:02:25 ----SHD---- C:\System Volume Information 2008-10-28 21:56:08 ----DC---- C:\WINDOWS\system32\DRVSTORE 2008-10-28 21:28:40 ----SHD---- C:\WINDOWS\Installer 2008-10-28 21:28:36 ----HD---- C:\Config.Msi 2008-10-28 21:27:43 ----RSD---- C:\WINDOWS\Fonts 2008-10-28 21:25:28 ----D---- C:\Program Files\Mozilla Firefox 2008-10-28 21:18:00 ----D---- C:\WINDOWS\system32\CatRoot 2008-10-28 21:17:35 ----RSHD---- C:\WINDOWS\system32\dllcache 2008-10-28 21:16:59 ----D---- C:\WINDOWS\system32\RTCOM 2008-10-28 21:16:01 ----HD---- C:\WINDOWS\$hf_mig$ 2008-10-28 20:23:06 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-10-28 20:15:43 ----D---- C:\Program Files\Common Files 2008-10-28 18:51:33 ----D---- C:\Documents and Settings\HP_Owner\Application Data\Lavasoft 2008-10-28 18:47:42 ----D---- C:\WINDOWS\pchealth 2008-10-28 18:47:42 ----D---- C:\Program Files\MSN Messenger 2008-10-28 18:47:41 ----D---- C:\Program Files\Common Files\Microsoft Shared 2008-10-28 18:43:15 ----D---- C:\Program Files\Microsoft Office 2008-10-28 18:43:08 ----D---- C:\Program Files\Common Files\System 2008-10-28 18:42:13 ----A---- C:\WINDOWS\win.ini 2008-10-28 18:26:40 ----D---- C:\WINDOWS\Debug 2008-10-28 18:21:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2008-10-28 18:18:44 ----D---- C:\WINDOWS\system32\Setup 2008-10-28 18:18:44 ----D---- C:\WINDOWS\ime 2008-10-28 18:18:44 ----D---- C:\WINDOWS\AppPatch 2008-10-28 18:18:43 ----D---- C:\WINDOWS\system32\wbem 2008-10-28 18:18:05 ----D---- C:\WINDOWS\security 2008-10-28 18:13:18 ----D---- C:\Program Files\Messenger 2008-10-28 18:07:58 ----D---- C:\WINDOWS\WinSxS 2008-10-28 18:07:52 ----D---- C:\WINDOWS\network diagnostic 2008-10-28 18:07:51 ----D---- C:\WINDOWS\Help 2008-10-28 18:07:39 ----D---- C:\WINDOWS\system32\usmt 2008-10-28 18:07:39 ----D---- C:\WINDOWS\system32\en-US 2008-10-28 18:07:37 ----AD---- C:\WINDOWS\system32\en 2008-10-28 18:07:36 ----D---- C:\WINDOWS\PeerNet 2008-10-28 18:07:36 ----D---- C:\Program Files\Movie Maker 2008-10-28 18:04:51 ----D---- C:\WINDOWS\system32\npp 2008-10-28 18:04:50 ----D---- C:\WINDOWS\msagent 2008-10-28 18:04:49 ----D---- C:\WINDOWS\srchasst 2008-10-28 18:04:48 ----D---- C:\Program Files\NetMeeting 2008-10-28 18:04:47 ----D---- C:\WINDOWS\system32\Com 2008-10-28 18:04:45 ----D---- C:\Program Files\Windows Media Player 2008-10-28 18:04:44 ----D---- C:\Program Files\Windows NT 2008-10-28 18:04:44 ----D---- C:\Program Files\Outlook Express 2008-10-28 18:04:29 ----D---- C:\WINDOWS\system32\oobe 2008-10-28 18:04:27 ----D---- C:\WINDOWS\system 2008-10-28 18:02:15 ----D---- C:\WINDOWS\system32\ReinstallBackups 2008-10-28 17:04:36 ----D---- C:\Program Files\Internet Explorer 2008-10-28 10:59:51 ----D---- C:\Documents and Settings\HP_Owner\Application Data\Mozilla 2008-10-28 10:56:54 ----D---- C:\Program Files\Online Services 2008-10-28 10:39:26 ----D---- C:\Program Files\Common Files\{7C44673F-0BF9-1033-0216-050823200001} 2008-10-28 08:57:56 ----D---- C:\WINDOWS\Minidump 2008-10-28 08:29:37 ----HD---- C:\temp 2008-10-28 00:17:11 ----D---- C:\WINDOWS\SoftwareDistribution 2008-10-28 00:05:06 ----SD---- C:\WINDOWS\Tasks 2008-10-27 21:41:26 ----D---- C:\Documents and Settings 2008-10-15 09:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll 2008-10-07 12:19:42 ----A---- C:\WINDOWS\system32\MRT.exe 2008-10-03 10:41:15 ----A---- C:\WINDOWS\system32\ieframe.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2005-12-02 43672] R1 Avg7Core;AVG7 Kernel; C:\WINDOWS\System32\Drivers\avg7core.sys [2008-10-28 821856] R1 Avg7RsW;AVG7 Wrap Driver; C:\WINDOWS\System32\Drivers\avg7rsw.sys [2007-03-02 4224] R1 Avg7RsXP;AVG7 Resident Driver XP; C:\WINDOWS\System32\Drivers\avg7rsxp.sys [2007-03-02 27776] R1 AvgClean;AVG7 Clean Driver; C:\WINDOWS\System32\Drivers\avgclean.sys [2008-10-28 10760] R1 DcCam;Kodak Camera Proxy; C:\WINDOWS\system32\DRIVERS\DcCam.sys [2004-05-20 36918] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352] R2 AvgTdi;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdi.sys [2007-03-02 4960] R2 CdaD10BA;CdaD10BA; \??\C:\WINDOWS\system32\drivers\CdaD10BA.SYS [] R2 DCFS2K;Kodak DCFS2K Driver; C:\WINDOWS\system32\drivers\dcfs2k.sys [2004-06-02 38705] R2 MCSTRM;MCSTRM; C:\WINDOWS\system32\drivers\MCSTRM.sys [2007-09-18 8413] R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776] R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776] R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2004-09-14 13872] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-11-02 773565] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-23 3966976] R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060] R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368] R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2001-06-04 14112] R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-02-25 105088] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588] S1 Exportit;Exportit; C:\WINDOWS\system32\DRIVERS\exportit.sys [2004-07-07 152049] S3 ADPCI;Adaptec Wireless PCI Card v2.5 Driver; C:\WINDOWS\system32\DRIVERS\ADPCIN51.sys [] S3 DcFpoint;DcFpoint; C:\WINDOWS\system32\DRIVERS\DcFpoint.sys [2004-05-20 61564] S3 DcLps;Legacy Polling Service; C:\WINDOWS\system32\DRIVERS\DcLps.sys [2004-05-20 8022] S3 DcPTP;dcptp; C:\WINDOWS\system32\DRIVERS\DcPTP.sys [2004-07-07 70070] S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-18 113664] S3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-03-18 51088] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-03-18 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-03-18 21744] S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160] S3 passthru;Service; C:\WINDOWS\system32\DRIVERS\ndisio.sys [] S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [] S3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2002-10-04 46976] S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73472] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2008-03-18 13312] R2 AOL ACS;AOL Connectivity Service; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [2005-04-18 46680] R2 AOL TopSpeedMonitor;AOL TopSpeed Monitor; C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe [2004-10-15 100016] R2 Avg7Alrt;AVG7 Alert Manager Server; C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe [2008-10-28 418816] R2 Avg7UpdSvc;AVG7 Update Service; C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe [2007-03-02 49664] R2 AVGEMS;AVG E-mail Scanner; C:\PROGRA~1\Grisoft\AVG7\avgemc.exe [2008-10-28 406528] R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94 B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376] R2 KodakCCS;Kodak Camera Connection Software; C:\WINDOWS\system32\drivers\KodakCCS.exe [2004-05-24 322104] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspne t_state.exe [2004-07-15 32768] S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-06-26 654848] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-02 138168] S3 iPodService;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2004-10-14 327680] S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536] -----------------EOF----------------- |
#15
|
||||
|
||||
info.txt logfile of random's system information tool 1.04 2008-10-30 14:14:22
======Uninstall list====== -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Acoustica Beatcraft-->C:\PROGRA~1\ACOUST~1\UNWISE.EXE C:\PROGRA~1\ACOUST~1\INSTALL.LOG Acoustica Effects Pack-->C:\PROGRA~1\UNWISE.EXE C:\PROGRA~1\INSTALL.LOG Adobe Acrobat - Reader 6.0.2 Update-->MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01} Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E} Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6 ab2e\Setup.exe Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF} Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8} Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\5bc0f8414ec36c555a3e7e5ec2e 225e\Setup.exe Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{1BCEA516-B4C5-4B2D-BFA0-AB7910BAD862} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_acti veX.exe Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plug in.exe Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb91 9b58\Setup.exe Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05} Adobe Reader 6.0.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001} Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1} Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462} Adobe Setup-->MsiExec.exe /I{D504303A-717D-414C-BA9F-FE01093E2EF8} Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EX E C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} Agere Systems PCI Soft Modem-->agrsmdel AOL Coach Version 2.0(Build:20041026.5 en)-->C:\Program Files\Common Files\AolCoach\en_en\AolCInUn.exe -lang=en_en -ext=UDP AOL Uninstaller (Choose which Products to Remove)-->C:\Program Files\Common Files\AOL\uninstaller.exe AOL You've Got Pictures Screensaver-->C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exe ArcSoft Media Card Companion-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3580211E-3BB7-42C0-ADC3-9A8C1EFFF2CB}\SETUP.EXE" -l0x9 ArcSoft MediaConverter 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFF08881-43E4-4082-91C4-0E17F82E849D}\setup.exe" -l0x9 ArcSoft MediaConverter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E5BD1F9C-8BBA-410E-837D-94D523269F8F}\SETUP.EXE" -l0x9 ArcSoft PhotoImpression 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93F599DF-519B-4706-A3F1-9530DF2590B4}\SETUP.EXE" -l0x9 AudibleManager-->C:\Program Files\Audible\Bin\Upgrade.exe /Uninstall AVG 7.5-->C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL Best Buy Digital Music Store-->C:\PROGRA~1\BESTBU~1\Unwise32.exe /A C:\PROGRA~1\BESTBU~1\install.log Best Buy Rhapsody-->C:\PROGRA~1\BESTBU~1\Unwise32.exe /A C:\PROGRA~1\BESTBU~1\install.log BlackjackCD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CDE5EB49-08A7-4AA5-9E72-C8D0A0C786F7}\setup.exe" -l0x9 Camera Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D1B3874F-3057-11D6-B2EA-0050BA18806B}\Setup.exe" Card and Board Games-->C:\PROGRA~1\eGames\CARDAN~1\UNWISE.EXE C:\PROGRA~1\eGames\CARDAN~1\INSTALL.LOG CardRd81-->MsiExec.exe /I{54C8FE84-89C4-40E8-976C-439EB0729BD6} CCHelp-->MsiExec.exe /I{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04} CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992} CR2-->MsiExec.exe /I{432C3720-37BF-4BD7-8E49-F38E090246D0} Defraggler (remove only)-->"C:\Program Files\Defraggler\uninst.exe" DV TS-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{54266945-8A11-424D-B20F-4F747A714FBA}\Setup.exe" Easy Internet Sign-up-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\I Driver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033 eGames GameButler-->C:\PROGRA~1\eGames\GAMEBU~1\UNWISE.EXE C:\PROGRA~1\eGames\GAMEBU~1\INSTALL.LOG ESSAdpt-->MsiExec.exe /I{D15E9DB5-6BEB-4534-901E-80C0A29BAB97} ESSANUP-->MsiExec.exe /I{A6F18A67-B771-4191-8A33-36D2E742D6D9} ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6} ESSCAM-->MsiExec.exe /I{469730CC-78DF-4CD3-B286-562D459EA619} ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD} ESScore-->MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4} ESSCT-->MsiExec.exe /I{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8} ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A} ESShelp-->MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD} ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765} ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5} ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091} ESSSONIC-->MsiExec.exe /I{4F677FC7-7AA8-412B-A957-F13CBE1C7331} ESSTUTOR-->MsiExec.exe /I{CA60320D-6A16-49C8-A34F-84EEF4799567} ESSvpaht-->MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69} ESSvpot-->MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1} EZface ActiveX 204-->C:\PROGRA~1\EZFace\ActiveX\uninst.bat 204 C:\PROGRA~1\EZFace\ActiveX FLV Player 2.0, build 24-->C:\Program Files\FLV Player\uninst.exe Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar6.dll" Help and Support Additions-->C:\PROGRA~1\HELPAN~1\UNWISE.EXE C:\PROGRA~1\HELPAN~1\INSTALL.LOG High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spun inst.exe HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall HLPCCTR-->MsiExec.exe /I{F2D0C1B1-80FF-46F9-BA61-33B01A07FAFC} HLPIndex-->MsiExec.exe /I{38441BE7-79B0-42B8-8297-833704F949FE} HLPPDOCK-->MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21} HLPRFO-->MsiExec.exe /I{AADAC983-FDE9-42FA-8FD9-7BB324155593} Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spunin st.exe" Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spunin st.exe" HP Deskjet Preloaded Printer Drivers-->MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878} HP Image Zone 4.5.3-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP Image Zone Plus 4.5.3-->C:\Program Files\HP\Digital Imaging\{D0420D64-8D33-4374-A2B2-9225C7925CA6}\setup\hpzscr01.exe -datfile hpdscr01.dat HP Memories Disc-->MsiExec.exe /X{D35191B3-F340-4C11-A4E0-8B09477B4302} HP Organize-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0122362-6333-4DE4-93F6-A5A2F3CC101A}\Setup.exe" UNINSTALL HP Photosmart Cameras 4.0-->C:\Program Files\HP\Digital Imaging\{4C04DF1B-6A39-4299-9DD1-1FA60000266E}\setup\hpzscr01.exe -datfile hpiscr01.dat HP PSC & OfficeJet 4.0-->"C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat HP Software Update-->MsiExec.exe /X{64FC0C98-B035-4530-B15D-3D30610B6DF1} HPIZplus450-->MsiExec.exe /X{7B98685A-4E21-4A4F-A2D6-DC557042BADA} Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2I D PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582 IntelliMover Data Transfer Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14589F05-C658-4594-9429-D437BA688686}\Setup.exe" -l0x9 Internet Lottery 1.2.0-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\SPK210.Inf, DefaultUninstall InterVideo DiscLabel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3F058C0-A21C-452D-8D99-95B1A45F417D}\setup.exe" REMOVEALL InterVideo WinDVD Creator-->"C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL InterVideo WinDVD Player-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL iTunes-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BE20E2F5-1903-4AAE-B1AF-2046E586C925} J2SE Runtime Environment 5.0 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150070} Kodak EasyShare software-->C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_9_6c01d7\Setup.ex e /APR-REMOVE KSU-->MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267} Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x9 UNINSTALL Logitech Resource Center-->C:\PROGRA~1\Logitech\RESOUR~1\rem\UNWISE.EXE C:\PROGRA~1\Logitech\RESOUR~1\rem\INSTALL.LOG Mahjongg Master 2 Special Edition-->C:\PROGRA~1\eGames\MAHJON~2\UNWISE.EXE C:\PROGRA~1\eGames\MAHJON~2\INSTALL.LOG MahJongg Master-->C:\PROGRA~1\eGames\MAHJON~1\UNWISE.EXE C:\PROGRA~1\eGames\MAHJON~1\INSTALL.LOG Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Upd ates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Upda tes\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationA PIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMa pping$\spuninst\spuninst.exe" Microsoft Picture It! Photo Creativity 2001-->MsiExec.exe /I{120E6BD1-2149-11d4-A6AD-00A0CC28D961} Microsoft Picture It! Photo Premium 2001-->MsiExec.exe /I{F629C3EE-FD92-4EDC-BE49-3228AC392993} Microsoft Plus! Dancer LE-->MsiExec.exe /X{1A103D70-5C9B-4E1A-B306-5106C68F9914} Microsoft Plus! Digital Media Edition Installer-->MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7} Microsoft Plus! Photo Story 2 LE-->MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuni nst.exe" Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44} Mozilla Firefox (3.0)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} Musicmatch® Jukebox-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x9 -uninst MysticForest-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F33EEE5-A176-4608-A81D-578472627695}\setup.exe" -l0x9 -removeonly Namo WebEditor 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF3FA287-2622-4340-AAF6-0AD29F21A691}\setup.exe" -l0x9 Nancy Drew: Secret of Shadow Ranch-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Nancy Drew\Secret of Shadow Ranch\setup.exe" -l0x9 Nancy Drew: The Creature of Kapu Cave-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\Nancy Drew\The Creature of Kapu Cave\setup.exe" -l0x9 NetBeans IDE 5.0-->C:\Program Files\netbeans-5.0\_uninst\uninstaller.exe Notifier-->MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2} OpenOffice.org 2.3-->MsiExec.exe /I{28BAF389-4421-4B88-ACCC-FBEF95F69D6D} OTtBP-->MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C} OTtBPSDK-->MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353} PCDLNCH-->MsiExec.exe /I{69BD6399-3D8F-45B7-81D9-819361F5101D} PC-Doctor for Windows-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{0C66761E-497A-4BE3-AE0D-8EC30FC9A9AA} /l1033 PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} Photosmart 140,240,7200,7600,7700,7900 Series-->c:\Program Files\HP\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\setup\hpzscr01.exe -datfile hphscr01.dat Photosmart 320,370,7400,8100,8400 Series-->C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\setup\hpzscr01.exe -datfile hphscr01.dat PS2-->C:\WINDOWS\system32\ps2.exe uninstall Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log" Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG Quicken 2005-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\I Driver.exe /M{2DBE41DD-2129-4C65-A3D3-5647236A60F3} anything QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Realtek High Definition Audio Driver-->RtlUpd.exe -r Reason 3.0-->"C:\Program Files\Propellerhead\Reason\Uninstall Reason\unins000.exe" Reel Deal Slots 2nd Volume-->"c:\Program Files\Phantom\Reel Deal Slots 2nd Volume\unins000.exe" Rhapsody Player Engine-->MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spunin st.exe" Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\ spuninst.exe" Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\ spuninst.exe" Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spunin st.exe" Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spunin st.exe" Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spunin st.exe" Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spunin st.exe" Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spunin st.exe" Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spunin st.exe" Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spunin st.exe" Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spunin st.exe" Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spunin st.exe" Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spunin st.exe" Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spunin st.exe" Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spunin st.exe" Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spunin st.exe" Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spunin st.exe" Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spunin st.exe" SFR-->MsiExec.exe /I{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314} SFR2-->MsiExec.exe /I{A0AF08BA-3630-4505-BFB2-A41F3837B0D0} Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EX E C:\WINDOWS\system32\Macromed\SHOCKW~1\INSTALL.LOG SimCity 3000-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Maxis\SimCity 3000\Uninst.isu" |
Bookmarks |
«
Previous Topic
|
Next Topic
»
|
|
Similar Topics | ||||
Topic | Topic Starter | Forum | Replies | Last Post |
Could you check this HijackThis log please? | Phil5000 | Windows XP | 1 | November 10th, 2006 12:50 AM |
please check my HiJackThis log... | aoxk61 | Malware Removal | 2 | September 29th, 2006 05:24 AM |
Please check my Hijackthis Log | twinx | Malware Removal | 3 | February 28th, 2005 02:49 AM |
Hijackthis log: Please Check | Crossbones84 | Malware Removal | 1 | June 25th, 2004 01:09 AM |
Could you check my HijackThis log? | thezieb | Malware Removal | 2 | June 24th, 2004 08:41 PM |
All times are GMT +1. The time now is 04:13 AM.