Jump to content

cococreekguy

Members
  • Posts

    3
  • Joined

  • Last visited

Everything posted by cococreekguy

  1. Hi! Thanks so much for checking the logs! Let me look around and see if I can find the XP disks and software key that came with the laptop. Sounds like re-install is going to be the best option thanks again!
  2. Hi and thanks for your help!!! When I am logged on to Windows, either in normal mode or safe mode, I cannot get to the taskbar or start menu - it is not visible and no key sequence will bring it up. So, I was unable to disable AVG 9.0. When I try to launch AVG 9.0 from a alias on the desktop, I get this message: "The application has failed to start because MSVFW32.dll was not found. Re-install the application." Therefore, these logs may be adversely influenced by the presence of AVG 9.0, although I did choose "allow" when AVG identified them as possible malware. I tried to post everything here, but got an error saying the reply was too big. So, I have attached the (2) DDS files and Combolog. thanks again, chuck RSIT LOG: Logfile of random's system information tool 1.08 (written by random/random) Run by Owner at 2010-08-05 08:06:28 WIN_XP Service Pack 2 System drive C: has 7 GB (10%) free of 70 GB Total RAM: 1526 MB (58% free) HijackThis download failed ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-21 1619296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {147D6308-0614-4112-89B1-31402F9B82C4} - Encarta Web Companion - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL [2005-06-03 228048] {5093EB4C-3E93-40AB-9266-B607BA87BDC8} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "BellSouthWCC_McciTrayApp"=C:\Program Files\BellSouthWCC\McciTrayApp.exe [2005-11-17 543232] "AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-07-21 2065760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACTX1] C:\WINDOWS\v1201.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ad8rIU3s] C:\WINDOWS\system32\cvn0.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe [2005-09-09 57344] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Spyware Protection] C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-07-21 2065760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserUpdateSched] C:\WINDOWS\system32\pwinspez.exe CORN003 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exe [2005-10-27 299008] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\defender] C:\\dfndrfg_7.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\E06ADXRC_151537] C:\Program Files\Encarta\Encarta Premium 2006\EDICT.EXE [2005-06-03 301776] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\E06ADXRC_1618567] C:\Program Files\Encarta\Encarta Premium 2006\EDICT.EXE [2005-06-03 301776] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\E06ADXRC_345710425] C:\Program Files\Encarta\Encarta Premium 2006\EDICT.EXE [2005-06-03 301776] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe [2004-12-24 118784] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] C:\Program Files\HP - Printer\HP Software Update\HPWuSchd2.exe [2006-02-19 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] C:\WINDOWS\system32\igfxtray.exe [2004-12-24 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Internet Optimizer] C:\Program Files\Internet Optimizer\optimize.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {257BBC47-1B26-432e-9F84-188603799DD3} /MODE CfgWiz /CMDLINE REBOOT [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iyhkh] C:\WINDOWS\system32\mkwqgu.exe reg_run [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Java developer Script Browse] C:\WINDOWS\jusched.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\k6mmN5IOU] C:\WINDOWS\system32\wfxqhv.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\keyboard] C:\\kybrdfg_7.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lcbigs] C:\WINDOWS\system32\mkwqgu.exe reg_run [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe [2010-06-01 5252408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig] C:\Documents and Settings\Owner\mwoevsj.exe \u [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ofinawixorigegop] C:\WINDOWS\ocetunagec.dll,Startup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\outlook] C:\Program Files\outlook\outlook.exe /auto [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\owvfgszA] C:\WINDOWS\owvfgszA.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [2010-01-08 237568] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [2006-04-11 1409024] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2009-11-11 417792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-14 212992] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder] C:\WINDOWS\Creator\Remind_XP.exe [2005-02-25 966656] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-31 32768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-10 149280] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-11-04 688218] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-11-04 98394] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TheMonitor] C:\WINDOWS\SYSC00.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2006-07-10 180269] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_8 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusProtectPro 3.5] C:\Program Files\VirusProtectPro 3.5\VirusProtectPro 3.5.exe /h [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\win3206343874416] C:\WINDOWS\win3206343874416.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winlog] winlog.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wlocepubikehej] C:\WINDOWS\m3201u.dll [2007-03-08 67072] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2010-06-01 5252408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\_AntiSpyware] C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{E8-88-8D-D7-ZN}] C:\windows\system32\ordsregn.exe CORN003 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^esirm.exe] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\esirm.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] C:\PROGRA~1\HP-PRI~1\DIGITA~1\bin\hpqtra08.exe [2006-02-19 288472] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk] C:\PROGRA~1\HP-PRI~1\DIGITA~1\bin\hpqthb08.exe [2006-02-10 73728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk] C:\PROGRA~1\HP-PRI~1\DIGITA~1\bin\hpqthb08.exe [2006-02-10 73728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^0hjgclz.exe] C:\Documents and Settings\Owner\Start Menu\Programs\Startup\0hjgclz.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^1rfkgdv.exe] C:\Documents and Settings\Owner\Start Menu\Programs\Startup\1rfkgdv.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^55oqnpm.exe] C:\Documents and Settings\Owner\Start Menu\Programs\Startup\55oqnpm.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^56ozkuf.exe] C:\Documents and Settings\Owner\Start Menu\Programs\Startup\56ozkuf.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^awzvyux5.exe] C:\Documents and Settings\Owner\Start Menu\Programs\Startup\awzvyux5.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^ay55eehlyyf.exe] C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ay55eehlyyf.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^cxlecfv0.exe] C:\Documents and Settings\Owner\Start Menu\Programs\Startup\cxlecfv0.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^eadzcyb5.exe] C:\Documents and Settings\Owner\Start Menu\Programs\Startup\eadzcyb5.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^fhoupxsa.exe] C:\Documents and Settings\Owner\Start Menu\Programs\Startup\fhoupxsa.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^jem556smvp.exe] C:\Documents and Settings\Owner\Start Menu\Programs\Startup\jem556smvp.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^or56wwztiql.exe] C:\Documents and Settings\Owner\Start Menu\Programs\Startup\or56wwztiql.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^tgu556ayle.exe] C:\Documents and Settings\Owner\Start Menu\Programs\Startup\tgu556ayle.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^uf55gutfwyv.exe] C:\Documents and Settings\Owner\Start Menu\Programs\Startup\uf55gutfwyv.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^uwt5surtqs.exe] C:\Documents and Settings\Owner\Start Menu\Programs\Startup\uwt5surtqs.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^vky556eshv.exe] C:\Documents and Settings\Owner\Start Menu\Programs\Startup\vky556eshv.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^yitegfhe.exe] C:\Documents and Settings\Owner\Start Menu\Programs\Startup\yitegfhe.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Zeno.lnk] C:\WINDOWS\system32\pwinspez.exe CORN003 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Z_Start.lnk] C:\WINDOWS\system32\ZICORN~1.EXE CORN003 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter] C:\WINDOWS\system32\avgrsstx.dll [2010-07-21 12536] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2006-09-20 441136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-04 239616] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\elmbrvfc.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\elmbrvfc.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Yahoo!\Messenger\YPager.exe"="C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger" "C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server" "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Disabled:AOL" "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Disabled:AOL" "C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Disabled:AOL" "C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger" "C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe"="C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe:*:Enabled:Eyeball Chat" "C:\Program Files\HP - Printer\HP Software Update\HPWUCli.exe"="C:\Program Files\HP - Printer\HP Software Update\HPWUCli.exe:*:Enabled:HP Software Update Client" "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\Program Files\RealPlayer\realplay.exe"="C:\Program Files\RealPlayer\realplay.exe:*:Enabled:RealPlayer" "C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader" "C:\Program Files\SightSpeed\SightSpeed.exe"="C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed" "C:\Program Files\PornDigger!\PornDigger.exe"="C:\Program Files\PornDigger!\PornDigger.exe:*:Enabled:PDigger (online picture sharing)" "C:\Program Files\HP - Printer\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP - Printer\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Program Files\HP - Printer\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP - Printer\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\HP - Printer\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP - Printer\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\Program Files\HP - Printer\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP - Printer\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\Program Files\HP - Printer\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP - Printer\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\HP - Printer\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP - Printer\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\Program Files\HP - Printer\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP - Printer\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Program Files\HP - Printer\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP - Printer\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\Program Files\HP - Printer\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP - Printer\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\Program Files\HP - Printer\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP - Printer\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\Program Files\HP - Printer\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP - Printer\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\Program Files\HP - Printer\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP - Printer\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\Program Files\HP - Printer\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP - Printer\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\Program Files\HP - Printer\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP - Printer\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe" "C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe" "C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe" "C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe" "C:\Program Files\MySpace\IM\MySpaceIM.exe"="C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpace Instant Messenger" "C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe" "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe" "C:\Program Files\Shareaza\Shareaza.exe"="C:\Program Files\Shareaza\Shareaza.exe:*:Enabled:Shareaza" "C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe" "C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe" "C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe" "C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\4IXDPG9L\134845363546896-JPG-www.facebook.com[1].exe"="C:\WINDOWS\jusched.exe:*:Enabled:Java developer Script Browse" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL" "C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL" ======List of files/folders created in the last 1 months====== 2010-08-05 08:06:28 ----D---- C:\rsit 2010-08-04 14:39:53 ----A---- C:\SDFix.exe 2010-08-04 14:05:11 ----D---- C:\WINDOWS\ERUNT 2010-08-04 14:03:38 ----D---- C:\SDFix 2010-08-04 12:34:59 ----D---- C:\Program Files\Unlocker 2010-08-03 21:24:18 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2010-08-03 21:24:07 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-08-03 21:23:53 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2010-08-03 21:23:41 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-07-29 16:34:37 ----A---- C:\WINDOWS\ntbtlog.txt 2010-07-28 10:14:18 ----A---- C:\TDSSKiller.2.3.2.2_28.07.2010_10.14.18_log.txt 2010-07-28 10:07:22 ----A---- C:\WINDOWS\system32\drivers\tmcomm.sys 2010-07-28 00:04:14 ----D---- C:\Program Files\CCleaner 2010-07-21 11:24:31 ----HD---- C:\$AVG 2010-07-21 11:19:38 ----A---- C:\WINDOWS\system32\drivers\avgrkx86.sys 2010-07-21 11:19:38 ----A---- C:\WINDOWS\system32\drivers\AVGIDSxx.sys 2010-07-21 11:19:38 ----A---- C:\WINDOWS\system32\avgrsstx.dll 2010-07-21 11:19:36 ----A---- C:\WINDOWS\system32\drivers\avgtdix.sys 2010-07-21 11:19:28 ----A---- C:\WINDOWS\system32\drivers\avgldx86.sys 2010-07-21 11:19:26 ----A---- C:\WINDOWS\system32\drivers\avgmfx86.sys 2010-07-21 11:19:10 ----D---- C:\WINDOWS\system32\drivers\Avg 2010-07-21 11:17:46 ----A---- C:\WINDOWS\system32\drivers\avgfwdx.sys 2010-07-21 11:17:46 ----A---- C:\WINDOWS\system32\avgfwdx.dll 2010-07-21 11:17:44 ----D---- C:\Documents and Settings\All Users\Application Data\avg9 2010-07-18 22:15:24 ----A---- C:\WINDOWS\system32\drivers\elmbrvfc.sys 2010-07-14 03:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$ ======List of files/folders modified in the last 1 months====== 2010-08-05 08:06:29 ----D---- C:\Documents and Settings 2010-08-05 08:00:13 ----SD---- C:\WINDOWS\system32 2010-08-04 22:18:25 ----AD---- C:\WINDOWS\Temp 2010-08-04 21:37:36 ----D---- C:\WINDOWS\system32\drivers 2010-08-04 21:37:34 ----AD---- C:\Program Files 2010-08-04 18:42:55 ----D---- C:\Program Files\Mozilla Firefox 2010-08-04 18:36:29 ----A---- C:\WINDOWS\NeroDigital.ini 2010-08-04 18:11:25 ----D---- C:\WINDOWS\system32\drivers\etc 2010-08-04 14:05:11 ----D---- C:\WINDOWS 2010-08-04 11:28:59 ----SH---- C:\boot.ini 2010-07-28 11:44:28 ----D---- C:\WINDOWS\Debug 2010-07-28 01:47:44 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-07-28 01:23:41 ----D---- C:\Documents and Settings\Owner\Application Data\Shareaza 2010-07-28 01:23:07 ----A---- C:\WINDOWS\win.ini 2010-07-28 00:53:02 ----RAHC---- C:\WINDOWS\system32\cdplayer.exe.manifest 2010-07-28 00:23:48 ----D---- C:\WINDOWS\Minidump 2010-07-21 12:23:18 ----SHD---- C:\RECYCLER 2010-07-21 11:18:02 ----HD---- C:\WINDOWS\inf 2010-07-21 10:57:45 ----SD---- C:\Documents and Settings\Owner\Application Data\Microsoft 2010-07-21 09:15:30 ----A---- C:\WINDOWS\system.ini 2010-07-21 09:15:17 ----D---- C:\WINDOWS\Prefetch 2010-07-21 09:13:21 ----D---- C:\WINDOWS\pss 2010-07-19 10:27:16 ----D---- C:\WINDOWS\system32\CatRoot2 2010-07-18 22:15:25 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-07-14 03:02:14 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-07-14 03:00:39 ----HD---- C:\WINDOWS\$hf_mig$ 2010-07-12 20:27:52 ----A---- C:\WINDOWS\wininit.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-04 42368] R0 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2004-08-04 44928] R0 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2004-08-04 42752] R0 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2004-08-04 43008] R0 AVGIDSErHrxpx;AVG9IDSErHr; C:\WINDOWS\System32\Drivers\AVGIDSxx.sys [2010-07-21 25168] R0 AvgRkx86;avgrkx86.sys; C:\WINDOWS\System32\Drivers\avgrkx86.sys [2010-07-21 52872] R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952] R0 elmbrvfc;elmbrvfc; C:\WINDOWS\System32\Drivers\elmbrvfc.sys [2010-07-18 40128] R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-04 61056] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-04-27 45648] R0 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2004-08-04 41088] R0 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-04 42240] R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-07-21 216400] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-07-21 29584] R1 AvgTdiX;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-07-21 243024] R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2003-12-30 28080] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-01-28 13059] R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800] R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2010-07-21 30104] R3 AVGIDSDriverxpx;AVG9IDSDriver; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [] R3 AVGIDSFilterxpx;AVG9IDSFilter; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [] R3 AVGIDSShimxpx;AVG9IDSShim; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [] R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2004-12-14 45056] R3 CAMCAUD;Conexant AMC Audio; C:\WINDOWS\system32\drivers\camc6aud.sys [2005-04-19 38016] R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camc6hal.sys [2005-04-19 350976] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2005-01-28 1036544] R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2005-01-28 205696] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-12-24 708989] R3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [] R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-04 67584] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-11-04 185824] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-02-11 157056] R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480] R3 w29n51;Intel® PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-11-17 3222784] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-01-28 702592] S1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\system32\DRIVERS\p3.sys [2004-08-04 42496] S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2010-07-21 30104] S3 BANTExt;BANTExt; \??\C:\Program Files\Belarc\Advisor\system\BANTExt.sys [] S3 catchme;catchme; \??\C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568] S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\system32\5.tmp [] S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160] S3 MR97310_VGA_DUAL_CAMERA;Dual-Mode Digital Camera; C:\WINDOWS\system32\DRIVERS\mr97310v.sys [] S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 mxnic;Macronix MX987xx Family Fast Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\mxnic.sys [2001-08-17 19968] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2006-03-24 8704] S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2006-03-24 13312] S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-03-24 127488] S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448] S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 V0080Dev;Creative Camera VF0080 Driver; C:\WINDOWS\system32\DRIVERS\V0080Dev.sys [2004-10-09 503507] S3 V0250Dev;Live! Cam Notebook Pro; C:\WINDOWS\system32\DRIVERS\V0250Dev.sys [2006-04-05 163840] S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeActiveFileMonitor4.0;Adobe Active File Monitor V4; C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [2005-09-09 102400] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-21 308136] R2 avgfws9;AVG Firewall; C:\Program Files\AVG\AVG9\avgfws9.exe [2010-07-21 2331032] R2 AVGIDSAgent;AVG9IDSAgent; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-07-21 5897808] R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-10 153376] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632] S2 6to4;Network Security; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] S2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-07-21 921952] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 HP Status Server;HP Status Server; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [2004-10-16 73728] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 StumbleUponUpdateService;StumbleUponUpdateService; C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe [2009-06-03 120168] S3 WMConnectCDS;Windows Media Connect Service; C:\Program Files\Windows Media Connect 2\wmccds.exe [2006-10-18 8704] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 PrismXL;PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS [2005-09-15 196608] S4 ServiceLayer;ServiceLayer; C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe [2006-04-12 176640] S4 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652] S4 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408] -----------------EOF----------------- info.txt from RSIT info.txt logfile of random's system information tool 1.08 2010-08-05 08:06:32 ======Uninstall list====== -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->MsiExec.exe /I{C98E5F1B-5C2B-4FD1-BDF9-F3779DCAAA16} -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C81600D-D6C7-4687-9362-DD4A78B3483E}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{513D9FB1-27A2-44E4-8F2D-77A6737921A5}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E5ABA5FD-EE3D-4F15-895D-B32321E6C96B}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x9 -removeonly -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x9 -removeonly -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x9 -removeonly -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x9 -removeonly -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40} Ad-Aware SE Personal-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Help Center 2.0-->MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903} Adobe Photoshop Elements 4.0-->msiexec /I {EBB7C1C1-D439-4D9B-9FDC-954C10F266B0} Adobe Reader 9.3.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001} Adobe Archive.zip
  3. Gateway M360 Laptop running Win XP Home Ver 2002 SP2 My laptop got infected and I have run the following spyware/virus programs: Malwarebytes Microsoft Malicious Software Removal Tool Spybot McAfee Stinger and several others There were many items that were removed by these programs. None of these programs detect anything else on my laptop. I ran SDFix and it removed msdvdr.sys. Then, I tried to run the programs in the Attach.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.