Jump to content

markz

Honorary Members
  • Posts

    32
  • Joined

  • Last visited

Everything posted by markz

  1. any suggestions on best way to reinstall to ensure that what ever infected my computer is removed with the new install of xp
  2. not having any luck - once I copy to desktop I can not execute the exe file double click and nothing happens... the extraction of the zip to the desktop gives an error - unexpected end of file? I'm about to throw in the town and reinstall xp -
  3. strange that when I try to go directly to the sites on my infected computer it blocks my access... I've been using a seperate laptop to get files and transfer via usb mem stick... These malware programs are pretty frustrating...getting tired will probably be hitting the hay soon... let me know if your or your team have any suggestions... what malware do I still have??
  4. I got the avenger.exe file on my desktop but it comes up with an ie microsoft error something about missing dll
  5. now its asking for a password to extract the file from the zip folder??
  6. sorry to hear that I tried running avenger.exe and I get a microsoft explorer error
  7. only issue left is that sometimes after a google search I will get a error ie cannot display the webpage on a lot of legite sites - any advice windows xp sp 3
  8. a couple of low priority alerts only - looks like I'm back thank you very much for all of your assistance
  9. Here is the last log - let me know how everything looks --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Core2 CPU 6300 @ 1.86GHz ) BIOS : Phoenix - AwardBIOS v6.00PG USER : HP_Administrator ( Administrator ) BOOT : Normal boot Antivirus : McAfee VirusScan (Activated) Firewall : McAfee Personal Firewall (Activated) C:\ (Local Disk) - NTFS - Total:289 Go (Free:215 Go) D:\ (Local Disk) - FAT32 - Total:8 Go (Free:0 Go) E:\ (CD or DVD) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (USB) J:\ (Local Disk) - NTFS - Total:332 Go (Free:127 Go) K:\ (Local Disk) - NTFS - Total:40 Go (Free:10 Go) L:\ (USB) M:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) N:\ (USB) - FAT - Total:462 Mo (Free:0 Go) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [1] ( Sun 02/15/2009|15:41 ) --------------------\\ Listing folders in APPLIC~1 [11/14/2005|07:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities [08/24/2006|01:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Intuit [11/14/2005|07:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft [08/24/2006|01:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Real [12/26/2008|01:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> acccore [10/07/2008|04:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe [12/26/2008|01:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL [12/26/2008|01:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL Downloads [12/15/2006|04:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL OCP [01/17/2008|10:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple [10/29/2006|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer [08/24/2006|01:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Digital Interactive Systems Corporation [08/24/2006|02:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Hewlett-Packard [07/18/2007|07:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> HP [08/24/2006|01:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield [08/24/2006|01:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Intuit [10/29/2006|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Kodak [02/14/2009|03:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes [02/10/2009|05:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee [11/01/2008|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee.com [02/14/2009|10:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft [12/27/2007|03:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> MSScanAppDataDir [12/27/2008|04:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NortonInstaller [12/16/2006|09:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NVIDIA [01/27/2009|10:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Office Genuine Advantage [05/20/2007|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Roxio [08/24/2006|01:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SBSI [10/29/2006|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Sonic [02/14/2009|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy [02/15/2009|03:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP [02/15/2009|09:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Viewpoint [12/21/2006|06:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WildTangent [10/30/2006|07:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage [02/13/2009|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo! Companion [11/14/2005|07:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities [08/24/2006|01:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Intuit [11/14/2005|07:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft [08/24/2006|01:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Real [12/15/2006|04:36] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> acccore [04/29/2008|07:59] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Adobe [01/13/2007|10:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> AdobeAUM [11/07/2006|07:53] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> AdobeUM [11/18/2006|04:04] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Aim [11/27/2008|11:33] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> alot [10/29/2007|12:39] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Apple Computer [12/25/2006|10:19] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Atari [01/27/2008|08:45] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Backup MyPC [12/25/2007|07:42] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> CyberLink [01/03/2007|02:49] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Google [04/10/2007|08:09] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Help [11/25/2006|04:23] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Hewlett-Packard [07/18/2007|07:39] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> HP [11/04/2006|02:35] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> HPQ [10/29/2006|10:32] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Identities [08/24/2006|01:54] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Intuit [10/29/2006|11:59] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Leadertech [10/29/2006|08:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Macromedia [02/10/2009|05:54] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> McAfee [05/20/2007|05:09] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Microsoft [02/15/2009|09:11] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Move Networks [02/13/2009|07:00] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> PC Tools [11/29/2007|04:32] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Real [01/27/2008|09:41] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Roxio [10/29/2006|10:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Share-to-Web Upload Folder [12/02/2006|02:40] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Sonic [10/29/2006|08:34] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Sun [11/05/2006|10:06] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Template [03/09/2008|10:02] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Uniblue [02/15/2009|09:12] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Viewpoint [10/30/2006|03:58] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> WildTangent [02/13/2009|11:09] C:\DOCUME~1\HP_ADM~1\APPLIC~1\<DIR> Yahoo! [01/12/2009|09:25] C:\DOCUME~1\Joe\APPLIC~1\<DIR> acccore [12/21/2008|10:41] C:\DOCUME~1\Joe\APPLIC~1\<DIR> Adobe [11/06/2008|04:57] C:\DOCUME~1\Joe\APPLIC~1\<DIR> alot [11/06/2008|06:52] C:\DOCUME~1\Joe\APPLIC~1\<DIR> Apple Computer [11/06/2008|04:58] C:\DOCUME~1\Joe\APPLIC~1\<DIR> Google [11/06/2008|05:46] C:\DOCUME~1\Joe\APPLIC~1\<DIR> HP [11/14/2005|07:04] C:\DOCUME~1\Joe\APPLIC~1\<DIR> Identities [08/24/2006|01:54] C:\DOCUME~1\Joe\APPLIC~1\<DIR> Intuit [11/06/2008|04:57] C:\DOCUME~1\Joe\APPLIC~1\<DIR> Macromedia [01/12/2009|08:20] C:\DOCUME~1\Joe\APPLIC~1\<DIR> Microsoft [11/06/2008|06:49] C:\DOCUME~1\Joe\APPLIC~1\<DIR> Real [11/06/2008|04:56] C:\DOCUME~1\Joe\APPLIC~1\<DIR> Roxio [11/06/2008|05:17] C:\DOCUME~1\Joe\APPLIC~1\<DIR> Viewpoint [11/01/2008|07:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Adobe [11/01/2008|07:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Google [11/01/2008|07:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Macromedia [08/24/2006|01:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft [10/29/2006|11:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Roxio [08/24/2006|01:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft --------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks [01/15/2009 01:34 AM][--a------] C:\WINDOWS\tasks\McDefragTask.job [02/01/2009 01:00 AM][--a------] C:\WINDOWS\tasks\McQcTask.job [01/27/2008 09:39 AM][---------] C:\WINDOWS\tasks\full12608.job [03/01/2007 06:39 PM][---------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 2200 series#1164562113.job [02/10/2009 02:43 PM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [02/15/2009 03:30 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT [08/10/2004 05:00 AM][-r-h-----] C:\WINDOWS\tasks\desktop.ini ( full12608.job )=( C:\ProgramFiles\Sonic\BackupMyPC ) --------------------\\ Listing Folders in C:\Program Files [10/07/2008|04:10] C:\Program Files\<DIR> Adobe [12/16/2006|11:15] C:\Program Files\<DIR> AIM [12/26/2008|01:36] C:\Program Files\<DIR> AIM6 [06/20/2007|06:26] C:\Program Files\<DIR> All-Pro Software [10/27/2008|05:23] C:\Program Files\<DIR> alot [11/18/2006|04:04] C:\Program Files\<DIR> AOD [12/27/2008|04:49] C:\Program Files\<DIR> AOL [08/19/2008|08:29] C:\Program Files\<DIR> Apple Software Update [07/21/2007|07:51] C:\Program Files\<DIR> Atari [12/31/2008|03:37] C:\Program Files\<DIR> AviSynth 2.5 [01/17/2008|10:55] C:\Program Files\<DIR> Bonjour [02/13/2009|11:09] C:\Program Files\<DIR> CCleaner [12/26/2008|01:36] C:\Program Files\<DIR> Common Files [11/11/2005|04:56] C:\Program Files\<DIR> ComPlus Applications [08/24/2006|01:37] C:\Program Files\<DIR> CONEXANT [11/06/2007|05:10] C:\Program Files\<DIR> DISC [02/12/2009|04:43] C:\Program Files\<DIR> DivX [11/06/2007|05:19] C:\Program Files\<DIR> Electronic Arts [08/24/2006|01:16] C:\Program Files\<DIR> EnglishOtto [12/31/2008|03:36] C:\Program Files\<DIR> eRightSoft [08/24/2006|01:16] C:\Program Files\<DIR> GemMaster [02/14/2009|10:09] C:\Program Files\<DIR> Google [07/18/2007|07:31] C:\Program Files\<DIR> Hewlett-Packard [02/12/2009|04:44] C:\Program Files\<DIR> HP [08/24/2006|01:45] C:\Program Files\<DIR> HP DigitalMedia Archive [12/21/2006|06:02] C:\Program Files\<DIR> HP Games [02/15/2009|09:09] C:\Program Files\<DIR> InstallShield Installation Information [08/24/2006|01:35] C:\Program Files\<DIR> Intel [12/22/2008|03:07] C:\Program Files\<DIR> Internet Explorer [01/17/2008|10:56] C:\Program Files\<DIR> iPod [01/17/2008|10:57] C:\Program Files\<DIR> iTunes [08/31/2008|11:24] C:\Program Files\<DIR> Java [12/06/2006|08:07] C:\Program Files\<DIR> Kodak [02/14/2009|05:54] C:\Program Files\<DIR> Malwarebytes' Anti-Malware [11/06/2007|05:17] C:\Program Files\<DIR> Maxis [11/06/2008|04:54] C:\Program Files\<DIR> McAfee [11/01/2008|08:14] C:\Program Files\<DIR> McAfee.com [12/18/2008|03:07] C:\Program Files\<DIR> Messenger [01/09/2007|08:08] C:\Program Files\<DIR> Microsoft ActiveSync [11/14/2005|07:06] C:\Program Files\<DIR> microsoft frontpage [11/23/2006|09:10] C:\Program Files\<DIR> Microsoft Money 2006 [01/09/2007|08:07] C:\Program Files\<DIR> Microsoft Office [11/11/2006|08:11] C:\Program Files\<DIR> Microsoft Works [01/09/2007|08:07] C:\Program Files\<DIR> Microsoft.NET [12/17/2008|08:52] C:\Program Files\<DIR> Movie Maker [11/14/2005|07:07] C:\Program Files\<DIR> MSN [08/24/2006|01:51] C:\Program Files\<DIR> MSN Encarta Standard [11/14/2005|07:07] C:\Program Files\<DIR> MSN Gaming Zone [11/15/2006|06:41] C:\Program Files\<DIR> MSXML 4.0 [08/24/2006|01:44] C:\Program Files\<DIR> music_now [08/24/2006|01:54] C:\Program Files\<DIR> muvee Technologies [12/15/2008|08:25] C:\Program Files\<DIR> myfantasyleague [12/17/2008|08:49] C:\Program Files\<DIR> NetMeeting [08/24/2006|01:44] C:\Program Files\<DIR> Netscape [06/20/2007|06:34] C:\Program Files\<DIR> Northbyte [08/24/2006|02:05] C:\Program Files\<DIR> Online Services [12/17/2008|08:49] C:\Program Files\<DIR> Outlook Express [08/24/2006|02:02] C:\Program Files\<DIR> PC-Doctor 5 for Windows [08/24/2006|02:02] C:\Program Files\<DIR> PC-Doctor for DOS [12/25/2006|11:28] C:\Program Files\<DIR> Philips [05/10/2008|08:27] C:\Program Files\<DIR> Photo Viewer [08/24/2006|01:54] C:\Program Files\<DIR> Quicken [01/17/2008|10:54] C:\Program Files\<DIR> QuickTime [12/06/2008|12:02] C:\Program Files\<DIR> ReadIris [10/29/2006|10:54] C:\Program Files\<DIR> Real [12/13/2008|03:08] C:\Program Files\<DIR> Rhapsody [10/29/2006|11:15] C:\Program Files\<DIR> Roxio [05/13/2007|01:10] C:\Program Files\<DIR> Sonic [02/14/2009|10:10] C:\Program Files\<DIR> Spybot - Search & Destroy [02/13/2009|11:39] C:\Program Files\<DIR> Spyware Doctor [02/14/2009|05:19] C:\Program Files\<DIR> Trend Micro [03/09/2008|10:09] C:\Program Files\<DIR> Uniblue [11/11/2005|04:56] C:\Program Files\<DIR> Uninstall Information [08/24/2006|01:58] C:\Program Files\<DIR> Updates from HP [02/15/2009|09:12] C:\Program Files\<DIR> Viewpoint [08/24/2006|01:46] C:\Program Files\<DIR> WildTangent [08/25/2007|03:36] C:\Program Files\<DIR> Windows Media Player [12/17/2008|08:49] C:\Program Files\<DIR> Windows NT [11/14/2005|07:08] C:\Program Files\<DIR> Windows Plus [11/11/2005|04:56] C:\Program Files\<DIR> WindowsUpdate [11/14/2005|07:08] C:\Program Files\<DIR> xerox [08/24/2006|02:06] C:\Program Files\<DIR> Yahoo! --------------------\\ Listing Folders in C:\Program Files\Common Files [10/07/2008|04:10] C:\Program Files\Common Files\<DIR> Adobe [12/27/2008|04:49] C:\Program Files\Common Files\<DIR> AOL [01/17/2008|10:52] C:\Program Files\Common Files\<DIR> Apple [01/09/2007|08:08] C:\Program Files\Common Files\<DIR> DESIGNER [11/25/2006|04:20] C:\Program Files\Common Files\<DIR> Hewlett-Packard [08/24/2006|01:40] C:\Program Files\Common Files\<DIR> HP [05/20/2007|08:16] C:\Program Files\Common Files\<DIR> InstallShield [08/24/2006|01:54] C:\Program Files\Common Files\<DIR> Intuit [08/24/2006|01:20] C:\Program Files\Common Files\<DIR> Java [12/06/2006|08:06] C:\Program Files\Common Files\<DIR> Kodak [12/26/2006|12:10] C:\Program Files\Common Files\<DIR> LightScribe [08/24/2006|01:50] C:\Program Files\Common Files\<DIR> LS Getting Started [11/01/2008|08:14] C:\Program Files\Common Files\<DIR> McAfee [12/15/2008|08:50] C:\Program Files\Common Files\<DIR> Microsoft Shared [11/14/2005|07:06] C:\Program Files\Common Files\<DIR> MSSoap [08/24/2006|01:53] C:\Program Files\Common Files\<DIR> muvee Technologies [12/15/2006|04:35] C:\Program Files\Common Files\<DIR> Nullsoft [11/14/2005|07:06] C:\Program Files\Common Files\<DIR> ODBC [08/24/2006|01:54] C:\Program Files\Common Files\<DIR> Palo Alto Software [08/24/2006|01:43] C:\Program Files\Common Files\<DIR> Real [05/20/2007|08:18] C:\Program Files\Common Files\<DIR> Roxio Shared [10/29/2006|11:30] C:\Program Files\Common Files\<DIR> Scanner [11/14/2005|07:06] C:\Program Files\Common Files\<DIR> Services [12/26/2008|01:36] C:\Program Files\Common Files\<DIR> Software Update Utility [05/13/2007|01:10] C:\Program Files\Common Files\<DIR> Sonic Shared [11/14/2005|07:06] C:\Program Files\Common Files\<DIR> SpeechEngines [10/29/2006|08:51] C:\Program Files\Common Files\<DIR> Symantec Shared [12/17/2008|08:49] C:\Program Files\Common Files\<DIR> System [08/24/2006|01:43] C:\Program Files\Common Files\<DIR> xing shared --------------------\\ Process ( 71 Processes ) ... OK ! --------------------\\ Searching with S_Lop No Lop folder found ! --------------------\\ Searching for Lop Files - Folders C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrator@advertising[2].txt C:\WINDOWS\Tasks\full12608.job --------------------\\ Searching within the Registry ..... OK ! --------------------\\ Checking the Hosts file Hosts file CLEAN --------------------\\ Searching for hidden files with Catchme --------------------\\ Searching for other infections C:\WINDOWS\system32\JPsDgfii.ini C:\WINDOWS\system32\JPsDgfii.ini2 C:\WINDOWS\system32\iifgDsPJ.dll.vir ==> VUNDO <== [F:208][D:21]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp [F:154][D:0]-> C:\DOCUME~1\HP_ADM~1\Cookies [F:1063][D:6]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - Sun 02/15/2009|15:44 - Option : [1] --------------------\\ Scan completed at 15:44:40
  10. Logfile of random's system information tool 1.05 (written by random/random) Run by HP_Administrator at 2009-02-15 15:38:33 Microsoft Windows XP Professional Service Pack 3 System drive C: has 220 GB (74%) free of 296 GB Total RAM: 2046 MB (65% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:38:36 PM, on 2/15/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\McAfee\MBK\MBackMonitor.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\Program Files\McAfee\VirusScan\McShield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\Explorer.EXE c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Philips\Auto Run Software for Photo Frame\PhotoManager.exe C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe C:\Program Files\DISC\DISCover.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\AIM6\aim6.exe C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe C:\Program Files\DISC\DiscStreamHub.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Common Files\Roxio Shared\SharedCOM8\CPSHelpRunner.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqnrs08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\AIM6\aolsoftware.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\HPZinw12.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\HP\KBD\KBD.EXE c:\windows\system\hpsysdrv.exe C:\Documents and Settings\HP_Administrator\Desktop\RSIT.exe C:\Program Files\Trend Micro\HijackThis\HP_Administrator.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://*.trymedia.com (HKLM) O16 - DPF: PackageCab - http://ak.imgag.com/imgag/cp/install/AxCtp2.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe O23 - Service: HP Status Server (hp status server) - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\McShield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: PC Tools Auxiliary Service (sdauxservice) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdcoreservice) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Viewpoint Manager Service - Unknown owner - C:\Program Files\Viewpoint\Common\ViewpointService.exe (file missing) O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/HP_ADM~1/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg O24 - Desktop Component 1: (no name) - http://www.hrwc.org/text/buffer.htm# O24 - Desktop Component 2: (no name) - http://www.everyculture.com/multi/images/gema_02_img0137.jpg O24 - Desktop Component 3: (no name) - http://www.ushmm.org/lcmedia/photo/wlc/image/74/74907.jpg -- End of file - 15316 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 2200 series#1164562113.job C:\WINDOWS\tasks\full12608.job C:\WINDOWS\tasks\McDefragTask.job C:\WINDOWS\tasks\McQcTask.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478d38-c3f9-4efb-9b51-7695eca05670}] &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497bb-d6f0-462c-b6eb-d4daf1d92d43}] SSVHelper Class - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 440056] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}] scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-11-09 58688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AAAE832A-5FFF-4661-9C8F-369692D1DCB9}] hpWebHelper Class - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fdad4da1-61a2-4fd8-9c17-86f7ac245081}] SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28 160496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584] "ftutil2"=C:\WINDOWS\system32\ftutil2.dll [2004-06-07 106496] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-13 16239616] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2006-06-23 86016] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2006-06-23 81920] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2006-07-06 151552] "DMAScheduler"=c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe [2006-04-13 90112] "Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2005-07-22 237568] "HPBootOp"=C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [2006-02-15 249856] "Reminder"=C:\Windows\Creator\Remind_XP.exe [2004-12-14 663552] "HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [2006-02-19 49152] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-08-11 7630848] "nwiz"=nwiz.exe /install [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-08-11 86016] "TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2006-08-24 180269] "Auto Run Software for Photo Frame"=C:\Program Files\Philips\Auto Run Software for Photo Frame\PhotoManager.exe [2006-08-04 2110464] "RoxioDragToDisc"=C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe [2005-10-20 1687552] ""= [] "RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe [2005-10-21 163840] "DISCover"=C:\Program Files\DISC\DISCover.exe [2007-10-30 1095256] "Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe [2007-03-09 63712] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-01-10 385024] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-01-15 267048] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-11-01 582992] "MBkLogOnHook"=C:\Program Files\McAfee\MBK\LogOnHook.exe [2007-01-08 20480] "McAfee Backup"=C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe [2007-01-16 4838952] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [2006-11-09 49263] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232] "Aim6"=C:\Program Files\AIM6\aim6.exe [2008-10-31 50480] "Uniblue RegistryBooster 2"=C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe [2007-10-22 1885464] "AdobeUpdater"=C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2007-06-12 2321600] "DelayShred"=c:\PROGRA~1\mcafee\mshr\ShrCL.EXE [2007-12-04 111904] C:\Documents and Settings\All Users\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe hp psc 2000 Series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2006-06-23 147456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe"="C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP" "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink" "C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe:*:Enabled:backWeb-7288971" "C:\Program Files\Common Files\PocketSoft\RTPatch\AutoRTP\artpschd.exe"="C:\Program Files\Common Files\PocketSoft\RTPatch\AutoRTP\artpschd.exe:*:Enabled:artpschd" "C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger" "C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare" "C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader" "C:\Program Files\HP Games\Wheel of Fortune\Wheel of Fortune.exe"="C:\Program Files\HP Games\Wheel of Fortune\Wheel of Fortune.exe:*:Enabled:Wheel of Fortune" "C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM" "C:\WINDOWS\system32\ftp.exe"="C:\WINDOWS\system32\ftp.exe:*:Enabled:File Transfer Program" "E:\setup\HPZNET01.EXE"="E:\setup\HPZNET01.EXE:*:Enabled:hpznet01.exe" "E:\setup\HPONICIFS01.EXE"="E:\setup\HPONICIFS01.EXE:*:Enabled:hponicifs01.exe" "C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:Spooler SubSystem App" "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe" "C:\Program Files\DISC\DISCover.exe"="C:\Program Files\DISC\DISCover.exe:*:Enabled:DISCover Drop & Play System" "C:\Program Files\DISC\DiscStreamHub.exe"="C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub" "C:\Program Files\DISC\myFTP.exe"="C:\Program Files\DISC\myFTP.exe:*:Enabled:DISCover FTP" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Rhapsody\rhapsody.exe"="C:\Program Files\Rhapsody\rhapsody.exe:*:Enabled:Rhapsody Media Player" "C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe"="C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe:*:Enabled:Roxio Upnp Service" "C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe"="C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe:*:Enabled:McAfee Data Backup" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe"="C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\M] shell\p\command - Explorer File="\Click Here.htm" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{27cfd0da-fb77-11dd-ba0e-0018f328986c}] shell\autorun\command - qphdin.com shell\open\command - qphdin.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{78d35d2d-84e1-11db-a12c-0018f328986c}] shell\autorun\command - M:\opgde.exe shell\open\command - M:\opgde.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{915392f4-8c0f-11dc-b9a0-0018f328986c}] shell\AutoRun\command - L:\m0vnonh.bat shell\open\command - L:\m0vnonh.bat [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c20363e5-fba8-11dd-ba12-0018f328986c}] shell\autorun\command - N:\qphdin.com shell\open\command - N:\qphdin.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e7acb777-67b7-11db-a101-806d6172696f}] shell\autorun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480 ======File associations====== .ini - open - C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1 .txt - open - C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1 ======List of files/folders created in the last 1 months====== 2009-02-15 15:38:33 ----D---- C:\rsit 2009-02-15 11:29:36 ----D---- C:\_OTScanIt 2009-02-14 17:19:02 ----D---- C:\Program Files\Trend Micro 2009-02-14 15:51:45 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-02-14 15:51:45 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-02-14 15:50:08 ----D---- C:\WINDOWS\CSC 2009-02-14 12:53:51 ----A---- C:\WINDOWS\system32\qyysbnoi.dll 2009-02-14 10:36:20 ----A---- C:\WINDOWS\ntbtlog.txt 2009-02-13 23:09:32 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Yahoo! 2009-02-13 23:09:32 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2009-02-13 23:09:27 ----D---- C:\Program Files\CCleaner 2009-02-13 19:01:07 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-02-13 19:00:54 ----D---- C:\Program Files\Spyware Doctor 2009-02-13 19:00:54 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\PC Tools 2009-02-13 18:59:25 ----A---- C:\WINDOWS\system32\mcrh.tmp 2009-02-13 18:27:07 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-02-13 18:27:07 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-02-13 18:18:09 ----A---- C:\WINDOWS\system32\dphmqm.dll 2009-02-13 18:18:08 ----A---- C:\WINDOWS\system32\nldakesr.dll 2009-02-13 18:15:11 ----A---- C:\WINDOWS\system32\hgwguled.dll 2009-02-12 15:13:17 ----A---- C:\WINDOWS\system32\fpojki.dll 2009-02-12 15:13:16 ----A---- C:\WINDOWS\system32\abwxwvgu.dll 2009-02-11 15:10:14 ----N---- C:\WINDOWS\system32\eqoslukm.dll 2009-02-11 15:07:37 ----A---- C:\WINDOWS\system32\qgzpdn.dll 2009-02-11 15:07:35 ----A---- C:\WINDOWS\system32\fhmkfrde.dll 2009-02-10 19:51:50 ----A---- C:\WINDOWS\system32\rqRJCRLf.dll 2009-02-10 19:51:44 ----A---- C:\WINDOWS\system32\xxyvvTjH.dll 2009-02-10 17:54:18 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\McAfee 2009-02-10 09:02:13 ----N---- C:\WINDOWS\system32\ileojnro.dll 2009-02-10 09:02:11 ----A---- C:\WINDOWS\system32\ebf5f539-.txt 2009-02-10 09:01:07 ----ASH---- C:\WINDOWS\system32\JPsDgfii.ini2 2009-02-10 09:01:07 ----ASH---- C:\WINDOWS\system32\JPsDgfii.ini 2009-02-10 09:01:05 ----A---- C:\WINDOWS\system32\iifgDsPJ.dll.vir 2009-02-10 08:55:57 ----A---- C:\WINDOWS\system32\nnnkHWoP.dll 2009-01-27 22:07:19 ----D---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage ======List of files/folders modified in the last 1 months====== 2009-02-15 15:37:04 ----D---- C:\WINDOWS\Temp 2009-02-15 15:35:32 ----D---- C:\WINDOWS 2009-02-15 15:31:10 ----D---- C:\WINDOWS\system32 2009-02-15 15:31:08 ----D---- C:\WINDOWS\Registration 2009-02-15 15:30:51 ----D---- C:\WINDOWS\system32\CatRoot2 2009-02-15 14:19:05 ----D---- C:\WINDOWS\system32\drivers 2009-02-15 12:53:17 ----HD---- C:\Config.Msi 2009-02-15 12:51:14 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-02-15 10:11:12 ----D---- C:\WINDOWS\Prefetch 2009-02-15 09:13:25 ----D---- C:\Python22 2009-02-15 09:12:30 ----D---- C:\Program Files\Viewpoint 2009-02-15 09:12:30 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint 2009-02-15 09:12:11 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Viewpoint 2009-02-15 09:11:01 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Move Networks 2009-02-15 09:10:39 ----SHD---- C:\WINDOWS\Installer 2009-02-15 09:09:01 ----HD---- C:\Program Files\InstallShield Installation Information 2009-02-14 17:19:02 ----D---- C:\Program Files 2009-02-14 10:32:20 ----D---- C:\WINDOWS\system32\Restore 2009-02-14 10:15:45 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-02-14 10:15:45 ----HD---- C:\WINDOWS\inf 2009-02-14 10:15:44 ----SD---- C:\WINDOWS\Tasks 2009-02-14 10:09:39 ----D---- C:\Program Files\Google 2009-02-14 09:54:03 ----SHD---- C:\System Volume Information 2009-02-13 23:13:16 ----D---- C:\WINDOWS\Minidump 2009-02-13 21:22:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-02-13 18:17:33 ----D---- C:\WINDOWS\WinSxS 2009-02-13 15:52:51 ----RSHD---- C:\WINDOWS\system32\dllcache 2009-02-13 15:51:57 ----D---- C:\WINDOWS\system 2009-02-12 16:44:28 ----D---- C:\Program Files\HP 2009-02-12 16:43:43 ----D---- C:\Program Files\DivX 2009-02-12 16:42:52 ----A---- C:\WINDOWS\imsins.BAK 2009-02-10 18:16:06 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-02-10 17:54:13 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee 2009-02-01 12:54:57 ----A---- C:\WINDOWS\cdplayer.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2005-10-20 311680] R1 ELhid;EL hid Service; \??\C:\WINDOWS\System32\Drivers\Elhid.sys [] R1 ELkbd;EL KB Service; \??\C:\WINDOWS\System32\Drivers\Elkbd.sys [] R1 ELmon;EL Monitor Service; \??\C:\WINDOWS\System32\Drivers\Elmon.sys [] R1 ELmou;EL Mouse Service; \??\C:\WINDOWS\System32\Drivers\Elmou.sys [] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352] R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592] R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2007-11-22 201320] R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2007-07-13 113952] R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2005-10-20 119168] R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-09 12032] R2 MCSTRM;MCSTRM; C:\WINDOWS\system32\drivers\MCSTRM.sys [2006-10-29 8413] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544] R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2005-10-20 27264] R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2006-05-16 229376] R3 ELacpi;ELacpi; C:\WINDOWS\system32\DRIVERS\ELacpi.sys [2006-05-09 9728] R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664] R3 hcwPP2;Hauppauge WinTV PVR PCI II ([23|25|26]xxx); C:\WINDOWS\system32\DRIVERS\hcwPP2.sys [2006-04-13 168064] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidIr;Microsoft Infrared HID Driver; C:\WINDOWS\system32\DRIVERS\hidir.sys [2008-04-13 19200] R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664] R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496] R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568] R3 HSX_DP;HSX_DP; C:\WINDOWS\system32\DRIVERS\HSX_DP.sys [2005-12-06 936448] R3 HSXHWBS2;HSXHWBS2; C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys [2005-12-06 241664] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-14 4299264] R3 IrBus;Infrared bus filter driver for eHome remote controls; C:\WINDOWS\system32\DRIVERS\IrBus.sys [2008-04-13 46592] R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2007-11-22 79304] R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2007-11-22 35240] R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2007-12-02 40488] R3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2005-10-20 27136] R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160] R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-08-11 3958496] R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2005-12-12 19072] R3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784] R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 winachsx;winachsx; C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys [2005-12-06 670208] S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128] S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912] S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\BVRPMPR5.SYS [] S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2006-06-23 1095680] S3 ikfilesec;File Security Driver; C:\WINDOWS\system32\drivers\ikfilesec.sys [2009-02-13 40840] S3 iksysflt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2009-02-13 66952] S3 iksyssec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2009-02-13 81288] S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2007-11-22 33832] S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S4 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2005-10-21 50176] S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73472] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-01-15 110592] R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376] R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2005-12-15 237568] R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912] R2 ELService;Intel® Quick Resume technology; C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe [2006-06-02 180224] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2006-07-06 90112] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-06-21 49152] R2 MBackMonitor;MBackMonitor; C:\Program Files\McAfee\MBK\MBackMonitor.exe [2007-01-16 71208] R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976] R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-01-25 2458128] R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248] R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328] R2 McShield;McAfee Real-time Scanner; C:\Program Files\McAfee\VirusScan\McShield.exe [2007-07-24 144704] R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-08-11 155715] R2 RoxWatch;Roxio Hard Drive Watcher; C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe [2005-10-21 155648] R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-12-05 695624] R3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632] R3 RoxMediaDB;RoxMediaDB; C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe [2005-10-21 864256] S2 RoxLiveShare;LiveShare P2P Server; C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe [2005-10-21 229376] S2 RoxUpnpServer;RoxUpnpServer; C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe [2005-10-21 405504] S2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776] S3 hp status server;HP Status Server; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [2004-10-16 73728] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-01-15 504104] S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 RoxUPnPRenderer;RoxUpnpRenderer; C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe [2005-10-21 45056] S3 sdauxservice;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920] S3 sdcoreservice;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-02-13 1079176] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] -----------------EOF----------------- info.txt logfile of random's system information tool 1.05 2009-02-15 15:38:38 ======Uninstall list====== -->"C:\Program Files\HP Games\Airstrike 2 Gulf Thunder\Uninstall.exe" -->"C:\Program Files\HP Games\Alien Shooter\Uninstall.exe" -->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe" -->"C:\Program Files\HP Games\Bistro Stars\Uninstall.exe" -->"C:\Program Files\HP Games\Blackhawk Striker 2\Uninstall.exe" -->"C:\Program Files\HP Games\Blasterball 2 Remix\Uninstall.exe" -->"C:\Program Files\HP Games\Blasterball 2 Revolution\Uninstall.exe" -->"C:\Program Files\HP Games\Bookworm Deluxe\Uninstall.exe" -->"C:\Program Files\HP Games\Bounce Symphony\Uninstall.exe" -->"C:\Program Files\HP Games\Cake Mania\Uninstall.exe" -->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe" -->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe" -->"C:\Program Files\HP Games\Family Feud\Uninstall.exe" -->"C:\Program Files\HP Games\FATE\Uninstall.exe" -->"C:\Program Files\HP Games\Garden Dreams\Uninstall.exe" -->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe" -->"C:\Program Files\HP Games\JEOPARDY\Uninstall.exe" -->"C:\Program Files\HP Games\Jewel Quest\Uninstall.exe" -->"C:\Program Files\HP Games\LEGO Builder Bots\Uninstall.exe" -->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe" -->"C:\Program Files\HP Games\Mystery Case Files\Uninstall.exe" -->"C:\Program Files\HP Games\Penguins!\Uninstall.exe" -->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe" -->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe" -->"C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe" -->"C:\Program Files\HP Games\SCRABBLE\Uninstall.exe" -->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe" -->"C:\Program Files\HP Games\Snowy Space Trip\Uninstall.exe" -->"C:\Program Files\HP Games\Super Granny\Uninstall.exe" -->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe" -->"C:\Program Files\HP Games\Wheel of Fortune\Uninstall.exe" -->"C:\Program Files\WildTangent\Apps\My HP Game Console\Uninstall.exe" -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {637099FB-45FD-4BC7-9651-6FB540DBB749} -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920} -->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF} -->MsiExec.exe /I{26792CA7-D87A-4DBE-896B-C2F66B344511} -->MsiExec.exe /I{637099FB-45FD-4BC7-9651-6FB540DBB749} -->MsiExec.exe /I{6D4F02C4-F6AF-4659-A933-7FC06235A8D5} -->MsiExec.exe /I{7FD9FD10-9F7F-4DDF-B9F0-911209FF0CEA} -->MsiExec.exe /I{8C60949A-46F9-4DD7-BA9F-78C00D9D4C8D} -->MsiExec.exe /I{EB748B9B-F872-4E95-98E8-5CA7E5425DAF} -->MsiExec.exe /I{F0EACC27-A729-406C-9BF6-C8F10CEC36F8} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003} Adobe
  11. ran the fix policies - ran fine...I brought up IE and the win32dnschanger did not redirect my browser... went to load the next couple of programs and the computer was froze.. Hard reboot in process
  12. do you want me to do the above in safe mode or normal mode
  13. Had to do a hard power off out of safe mode and then I went back into safe mode - here is the new scan file OTScanIt2.Txt OTScanIt2.Txt
  14. in windows task manager it has two instances of otscanit2 running but both are not responding
  15. the fix is still running I think it is hung, there are no icons on my desktop as well behind the program which is strange as well
  16. how long should it take to run the hour glass spinning - and the bottom says fix running
  17. Sorry here is the attached file OTScanIt.Txt OTScanIt.Txt
  18. when I copy to the infected computer via usb memory stick - it will not start the program? any suggestions
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.