Thanks for the reply!
I've downloaded and run VundoFix and DSS, as per your instructions.
VundoFix turned up nothing malicious, and left me with only this:
___________________________________________________________________
VundoFix V7.0.6
Scan started at 10:51:17 PM 7/29/2008
Listing files found while scanning....
No infected files were found.
Beginning removal...
____________________________________________________________________
Here, as requested, is a current HijackThis log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:25:02 PM, on 7/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
G:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
G:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
G:\Program Files\F-Secure Internet Security\Anti-Virus\FSGK32.EXE
G:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
G:\Program Files\F-Secure Internet Security\Common\FSMB32.EXE
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\nvsvc32.exe
G:\Program Files\F-Secure Internet Security\Common\FCH32.EXE
G:\WINDOWS\system32\svchost.exe
G:\Program Files\F-Secure Internet Security\Anti-Virus\fsqh.exe
G:\Program Files\F-Secure Internet Security\Common\FAMEH32.EXE
G:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe
G:\Program Files\F-Secure Internet Security\Anti-Virus\fssm32.exe
G:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
G:\Program Files\F-Secure Internet Security\FSAUA\program\fsus.exe
G:\Program Files\F-Secure Internet Security\Anti-Virus\fsav32.exe
G:\WINDOWS\system32\wscntfy.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\system32\RUNDLL32.EXE
G:\Program Files\Microsoft IntelliType Pro\type32.exe
G:\Program Files\Microsoft IntelliPoint\point32.exe
G:\WINDOWS\system32\CTHELPER.EXE
G:\Program Files\HP\hpcoretech\hpcmpmgr.exe
G:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
G:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
G:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
G:\Program Files\ESPNRunTime\DIGServices.exe
G:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
G:\Program Files\Common Files\Real\Update_OB\realsched.exe
G:\WINDOWS\SM1BG.EXE
G:\Program Files\DropBox\DropBox\DropBox.exe
G:\WINDOWS\system32\ctfmon.exe
G:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
G:\Program Files\Messenger\msmsgs.exe
G:\Program Files\F-Secure Internet Security\FSGUI\fsguidll.exe
G:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
G:\Program Files\Windows Media Player\WMPNSCFG.exe
G:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
G:\Program Files\Google\Google Updater\GoogleUpdater.exe
G:\Program Files\NETGEAR\WG111U Configuration Utility\WG111UCFG.exe
G:\Program Files\Internet Explorer\IEXPLORE.EXE
G:\WINDOWS\notepad.exe
G:\WINDOWS\notepad.exe
G:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE G:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [type32] "G:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "G:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] G:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] G:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [HP Component Manager] "G:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] G:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] G:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [EEventManager] G:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [DIGServices] G:\Program Files\ESPNRunTime\DIGServices.exe /brand=ESPN /priority=0 /poll=24
O4 - HKLM\..\Run: [Adobe Photo Downloader] "G:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "G:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SM1BG] G:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [DropBoxUtility] "G:\Program Files\DropBox\DropBox\DropBox.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "G:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RoxWatchTray] "G:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] G:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [+,-./0123456789:;<=exe] !"#$%&'()*+,-./0123456789:;<=exe
O4 - HKLM\..\Run: [3456789:;<=>?@ABCDEFGexe] ()*+,-./0123456789:;<=>?@ABCDEFGexe
O4 - HKLM\..\Run: [F-Secure Manager] "G:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "G:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [ctfmon.exe] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "G:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "G:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] G:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [+,-./0123456789:;<=exe] !"#$%&'()*+,-./0123456789:;<=exe
O4 - HKCU\..\Run: [3456789:;<=>?@ABCDEFGexe] ()*+,-./0123456789:;<=>?@ABCDEFGexe
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = G:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Google Updater.lnk = G:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Smart Wizard Wireless Settings.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://G:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://G:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://www1.snapfish...fishActivia.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by130fd.bay13...es/MsnPUpld.cabO16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) -
http://www.kodakgall..._1/axofupld.cabO16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) -
http://www.kodakgall..._2/axofupld.cabO16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) -
https://h17000.www1....loadManager.ocxO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://cdn2.zone.msn...ro.cab56649.cabO16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) -
http://support.f-sec.../fshc/fscax.cabO23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - G:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - G:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - G:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - G:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - G:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - G:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - G:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - G:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - G:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - G:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - G:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - G:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - G:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - G:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
--
End of file - 10657 bytes
________________________________________________________________________________
_______
Here, also as requested, are the two .txt documents produced by DSS:
________________________________________________________________________________
_______
(main.txt)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:25:02 PM, on 7/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
G:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
G:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
G:\Program Files\F-Secure Internet Security\Anti-Virus\FSGK32.EXE
G:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
G:\Program Files\F-Secure Internet Security\Common\FSMB32.EXE
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\nvsvc32.exe
G:\Program Files\F-Secure Internet Security\Common\FCH32.EXE
G:\WINDOWS\system32\svchost.exe
G:\Program Files\F-Secure Internet Security\Anti-Virus\fsqh.exe
G:\Program Files\F-Secure Internet Security\Common\FAMEH32.EXE
G:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe
G:\Program Files\F-Secure Internet Security\Anti-Virus\fssm32.exe
G:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
G:\Program Files\F-Secure Internet Security\FSAUA\program\fsus.exe
G:\Program Files\F-Secure Internet Security\Anti-Virus\fsav32.exe
G:\WINDOWS\system32\wscntfy.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\system32\RUNDLL32.EXE
G:\Program Files\Microsoft IntelliType Pro\type32.exe
G:\Program Files\Microsoft IntelliPoint\point32.exe
G:\WINDOWS\system32\CTHELPER.EXE
G:\Program Files\HP\hpcoretech\hpcmpmgr.exe
G:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
G:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
G:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
G:\Program Files\ESPNRunTime\DIGServices.exe
G:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
G:\Program Files\Common Files\Real\Update_OB\realsched.exe
G:\WINDOWS\SM1BG.EXE
G:\Program Files\DropBox\DropBox\DropBox.exe
G:\WINDOWS\system32\ctfmon.exe
G:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
G:\Program Files\Messenger\msmsgs.exe
G:\Program Files\F-Secure Internet Security\FSGUI\fsguidll.exe
G:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
G:\Program Files\Windows Media Player\WMPNSCFG.exe
G:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
G:\Program Files\Google\Google Updater\GoogleUpdater.exe
G:\Program Files\NETGEAR\WG111U Configuration Utility\WG111UCFG.exe
G:\Program Files\Internet Explorer\IEXPLORE.EXE
G:\WINDOWS\notepad.exe
G:\WINDOWS\notepad.exe
G:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE G:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [type32] "G:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "G:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] G:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] G:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [HP Component Manager] "G:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] G:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] G:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [EEventManager] G:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [DIGServices] G:\Program Files\ESPNRunTime\DIGServices.exe /brand=ESPN /priority=0 /poll=24
O4 - HKLM\..\Run: [Adobe Photo Downloader] "G:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "G:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SM1BG] G:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [DropBoxUtility] "G:\Program Files\DropBox\DropBox\DropBox.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "G:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RoxWatchTray] "G:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] G:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [+,-./0123456789:;<=exe] !"#$%&'()*+,-./0123456789:;<=exe
O4 - HKLM\..\Run: [3456789:;<=>?@ABCDEFGexe] ()*+,-./0123456789:;<=>?@ABCDEFGexe
O4 - HKLM\..\Run: [F-Secure Manager] "G:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "G:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [ctfmon.exe] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "G:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "G:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] G:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [+,-./0123456789:;<=exe] !"#$%&'()*+,-./0123456789:;<=exe
O4 - HKCU\..\Run: [3456789:;<=>?@ABCDEFGexe] ()*+,-./0123456789:;<=>?@ABCDEFGexe
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = G:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Google Updater.lnk = G:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Smart Wizard Wireless Settings.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://G:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://G:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://www1.snapfish...fishActivia.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by130fd.bay13...es/MsnPUpld.cabO16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) -
http://www.kodakgall..._1/axofupld.cabO16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) -
http://www.kodakgall..._2/axofupld.cabO16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) -
https://h17000.www1....loadManager.ocxO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://cdn2.zone.msn...ro.cab56649.cabO16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) -
http://support.f-sec.../fshc/fscax.cabO23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - G:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - G:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - G:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - G:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - G:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - G:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - G:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - G:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - G:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - G:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - G:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - G:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - G:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - G:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
--
End of file - 10657 bytes
________________________________________________________________________________
(extra.txt)
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® 4 CPU 3.40GHz
CPU 1: Intel® Pentium® 4 CPU 3.40GHz
Percentage of Memory in Use: 45%
Physical Memory (total/avail): 1023.48 MiB / 552.84 MiB
Pagefile Memory (total/avail): 2462 MiB / 1995.32 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1918.37 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 74.53 GiB total, 12.37 GiB free.
D: is CDROM (No Media)
E: is Fixed (FAT32) - 74.51 GiB total, 43.52 GiB free.
F: is Removable (No Media)
G: is Fixed (NTFS) - 74.52 GiB total, 50.3 GiB free.
H: is Removable (No Media)
\\.\PHYSICALDRIVE0 - ST380013AS - 74.53 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 74.52 GiB - G:
\\.\PHYSICALDRIVE1 - ST380013AS - 74.53 GiB - 1 partition
\PARTITION0 - Installable File System - 74.53 GiB - C:
\\.\PHYSICALDRIVE2 - Generic USB Disk USB Device - 74.53 GiB - 1 partition
\PARTITION0 - Unknown - 74.53 GiB - E:
\\.\PHYSICALDRIVE3 - USB2.0 CardReader CF RW USB Device
\\.\PHYSICALDRIVE4 - USB2.0 CardReader Combo USB Device
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
AntivirusOverride is set.
FW: F-Secure Internet Security 2008 8.00 v8.00 (F-Secure Corporation)
AV: F-Secure Internet Security 2008 8.00 v8.00 (F-Secure Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\\Program Files\\Bonjour\\mDNSResponder.exe"="G:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"G:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"="G:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe:*:Enabled:Kaspersky AV Scanner"
"G:\\Program Files\\DropBox\\DropBox\\DropBox.exe"="G:\\Program Files\\DropBox\\DropBox\\DropBox.exe:*:Enabled:DropBox"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=G:\Documents and Settings\All Users
APPDATA=G:\Documents and Settings\Brian\Application Data
CLASSPATH=.;G:\Program Files\QuickTime\QTSystem\QTJava.zip
COLLECTIONID=COL8143
CommonProgramFiles=G:\Program Files\Common Files
COMPUTERNAME=BANQUOSGHOST
ComSpec=G:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HMSERVER=https://wwss1proa.cce.hp.com/wuss/servlet/WUSSServlet
HOMEDRIVE=G:
HOMEPATH=\Documents and Settings\Brian
ITEMID=dj-22741-15
LANG=1033
LOGONSERVER=\\BANQUOSGHOST
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
OSVER=winXPP
Path=G:\WINDOWS\system32;G:\WINDOWS;G:\WINDOWS\System32\Wbem;G:\Program Files\Common Files\Roxio Shared\DLLShared;G:\Program Files\QuickTime\QTSystem\;G:\Program Files\Common Files\Roxio Shared\DLLShared\;G:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0304
ProgramFiles=G:\Program Files
PROMPT=$P$G
QTJAVA=G:\Program Files\QuickTime\QTSystem\QTJava.zip
RoxioCentral=G:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SESSIONID=1165941454312htx6060.cce.hp.com1bb7be:10f82c65710:-2d7e
SESSIONNAME=Console
SWUTVER=1.0.18.30716
SystemDrive=G:
SystemRoot=G:\WINDOWS
TEMP=G:\DOCUME~1\Brian\LOCALS~1\Temp
TIMEOUT=0
TMP=G:\DOCUME~1\Brian\LOCALS~1\Temp
TOOLPATH=/G:/Program%20Files/Hewlett-Packard/HP%20Software%20Update/install.htm
UPDATEDIR=G:\DOCUME~1\Brian\LOCALS~1\Temp\radE632F.tmp
USERDOMAIN=BANQUOSGHOST
USERNAME=Brian
USERPROFILE=G:\Documents and Settings\Brian
VERSION=3.0.5.001
windir=G:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Brian
(admin)Katerina
Administrator
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> "G:\Program Files\Creative\SBAudigy2ZS\Program\Ctzapxx.EXE" /W /U /S
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Automatic Update Agent"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GateKeeper Interface"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gemini"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Help"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure HIPS"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Internet Shield"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Localization API"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Pegasus Engine"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Protocol Scanner"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Control"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Scanner"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
--> "G:\Program Files\F-Secure Internet Security\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Uninstall"
--> G:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> G:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> G:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> G:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> G:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> G:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> G:\WINDOWS\UNRecode.exe /UNINSTALL
--> MsiExec.exe /I{0ADEA8E1-B211-41B8-8DD4-D9A5FB04A5FA}
--> MsiExec.exe /I{267D350E-51AB-40B8-AF9F-DA7ED5687044}
--> MsiExec.exe /I{7A9DC8F6-2466-4E04-BF51-BE499C5D02BD}
--> MsiExec.exe /I{85BD5F12-49EF-4B40-B1E0-77D85F6E99BF}
--> MsiExec.exe /I{C98E5F1B-5C2B-4FD1-BDF9-F3779DCAAA16}
--> MsiExec.exe /I{EA9741F6-A7F2-497B-BBE4-2ED0136649BE}
--> MsiExec.exe /X{C628EC93-8E17-4114-BCE7-2D181B93FA0F}
--> RunDll32 G:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{25EF00B9-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 G:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{25EF00BF-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 G:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{87499F38-FD69-4A2B-B41A-BAB8DE9B94FE}\setup.exe" -l0x9
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 G:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 6.0 Sprint --> MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) --> MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 9 ActiveX --> G:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX --> G:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 2.0 --> MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903}
Adobe Photoshop Elements 4.0 --> msiexec /I {EBB7C1C1-D439-4D9B-9FDC-954C10F266B0}
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Reader 8.1.2 Security Update 1 (KB403742) -->
allTunes --> G:\PROGRA~1\allTunes\UNWISE.EXE G:\PROGRA~1\allTunes\INSTALL.LOG
AnswerWorks 5.0 English Runtime --> RunDll32 G:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}\setup.exe" -l0x9 -uninst -removeonly
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Audacity 1.2.6 --> "G:\Program Files\Audacity\unins000.exe"
Belkin Gigabit Ethernet --> IDriver.exe /M{E9B0271B-E9D6-470B-99A4-BFE4D25D573D} /uninst
BlackBerry Desktop Software 4.3 --> MsiExec.exe /I{C178B38F-613A-4EFE-B718-A675BD27A1E1}
BlackBerry Desktop Software 4.3 --> MsiExec.exe /i{C178B38F-613A-4EFE-B718-A675BD27A1E1}
BUM --> MsiExec.exe /I{55937F00-A69B-4049-8D3A-1C7729742B6F}
Creative System Information --> RunDll32 G:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{87499F38-FD69-4A2B-B41A-BAB8DE9B94FE}\setup.exe" -l0x9 /remove
Crossword Compiler 7 --> G:\Program Files\Crossword Compiler 7\ccw.exe -Uninstall
Cypress USB Mass Storage Driver Installation --> RunDll32 G:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{2E0695EE-ED29-4D96-BD77-2A9A17EDF0D6}\Setup.exe" -l0x9 NotFirstInstall
DivX --> G:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Player --> G:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DropBox --> "G:\Program Files\DropBox\Uninstall.exe"
DVD Decrypter (Remove Only) --> "G:\Program Files\DVD Decrypter\uninstall.exe"
EPSON Attach To Email --> G:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3 --> RunDll32 G:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\setup.exe" -l0x9 -UnInstall
EPSON Event Manager --> RunDll32 G:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{48F22622-1CC2-4A83-9C1E-644DD96F832D}\Setup.exe" -l0x9 -u
EPSON File Manager --> RunDll32 G:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x9 UNINST
EPSON Perf 3490 3590 Guide --> G:\Program Files\epson\guide\perf_3490_3590_e\uninstall.exe
EPSON Scan --> G:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Scan Assistant --> RunDll32 G:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x9 -u
ESPN RunTime --> G:\Program Files\ESPNRunTime\DIGSvcUninstall.exe /brand=ESPN
F-Secure Internet Security 2008 --> "G:\Program Files\F-Secure Internet Security\FSGUI\PostInstall.exe" /tUnInstall
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Photos Screensaver --> MsiExec.exe /X{A52415E5-CA1E-44DE-9EDC-D412F31D271C}
Google Updater --> "G:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
HighMAT Extension to Microsoft Windows XP CD Writing Wizard --> MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 2.0.2 --> "G:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "G:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
hp deskjet 3600 --> msiexec /x{91A5B6C0-EF4E-4830-AC7D-6761C0A9B292}
HP Software Update --> MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
KODAK EASYSHARE Gallery Easy Upload, v2.0 --> G:\Documents and Settings\Brian\Local Settings\Application Data\KodakGallery\EasyShareSetup\$SETUP_140007_fd592d\Setup.exe /APR-REMOVE
KODAK EASYSHARE Gallery Upload ActiveX Control --> RunDll32 advpack.dll,LaunchINFSection G:\WINDOWS\Downloaded Program Files\axofupld.inf, Uninstall
MathPlayer --> G:\Program Files\Design Science\MathPlayer\Setup.exe -u
Microsoft Compression Client Pack 1.0 for Windows XP --> "G:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Outlook Connector for MSN --> MsiExec.exe /X{DC4DD556-DD03-422A-926B-470746D8B50D}
Microsoft Office XP Professional --> MsiExec.exe /I{91110409-6000-11D3-8CFE-0050048383C9}
Microsoft Text-to-Speech Engine 4.0 (English) --> RunDll32 advpack.dll,LaunchINFSection G:\WINDOWS\INF\msTTS.inf, Uninstall
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "G:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (2.0.0.11) --> G:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN --> G:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSN Encarta Plus Support Files --> MsiExec.exe /I{00000000-785F-478A-BAA2-87F1A136068C}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero 7 Essentials --> MsiExec.exe /X{EB8DC554-959C-49E9-B816-E488103B1033}
NETGEAR WG111U Software --> RunDll32 G:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{B5ACAA7E-ADC5-4F28-9F27-0C2AF65BB9DD}\SETUP.EXE" -uninst
NVIDIA Drivers --> G:\WINDOWS\system32\nvudisp.exe UninstallGUI
overland --> MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
PCFriendly --> G:\Program Files\PCFriendly\inuninst.exe
Peterson North American Birds --> G:\WINDOWS\uninst16.exe -fg:\PETERSON\DeIsL1.isu -c"g:\PETERSON\UNINST32.DLL"
Presto! BizCard 4.1 Eng --> G:\WINDOWS\IsUninst.exe -f"G:\Program Files\NewSoft\BizCard 4.1 Eng\Uninst.isu" -c"G:\WINDOWS\StiRegstEng.dll"
Q-bert 2004 (remove only) --> "G:\Program Files\Yahoo! Games\Q-bert 2004\Uninstall Q-bert 2004.exe"
Quicken 2008 --> MsiExec.exe /X{3B0F52AC-EF5C-4831-B221-06C782E41280}
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
RealPlayer --> G:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
REALTEK Gigabit and Fast Ethernet NIC Driver --> RunDll32 G:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\setup.exe" -l0x9 REMOVE
Return of Arcade Anniversary Edition --> "G:\Program Files\Microsoft Games\Return of Arcade AE\UNINSTAL.EXE" /runtemp /addremove
Roxio Media Manager --> MsiExec.exe /X{5EED93A8-33AD-46A7-A6AC-4DEAFBEFEEE1}
Sophos Anti-Rootkit 1.3.1 --> G:\Program Files\Sophos\Sophos Anti-Rootkit\helper.exe remove
Sound Blaster Audigy 2 ZS --> RunDll32 G:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{9E2514D9-DC24-4634-B348-61F3EF0F1628}\SETUP.EXE" -l0x9
Tweak UI --> "G:\WINDOWS\system32\mshta.exe" "res://G:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
USB Storage Adapter FX (SM1) --> SM1UN.EXE SM1FX_AT
Verizon Online --> G:\WINDOWS\system32\VerizonUninstaller.exe
Verizon Online Consumer DSL 6.0 --> RunDll32 G:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{95E1CCAE-8286-4035-B5F7-1B147254A2CB}\Setup.exe" -l0x9 UNINSTALL
Windows Imaging Component --> "G:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Format 11 runtime --> "G:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinZip --> "G:\Program Files\WinZip\WINZIP32.EXE" /uninstall
XML Paper Specification Shared Components Pack 1.0 -->
-- Application Event Log -------------------------------------------------------
Event Record #/Type6816 / Error
Event Submitted/Written: 07/29/2008 11:12:36 PM
Event ID/Source: 103 / F-Secure Anti-Virus
Event Description:
9 2008-07-29 23:12:36-07:00 banquosghost BANQUOSGHOST\Brian F-Secure Anti-Virus
Scanning of \DEVICE\HARDDISKVOLUME1\PROGRAM FILES\F-SECURE INTERNET SECURITY\FSAUA\SUBSCRIPTIONS\AVH_ORIONDB was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).
Event Record #/Type6815 / Error
Event Submitted/Written: 07/29/2008 11:10:44 PM
Event ID/Source: 103 / F-Secure Anti-Virus
Event Description:
8 2008-07-29 23:10:43-07:00 banquosghost BANQUOSGHOST\Brian F-Secure Anti-Virus
Malicious code found in file G:\Documents and Settings\Brian\Local Settings\Temp\ynrunuiw.dll.
Infection: Trojan.Win32.Monder.bdx
Action: The file was renamed.
Event Record #/Type6814 / Error
Event Submitted/Written: 07/29/2008 10:50:29 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application fsm32.exe, version 7.50.10035.0, faulting module user32.dll, version 5.1.2600.3099, fault address 0x00015a48.
Processing media-specific event for [fsm32.exe!ws!]
Event Record #/Type6813 / Error
Event Submitted/Written: 07/29/2008 10:34:22 PM
Event ID/Source: 103 / F-Secure Anti-Virus
Event Description:
7 2008-07-29 22:34:22-07:00 banquosghost BANQUOSGHOST\Brian F-Secure Anti-Virus
Malicious code found in file G:\Documents and Settings\Brian\Local Settings\Temp\ynrunuiw.dll.
Infection: Trojan.Win32.Monder.bdx
Event Record #/Type6812 / Error
Event Submitted/Written: 07/29/2008 10:34:21 PM
Event ID/Source: 103 / F-Secure Anti-Virus
Event Description:
6 2008-07-29 22:34:21-07:00 banquosghost BANQUOSGHOST\Brian F-Secure Anti-Virus
Malicious code found in file G:\Documents and Settings\Brian\Local Settings\Temporary Internet Files\Content.IE5\Y6QFPFWN\kb456456[1].
Infection: Trojan.Win32.Monder.bdx
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type20873 / Error
Event Submitted/Written: 07/28/2008 02:04:55 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1058" attempting to start the service wuauserv with arguments ""
in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Event Record #/Type20866 / Warning
Event Submitted/Written: 07/28/2008 00:17:26 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type20854 / Error
Event Submitted/Written: 07/28/2008 11:55:27 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1055" attempting to start the service NMIndexingService with arguments ""
in order to run the server:
{C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Event Record #/Type20843 / Error
Event Submitted/Written: 07/27/2008 02:58:03 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1058" attempting to start the service wuauserv with arguments ""
in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Event Record #/Type20842 / Warning
Event Submitted/Written: 07/27/2008 02:47:19 PM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk3\D during a paging operation.
-- End of Deckard's System Scanner: finished at 2008-07-29 23:14:36 ------------
________________________________________________________________________________
______________
Thanks again for all your help!
-Brian