Here is the Rsit Log
Logfile of random's system information tool 1.05 (written by random/random)
Run by pete at 2008-12-18 14:40:27
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 33 GB (43%) free of 76 GB
Total RAM: 503 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:40:56, on 12/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINNT\system32\PSIService.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\wanmpsvc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\wscntfy.exe
C:\WINNT\System32\hkcmd.exe
C:\Program Files\Gateway\Gateway Ink Monitor\GWInkMonitor.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\AOL\1147101167\ee\AOLSoftware.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINNT\system32\javaw.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Spyware Guard 2008\spywareguard.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Documents and Settings\pete\Desktop\RSIT.exe
C:\Documents and Settings\pete\Desktop\pete.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page =
http://www.gateway.netR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: GrandBar IE Helper - {84BA8988-33E1-4c89-A150-BF428E8D3213} - C:\Program Files\GrandPack\GrandPack2.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [Gateway Ink Monitor] "C:\Program Files\Gateway\Gateway Ink Monitor\GWInkMonitor.exe"
O4 - HKLM\..\Run: [Ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [SprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe
O4 - HKLM\..\Run: [HPHUPD08] C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1147101167\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [spywareguard] C:\Program Files\Spyware Guard 2008\spywareguard.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0a\AOL.EXE" -b (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINNT\system32\Macromed\Flash\GetFlash.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0a\AOL.EXE" -b (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINNT\system32\Macromed\Flash\GetFlash.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Bingo Luau by pogo -
http://game3.pogo.co...bingo-en_US.cabO16 - DPF: Blackjack by pogo -
http://game3.pogo.co...kjack-en_US.cabO16 - DPF: Blackjack Carnival by pogo -
http://game1.pogo.co...jack2-en_US.cabO16 - DPF: Canasta by pogo -
http://game1.pogo.co...nasta-en_US.cabO16 - DPF: Dice City Roller by pogo -
http://game1.pogo.co...z/ytz-en_US.cabO16 - DPF: Jungle Gin by pogo -
http://game1.pogo.co.../gin2-en_US.cabO16 - DPF: Lottso by pogo -
http://game1.pogo.co...ottso-en_US.cabO16 - DPF: PoppaZoppa by pogo -
http://game3.pogo.co...zoppa-en_US.cabO16 - DPF: Ride The Tide by pogo -
http://game3.pogo.co.../ride-en_US.cabO16 - DPF: Spider Solitaire by pogo -
http://game1.pogo.co...pider-en_US.cabO16 - DPF: Stellar Sweeper by pogo -
http://game1.pogo.co...eeper-en_US.cabO16 - DPF: Sweet Tooth 2 by Pogo -
http://game3.pogo.co...ooth2-en_US.cabO16 - DPF: Word Search Daily by pogo -
http://game3.pogo.co...earch-en_US.cabO16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) -
http://support.gatew...r/PCPitStop.CABO16 - DPF: {0FFFFFFF-0FFF-0FFF-0FFF-0FFFFFFFFFFF} -
http://www.upp2ono41...com/ff/inst.exeO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) -
http://www.worldwinn...GamesLoader.cabO16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) -
http://www.pogo.com/...erInstaller.CABO16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://photo.walgree...eensActivia.cabO16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) -
http://ipgweb.cce.hp...ads/sysinfo.cabO16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) -
http://tools.ebayimg...l_v1-0-3-48.cabO16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} (CSEQueryObject Object) -
http://www.myheritag...EngineQuery.dllO16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} (FreeCell Control) -
http://www.worldwinn...ll/freecell.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.micros...b?1148001763625O16 - DPF: {76A2A0AB-38B7-46DB-8E47-F10CDE4D7920} -
http://aerial.leepa....plugins/NCS.cabO16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) -
http://www.worldwinn...ed/wwlaunch.cabO16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} (Cubis Control) -
http://www.worldwinn...cubis/cubis.cabO16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) -
http://www.worldwinn...v46/sol/sol.cabO16 - DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} (compid Class) -
http://support.gatew...rvest/gwCID.CABO16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} (WwLuxor Control) -
http://www.worldwinn...luxor/luxor.cabO16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} (SwapIt Control) -
http://www.worldwinn...apit/swapit.cabO16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} (Paint Control) -
http://www.worldwinn...paint/paint.cabO16 - DPF: {D27CDB6E-AE6A-11CF-96B8-444553540000} -
http://hometown.aol....age/ProfR1G.exeO20 - AppInit_DLLs: bhrooz.dll
O21 - SSODL: ieModule - {AB1A4BF6-94F3-4985-83C7-5C215CA1B566} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll
O21 - SSODL: InternetConnection - {B586A221-86AC-404A-BE6F-37F9852E143A} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\nmwywcdtps.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\System32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINNT\system32\PSIService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINNT\wanmpsvc.exe
--
End of file - 11536 bytes
======Scheduled tasks folder======
C:\WINNT\tasks\AppleSoftwareUpdate.job
C:\WINNT\tasks\ISP signup reminder 1.job
C:\WINNT\tasks\ISP signup reminder 2.job
C:\WINNT\tasks\ISP signup reminder 3.job
C:\WINNT\tasks\ohncczvg.job
C:\WINNT\tasks\pdjpzhyb.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84BA8988-33E1-4c89-A150-BF428E8D3213}]
GrandBar IE Helper - C:\Program Files\GrandPack\GrandPack2.dll [2008-12-11 133120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4982D40A-C53B-4615-B15B-B5B5E98D167C} - AOL Toolbar - C:\Program Files\AOL Toolbar\toolbar.dll [2005-04-20 472744]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINNT\System32\igfxtray.exe [2003-11-18 155648]
"HotKeysCmds"=C:\WINNT\System32\hkcmd.exe [2003-11-18 118784]
"Gateway Ink Monitor"=C:\Program Files\Gateway\Gateway Ink Monitor\GWInkMonitor.exe [2003-11-05 303180]
"Ink Monitor"=C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe [2002-05-29 258118]
"MimBoot"=C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe [2005-05-10 11776]
"UserFaultCheck"=C:\WINNT\system32\dumprep 0 -u []
"RoxioDragToDisc"=C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe [2005-03-08 1695744]
"SprintModemUpdate"=javaw.exe -cp C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar com.motive.firmwareUpdater.client.SprintModemUpdate []
"Motive SmartBridge"=C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe [2004-10-05 380928]
"HPHUPD08"=C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe [2005-06-01 49152]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]
"HostManager"=C:\Program Files\Common Files\AOL\1147101167\ee\AOLSoftware.exe [2006-09-25 50736]
"AOLDialer"=C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [2006-10-23 71216]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-10 116040]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-07-10 289064]
"spywareguard"=C:\Program Files\Spyware Guard 2008\spywareguard.exe [2008-12-18 1183232]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINNT\system32\ctfmon.exe [2004-08-04 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\742667e9]
C:\WINNT\system32\rhinfakf.dll []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\88154]
c:\juiugnfqcfqalzlx\jteseqxpam.exe [2006-08-22 1728754]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor]
C:\PROGRA~1\MYWEBS~1\bar\3.bin\m3SrchMn.exe /m=2 /w []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Plugin]
rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\M3PLUGIN.DLL []
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="bhrooz.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINNT\system32\igfxsrvc.dll [2003-11-18 323584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINNT\system32\WPDShServiceObj.dll [2006-10-18 133632]
ieModule - {AB1A4BF6-94F3-4985-83C7-5C215CA1B566} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll [2008-12-15 3463680]
InternetConnection - {B586A221-86AC-404A-BE6F-37F9852E143A} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\nmwywcdtps.dll [2008-12-15 628224]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Sprint TotalAccess\TaskPanl.exe"="C:\Program Files\Sprint TotalAccess\TaskPanl.exe:*:Enabled:TaskPanl"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\America Online 9.0a\waol.exe"="C:\Program Files\America Online 9.0a\waol.exe:*:Enabled:America Online 9.0a"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL Connectivity Service"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\Common Files\AOL\1147101167\ee\aolsoftware.exe"="C:\Program Files\Common Files\AOL\1147101167\ee\aolsoftware.exe:*:Enabled:AOL Services"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Documents and Settings\Angie\Local Settings\Temporary Internet Files\Content.IE5\IX5I36XG\incredimail_install[1].exe"="C:\Documents and Settings\Angie\Local Settings\Temporary Internet Files\Content.IE5\IX5I36XG\incredimail_install[1].exe:*:Enabled:IncrediMail Installer"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======File associations======
.txt - open -
======List of files/folders created in the last 3 months======
2008-12-18 14:40:27 ----D---- C:\rsit
2008-12-18 14:25:03 ----A---- C:\WINNT\vmreg.dll
2008-12-18 14:25:03 ----A---- C:\WINNT\reged.exe
2008-12-18 14:25:01 ----A---- C:\WINNT\sysexplorer.exe
2008-12-18 14:25:01 ----A---- C:\WINNT\syscert.exe
2008-12-18 14:25:00 ----A---- C:\WINNT\sys.com
2008-12-18 14:25:00 ----A---- C:\WINNT\spoolsystem.exe
2008-12-18 14:24:58 ----D---- C:\Program Files\Spyware Guard 2008
2008-12-18 10:17:04 ----A---- C:\rapport.txt
2008-12-17 20:45:39 ----D---- C:\Documents and Settings\pete\Application Data\Malwarebytes
2008-12-17 20:45:21 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-17 20:45:21 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-17 20:26:41 ----A---- C:\WINNT\SchedLgU.Txt
2008-12-17 20:09:47 ----A---- C:\WINNT\ntbtlog.txt
2008-12-17 19:41:24 ----A---- C:\rapport_search.txt
2008-12-17 19:31:31 ----A---- C:\rapport2.txt
2008-12-17 19:09:03 ----A---- C:\WINNT\system32\tmp.txt
2008-12-17 19:07:04 ----A---- C:\rapport1.txt
2008-12-17 18:13:05 ----D---- C:\Program Files\CCleaner
2008-12-16 18:40:11 ----HD---- C:\WINNT\PIF
2008-12-16 18:21:24 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-16 18:21:24 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-16 17:41:38 ----D---- C:\Program Files\ZipCentral
2008-12-16 17:33:30 ----D---- C:\Program Files\Lavasoft
2008-12-16 17:31:30 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-15 20:32:46 ----D---- C:\Documents and Settings\pete\Application Data\Macromedia
2008-12-15 20:32:37 ----D---- C:\Documents and Settings\pete\Application Data\Adobe
2008-12-15 20:30:28 ----D---- C:\Documents and Settings\pete\Application Data\AOL
2008-12-15 20:26:31 ----A---- C:\WINNT\system32\jkkJdExV.dll
2008-12-15 20:25:58 ----ASH---- C:\Documents and Settings\pete\Application Data\desktop.ini
2008-12-15 20:25:56 ----SD---- C:\Documents and Settings\pete\Application Data\Microsoft
2008-12-15 20:25:56 ----D---- C:\Documents and Settings\pete\Application Data\Symantec
2008-12-15 20:25:56 ----D---- C:\Documents and Settings\pete\Application Data\Sun
2008-12-15 20:25:56 ----D---- C:\Documents and Settings\pete\Application Data\Identities
2008-12-15 19:22:18 ----A---- C:\Documents and Settings\All Users\Application Data\svhost.exe
2008-12-15 19:13:10 ----D---- C:\Program Files\GrandPack
2008-12-15 17:08:08 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-12-15 17:06:52 ----A---- C:\WINNT\system32\kxkhhh.dll
2008-12-15 17:06:52 ----A---- C:\WINNT\system32\ahpfdpbo.dll
2008-12-13 20:04:23 ----ASH---- C:\WINNT\system32\upgvjrbc.ini
2008-12-13 20:02:51 ----A---- C:\WINNT\system32\ethcvf.dll
2008-12-13 20:02:49 ----A---- C:\WINNT\system32\mvbxcklt.dll
2008-12-13 20:01:50 ----A---- C:\WINNT\system32\7f05a397-.txt
2008-12-13 19:56:04 ----A---- C:\WINNT\system32\opnkllIc.dll
2008-11-01 15:44:40 ----D---- C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-10-18 10:26:29 ----A---- C:\WINNT\system32\MSSTDFMT.DLL
2008-10-18 10:26:29 ----A---- C:\WINNT\system32\IJL_11.DLL
2008-09-28 13:08:17 ----A---- C:\WINNT\system32\d3dx9_27.dll
2008-09-28 13:07:33 ----D---- C:\ProgramData
2008-09-28 12:57:02 ----D---- C:\Program Files\Electronic Arts
2008-09-26 17:51:16 ----D---- C:\WINNT\system32\CatRoot_bak
2008-09-26 17:41:02 ----D---- C:\WINNT\LastGood(2)
======List of files/folders modified in the last 3 months======
2008-12-18 14:40:48 ----D---- C:\WINNT\Prefetch
2008-12-18 14:25:06 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-12-18 14:25:03 ----AD---- C:\WINNT
2008-12-18 14:25:00 ----D---- C:\WINNT\Temp
2008-12-18 14:24:58 ----D---- C:\Program Files
2008-12-18 14:23:33 ----D---- C:\WINNT\system32\drivers
2008-12-18 10:48:22 ----D---- C:\WINNT\system32
2008-12-17 19:59:00 ----D---- C:\WINNT\Debug
2008-12-17 19:58:59 ----D---- C:\WINNT\Minidump
2008-12-17 19:09:08 ----D---- C:\Program Files\Google
2008-12-17 17:58:28 ----D---- C:\WINNT\system32\CatRoot2
2008-12-16 20:04:55 ----D---- C:\Program Files\America Online 9.0a
2008-12-16 19:45:42 ----SHD---- C:\RECYCLER
2008-12-16 18:15:02 ----SHD---- C:\WINNT\Installer
2008-12-16 18:15:02 ----HD---- C:\Config.Msi
2008-12-16 17:31:30 ----D---- C:\Program Files\Common Files
2008-12-15 20:28:58 ----SD---- C:\WINNT\Downloaded Program Files
2008-12-15 20:28:58 ----D---- C:\Program Files\Web Publish
2008-12-15 20:26:33 ----SD---- C:\WINNT\Tasks
2008-12-15 20:25:55 ----D---- C:\Documents and Settings
2008-12-15 19:52:38 ----D---- C:\Program Files\Oberon Media
2008-12-15 19:23:07 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-15 19:14:38 ----A---- C:\VETlog.txt
2008-12-15 19:14:19 ----A---- C:\WINNT\win.ini
2008-11-24 13:31:19 ----A---- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameE.txt
2008-11-18 17:18:32 ----D---- C:\Documents and Settings\All Users\Application Data\AOL
2008-11-15 07:55:21 ----A---- C:\WINNT\system32\PerfStringBackup.INI
2008-10-19 14:49:33 ----D---- C:\Documents and Settings\All Users\Application Data\Beanbag Studios
2008-10-08 15:39:57 ----HD---- C:\WINNT\inf
2008-09-28 15:18:58 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-28 13:08:39 ----A---- C:\WINNT\system32\CmdLineExt.dll
2008-09-28 13:08:26 ----D---- C:\WINNT\system32\DirectX
2008-09-28 13:08:25 ----RSD---- C:\WINNT\assembly
2008-09-28 13:08:22 ----D---- C:\WINNT\Microsoft.NET
2008-09-26 18:15:35 ----D---- C:\WINNT\system32\CatRoot
2008-09-26 17:53:08 ----D---- C:\WINNT\system32\config
2008-09-26 17:52:41 ----D---- C:\WINNT\system32\wbem
2008-09-26 17:52:41 ----D---- C:\WINNT\Registration
2008-09-26 17:51:23 ----RSHD---- C:\WINNT\system32\dllcache
2008-09-26 17:51:09 ----D---- C:\Program Files\LimeWire
2008-09-26 17:51:02 ----D---- C:\Program Files\Messenger
2008-09-26 17:50:48 ----D---- C:\Program Files\Internet Explorer
2008-09-26 17:50:32 ----D---- C:\Program Files\iTunes
2008-09-26 17:50:30 ----D---- C:\Program Files\iPod
2008-09-26 17:50:07 ----D---- C:\Program Files\QuickTime
2008-09-26 17:49:29 ----D---- C:\Program Files\Apple Software Update
2008-09-26 17:49:26 ----DC---- C:\WINNT\system32\DRVSTORE
2008-09-26 17:49:08 ----HDC---- C:\WINNT\$NtUninstallKB951748$
2008-09-26 17:49:06 ----D---- C:\Program Files\CVS
2008-09-26 17:33:27 ----D---- C:\WINNT\system32\ReinstallBackups
2008-09-26 17:31:50 ----HDC---- C:\WINNT\$NtUninstallKB951066$
2008-09-26 17:31:42 ----HDC---- C:\WINNT\$NtUninstallKB952287$
2008-09-26 17:31:42 ----HDC---- C:\WINNT\$NtUninstallKB951072-v2$
2008-09-26 17:31:41 ----HDC---- C:\WINNT\$NtUninstallKB950974$
2008-09-26 17:31:40 ----HDC---- C:\WINNT\$NtUninstallKB946648$
2008-09-26 17:31:39 ----HDC---- C:\WINNT\$NtUninstallKB952954$
2008-09-26 17:31:03 ----HDC---- C:\WINNT\$NtUninstallKB954154_WM11$
2008-09-26 17:28:41 ----D---- C:\WINNT\system32\Restore
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Cdr4_xp;Cdr4_xp; C:\WINNT\system32\drivers\Cdr4_xp.sys [2005-03-08 44288]
R1 Cdralw2k;Cdralw2k; C:\WINNT\system32\drivers\Cdralw2k.sys [2005-03-08 24960]
R1 cdudf_xp;cdudf_xp; C:\WINNT\system32\drivers\cdudf_xp.sys [2005-03-08 291456]
R1 Cinemsup;Cinemsup; C:\WINNT\system32\drivers\Cinemsup.sys [2003-12-19 6656]
R1 DVDVRRdr_xp;DVDVRRdr_xp; C:\WINNT\system32\drivers\DVDVRRdr_xp.sys [2005-03-08 141184]
R1 intelppm;Intel Processor Driver; C:\WINNT\System32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 pwd_2k;pwd_2k; C:\WINNT\system32\drivers\pwd_2k.sys [2005-03-08 117760]
R1 UDFReadr;UDFReadr; C:\WINNT\system32\drivers\UDFReadr.sys [2005-03-08 202496]
R2 ASCTRM;ASCTRM; C:\WINNT\system32\drivers\ASCTRM.sys [2003-12-18 8552]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel® Graphics Platform (SoftBIOS) Driver; C:\WINNT\system32\drivers\ialmsbw.sys [2003-11-20 122110]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel® Graphics Chipset (KCH) Driver; C:\WINNT\system32\drivers\ialmkchw.sys [2003-11-20 99002]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINNT\system32\drivers\ALCXWDM.SYS [2003-04-25 730092]
R3 E100B;Intel® PRO Adapter Driver; C:\WINNT\System32\DRIVERS\e100b325.sys [2003-03-04 145408]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINNT\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 ialm;ialm; C:\WINNT\System32\DRIVERS\ialmnt5.sys [2003-11-20 95579]
R3 IntelC51;IntelC51; C:\WINNT\System32\DRIVERS\IntelC51.sys [2003-07-16 1075685]
R3 IntelC52;IntelC52; C:\WINNT\System32\DRIVERS\IntelC52.sys [2003-07-16 481305]
R3 IntelC53;IntelC53; C:\WINNT\System32\DRIVERS\IntelC53.sys [2003-07-16 50805]
R3 mmc_2K;mmc_2K; C:\WINNT\system32\drivers\mmc_2K.sys [2005-03-08 23808]
R3 mohfilt;mohfilt; C:\WINNT\System32\DRIVERS\mohfilt.sys [2003-07-16 31440]
R3 pfc;Padus ASPI Shell; C:\WINNT\system32\drivers\pfc.sys [2003-09-19 21248]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINNT\System32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINNT\System32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINNT\System32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 wanatw;WAN Miniport (ATW); C:\WINNT\System32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S1 kbdhid;Keyboard HID Driver; C:\WINNT\System32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S1 vspf;vspf; \??\C:\WINNT\System32\drivers\vspf5.sys []
S1 vspf_hk;vspf_hk; \??\C:\WINNT\System32\drivers\vspf_hk5.sys []
S3 ac97intc;Intel® 82801 Audio Driver Install Service (WDM); C:\WINNT\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 dvd_2K;dvd_2K; C:\WINNT\system32\drivers\dvd_2K.sys [2005-03-08 24064]
S3 EPUSBSTOR;EPSON USB Storage Driver; C:\WINNT\System32\DRIVERS\epusbsto.sys [2001-09-10 17976]
S3 HidUsb;Microsoft HID Class Driver; C:\WINNT\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINNT\System32\DRIVERS\HPZid412.sys [2004-09-29 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINNT\System32\DRIVERS\HPZipr12.sys [2004-09-29 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINNT\System32\DRIVERS\HPZius12.sys [2004-09-29 21744]
S3 mouhid;Mouse HID Driver; C:\WINNT\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 Mtlmnt5;Mtlmnt5; C:\WINNT\System32\DRIVERS\Mtlmnt5.sys [2004-08-04 126686]
S3 Mtlstrm;Mtlstrm; C:\WINNT\System32\DRIVERS\Mtlstrm.sys [2004-08-04 1309184]
S3 NtMtlFax;NtMtlFax; C:\WINNT\System32\DRIVERS\NtMtlFax.sys [2004-08-04 180360]
S3 nv;nv; C:\WINNT\System32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
S3 RecAgent;recagent; \??\C:\WINNT\System32\DRIVERS\RecAgent.sys []
S3 Slntamr;SmartLink AMR_PCI Driver; C:\WINNT\System32\DRIVERS\slntamr.sys [2004-08-04 404990]
S3 SlNtHal;SlNtHal; C:\WINNT\System32\DRIVERS\Slnthal.sys [2004-08-04 95424]
S3 SlWdmSup;SlWdmSup; C:\WINNT\System32\DRIVERS\SlWdmSup.sys [2003-01-17 39348]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINNT\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINNT\System32\Drivers\usbaapl.sys [2008-07-10 32000]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINNT\System32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINNT\System32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB Scanner Driver; C:\WINNT\System32\DRIVERS\usbscan.sys [2004-08-04 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINNT\System32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINNT\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINNT\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 AOL ACS;AOL Connectivity Service; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [2006-10-23 46640]
R2 AOL TopSpeedMonitor;AOL TopSpeed Monitor; C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe [2004-10-15 100016]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-10 116040]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINNT\system32\PSIService.exe [2006-11-02 174656]
R2 WANMiniportService;WAN Miniport (ATW) Service; C:\WINNT\wanmpsvc.exe [2003-01-10 65536]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-07-10 532264]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINNT\System32\HPZipm12.exe [2004-09-29 69632]
S3 aspnet_state;ASP.NET State Service; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NetSvc;Intel NCS NetService; C:\Program Files\Intel\NCS\Sync\NetSvc.exe [2003-03-03 143360]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINNT\system32\svchost.exe [2004-08-04 14336]
-----------------EOF-----------------