Had 'trouble' uninstalling MalwareBytes ... wasn't in Add/Remov list. Went ahead and installed latest anyway. Couldn't update because browser/Internet so went ahead and scanned. Then rebooted and reinstalled (hurriiedly) - update worked because FF/Internet works for a few mins - then scanned again and nothing was found.
Sorry if the files are not formatted correctly. On my PC, have .txt files go to EditPad automatically - so that's how they were saved originally. (Opened them with notepad after - word wrap off - and saved them).
mbam:
Malwarebytes' Anti-Malware 1.34
Database version: 1749
Windows 5.1.2600 Service Pack 2
2/16/2009 4:07:38 PM
mbam-log-2009-02-16 (16-07-38).txt
Scan type: Quick Scan
Objects scanned: 66886
Time elapsed: 6 minute(s), 5 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-
7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted
successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f31a5d11-
bf0b-4a4e-90af-274f2090aaa6} (Adware.180Solutions) -> Quarantined and deleted
successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
(Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Log:
Logfile of random's system information tool 1.05 (written by random/random)
Run by Alan at 2009-02-16 16:44:16
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 2 GB (25%) free of 10 GB
Total RAM: 1023 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:44:41 PM, on 2/16/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 SP2 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
E:\Program Files\Clipomatic\Clipomatic.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
E:\processes\nwProcessExplorer\procexp.exe
E:\Program Files\pita210\Pitaschio.exe
C:\Program Files\SpamPal\spampal.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
E:\Program Files\Password Safe\pwsafe.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Alan\Desktop\RSIT.exe
H:\Program Files\HijackThis\Alan.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.webshots.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c....yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file
missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter -
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9}
- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -
C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Clipomatic] E:\Program Files\Clipomatic\Clipomatic.exe
O4 - Startup: procexp (2).lnk = E:\processes\nwProcessExplorer\procexp.exe
O4 - Startup: Shortcut to Pitaschio.exe.lnk = E:\Program
Files\pita210\Pitaschio.exe
O4 - Startup: SpamPl.lnk = C:\Program Files\SpamPal\spampal.exe
O4 - Startup: Webshots.lnk = E:\Program Files\Webshots\Launcher.exe
O8 - Extra context menu item: &Search - ?p=ZRxdm529YYUS
O16 - DPF: {01010200-5E80-11D8-9E86-0007E96C65AE} -
http://supportcenter...ad/tgctlins.cabO16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) -
http://supportcenter...oad/tgctlsi.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) -
http://go.microsoft....k/?linkid=39204O16 - DPF: {2E12FB00-546B-4EE3-9CC2-057BF02E1C17} -
http://community.web...wsaxcontrol.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.micros...client/muweb_site.cab?1139291678343
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} -
https://www-secure.s...rl/SymAData.cabO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - E:\Program
Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o.
- C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. -
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Unknown owner -
C:\WINDOWS\system32\CTsvcCDA.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems,
Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner -
C:\WINDOWS\system32\ZoneLabs\vsmon.exe (file missing)
--
End of file - 5229 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-2052111302-725345543-10
04.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-02-08 1078552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll
[2009-02-12 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program
Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-12 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-02-08 1601304]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-12
148888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Clipomatic"=E:\Program Files\Clipomatic\Clipomatic.exe [1999-05-15 65536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared
tools\msconfig\startupfolder\C:^Documents and Settings^Alan^Start
Menu^Programs^Startup^pitadll.dll]
[]
C:\Documents and Settings\Alan\Start Menu\Programs\Startup
procexp (2).lnk - E:\processes\nwProcessExplorer\procexp.exe
Shortcut to Pitaschio.exe.lnk - E:\Program Files\pita210\Pitaschio.exe
SpamPl.lnk - C:\Program Files\SpamPal\spampal.exe
Webshots.lnk - E:\Program Files\Webshots\Launcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-02-08 10520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObject
DelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} -
C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExec
uteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG
Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG
Anti-Spyware Guard]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGro
up]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG
Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG
Anti-Spyware Guard]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGro
up]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\fi
rewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2r
es.dll,-22019"
"E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="E:\Program
Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"E:\Program Files\Yahoo!\Messenger\YServer.exe"="E:\Program
Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program
Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program
Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\fi
rewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2r
es.dll,-22019"
======File associations======
.js - edit - "E:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
======List of files/folders created in the last 1 months======
2009-02-16 16:44:16 ----D---- C:\rsit
2009-02-15 23:09:53 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-14 16:32:03 ----D---- C:\Documents and Settings\All Users\Application
Data\NortonInstaller
2009-02-14 02:16:44 ----SHD---- C:\RECYCLER
2009-02-14 00:46:59 ----A---- C:\ComboFix.txt
2009-02-14 00:41:45 ----A---- C:\Boot.bak
2009-02-14 00:41:36 ----RASHD---- C:\cmdcons
2009-02-14 00:40:07 ----A---- C:\WINDOWS\zip.exe
2009-02-14 00:40:07 ----A---- C:\WINDOWS\VFIND.exe
2009-02-14 00:40:07 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-02-14 00:40:07 ----A---- C:\WINDOWS\SWSC.exe
2009-02-14 00:40:07 ----A---- C:\WINDOWS\SWREG.exe
2009-02-14 00:40:07 ----A---- C:\WINDOWS\sed.exe
2009-02-14 00:40:07 ----A---- C:\WINDOWS\NIRCMD.exe
2009-02-14 00:40:07 ----A---- C:\WINDOWS\grep.exe
2009-02-14 00:40:07 ----A---- C:\WINDOWS\fdsv.exe
2009-02-14 00:40:01 ----D---- C:\Qoobox
2009-02-12 21:58:05 ----A---- C:\WINDOWS\system32\javaws.exe
2009-02-12 21:58:05 ----A---- C:\WINDOWS\system32\javaw.exe
2009-02-12 21:58:05 ----A---- C:\WINDOWS\system32\java.exe
2009-01-27 18:38:22 ----A---- C:\WINDOWS\system32\avgrsstx.dll
======List of files/folders modified in the last 1 months======
2009-02-16 16:44:35 ----D---- C:\WINDOWS\Prefetch
2009-02-16 16:40:22 ----D---- C:\Program Files\Mozilla Firefox
2009-02-16 16:36:55 ----D---- C:\WINDOWS\Temp
2009-02-16 16:35:45 ----D---- C:\WINDOWS\system32\drivers
2009-02-16 16:34:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-16 13:14:35 ----D---- C:\WINDOWS
2009-02-15 23:15:59 ----HD---- C:\WINDOWS\inf
2009-02-15 23:12:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-15 18:01:17 ----D---- C:\WINDOWS\system32\ZoneLabs
2009-02-14 23:59:38 ----D---- C:\WINDOWS\Internet Logs
2009-02-14 23:42:26 ----D---- C:\WINDOWS\system32\Restore
2009-02-14 00:47:06 ----D---- C:\WINDOWS\system32
2009-02-14 00:44:16 ----A---- C:\WINDOWS\system.ini
2009-02-14 00:43:28 ----D---- C:\WINDOWS\AppPatch
2009-02-14 00:43:23 ----D---- C:\Program Files\Common Files
2009-02-14 00:41:45 ----RASH---- C:\boot.ini
2009-02-14 00:40:01 ----D---- C:\WINDOWS\ERDNT
2009-02-12 23:04:57 ----D---- C:\Documents and Settings\All Users\Application
Data\Spybot - Search & Destroy
2009-02-12 21:58:36 ----SHD---- C:\WINDOWS\Installer
2009-02-12 21:57:35 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-02-11 21:38:11 ----D---- C:\PRParser
2009-02-11 17:31:36 ----HD---- C:\$AVG8.VAULT$
2009-02-11 16:32:49 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-02-11 16:03:24 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-02-11 15:51:23 ----D---- C:\WINDOWS\system32\NtmsData
2009-02-09 22:48:25 ----D---- C:\WINDOWS\system32\LogFiles
2009-02-09 15:21:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-08 22:50:28 ----SD---- C:\Documents and Settings\Alan\Application
Data\Microsoft
2009-02-08 22:50:12 ----D---- C:\Documents and Settings\All Users\Application
Data\avg8
2009-02-08 18:57:35 ----D---- C:\WINDOWS\WinSxS
2009-02-07 17:28:36 ----D---- C:\WINDOWS\system32\config
2009-02-07 15:26:33 ----D---- C:\WINDOWS\system32\wbem
2009-02-07 15:26:32 ----D---- C:\WINDOWS\Registration
2009-02-07 15:09:04 ----SD---- C:\WINDOWS\Tasks
2009-02-06 19:12:41 ----A---- C:\WINDOWS\win.ini
2009-02-03 18:50:46 ----SHD---- C:\System Volume Information
2009-01-27 17:00:02 ----AC---- C:\WINDOWS\system32\wpa.bak
2009-01-21 14:24:15 ----RD---- C:\Program Files
2009-01-21 12:38:11 ----D---- C:\WINDOWS\network diagnostic
2009-01-17 23:13:28 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-01-17 23:13:28 ----D---- C:\WINDOWS\system32\CatRoot
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand,
4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86;
C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-02-08 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;
C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-02-08 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys
[2009-02-08 107272]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys
[2004-08-03 14848]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-11-13 353680]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment;
C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 Rcfilter;Rcfilter; C:\WINDOWS\System32\drivers\Rcfilter.sys [2004-09-30
32128]
R2 SBKUPNT;SBKUPNT; \??\C:\WINDOWS\system32\Drivers\SBKUPNT.SYS []
R3 ac97intc;Intel® 82801 Audio Driver Install Service (WDM);
C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 FETNDISB;Dynex DX-E101 PCI Fast Ethernet Adapter Driver Service;
C:\WINDOWS\system32\DRIVERS\dxe1015b.sys [2005-12-29 43008]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys
[2001-08-17 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17
12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
R3 usbccgp;Microsoft USB Generic Parent Driver;
C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver;
C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Microsoft USB Standard Hub Driver;
C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
[2004-08-03 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver;
C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
S1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\E:\Program
Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
S1 AvgArCln;Avg Anti-Rootkit Clean Driver;
C:\WINDOWS\System32\DRIVERS\AvgArCln.sys []
S1 AvgAsCln;AVG Anti-Spyware Clean Driver;
C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys []
S1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys []
S1 SASDIFSV;SASDIFSV; \??\E:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
S1 SASKUTIL;SASKUTIL; \??\E:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
S2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 exdisk;Express Disk Service; C:\WINDOWS\system32\DRIVERS\exdisk.sys []
S3 itchfltr;iTouch Keyboard Filter; C:\WINDOWS\System32\Drivers\itchfltr.sys
[2002-07-09 11008]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver;
C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys []
S3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver;
C:\WINDOWS\System32\Drivers\L8042mou.sys []
S3 LCcfltr;Logitech USB Filter Driver; C:\WINDOWS\system32\drivers\lccfltr.sys
[2002-07-09 13724]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver;
C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
S3 LHidFlt2;Logitech HID/USB Mouse Filter Driver;
C:\WINDOWS\system32\DRIVERS\LHidFlt2.sys []
S3 LHidKe;Logitech SetPoint HID Mouse Filter Driver;
C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2005-05-20 25600]
S3 LHidUsb;Logitech USB Receiver device driver;
C:\WINDOWS\system32\drivers\LHidUsb.Sys [2002-07-09 40716]
S3 LHidUsbK;Logitech SetPoint USB Receiver device driver;
C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2005-05-20 36480]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver;
C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]
S3 LMouKE;Logitech SetPoint Mouse Filter Driver;
C:\WINDOWS\System32\Drivers\LMouKE.sys []
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter;
C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2007-04-11 28688]
S3 mxInsMon;mxInsMon; \??\E:\PROGRA~1\ALADDI~1\SPRING~1\mxInsMon.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver;
C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SASENUM;SASENUM; \??\E:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 usbprint;Microsoft USB PRINTER Class;
C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys
[2004-08-03 15104]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02
492000]
S3 Wdm1;USB Bridge Cable Driver; C:\WINDOWS\System32\Drivers\usbbc.sys
[2001-01-07 15576]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto,
3=Demand, 4=Disabled)======
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-02-08
903960]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-02-08
298264]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program
Files\Java\jre6\bin\jqs.exe [2009-02-12 152984]
R2 SNMP;SNMP Service; C:\WINDOWS\System32\snmp.exe [2006-11-20 33280]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework;
C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; E:\Program Files\Grisoft\AVG
Anti-Spyware 7.5\guard.exe []
S2 Creative Service for CDROM Access;Creative Service for CDROM Access;
C:\WINDOWS\system32\CTsvcCDA.exe []
S2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe
-service []
S3 aspnet_state;ASP.NET State Service;
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24
33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service
v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[2007-10-24 70144]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe []
S3 SNMPTRAP;SNMP Trap Service; C:\WINDOWS\System32\snmptrap.exe [2004-08-04
8704]
S4 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program
Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
-----------------EOF-----------------
INFO:
info.txt logfile of random's system information tool 1.05 2009-02-16 16:44:45
======Uninstall list======
-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{19822917-61F6-4221-B1D0-1C3B8A06BE60}\setup.exe" -l0x9
-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{19822917-61F6-4221-B1D0-1C3B8A06BE60}\setup.exe" -l0x9 /remove
-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9
-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{7C9F6AF4-E9D9-47FE-BE4B-E637C2FCB410}\setup.exe" -l0x9
-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{7C9F6AF4-E9D9-47FE-BE4B-E637C2FCB410}\setup.exe" -l0x9 /remove
-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9
-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9 /remove
-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{9A0B5225-B59B-4D72-B3FE-71AAA693A8E2}\setup.exe" -l0x9
-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{9A0B5225-B59B-4D72-B3FE-71AAA693A8E2}\setup.exe" -l0x9 /remove
-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9
-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9 /remove
-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{C029DB0E-C59F-417A-90F8-88FD5B2C4AE7}\setup.exe" -l0x9
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132
C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 5.0 Sprint-->MsiExec.exe
/X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
ABF Magnifying Tools-->"E:\Program Files\ABF software\ABF Magnifying
Tools\Uninstall.exe" "E:\Program Files\ABF software\ABF Magnifying
Tools\install.log"
Add/Remove Pro-->RunDll32 advpack.dll,LaunchINFSection
C:\WINDOWS\INF\ADRMPRO2.INF, DefaultUninstall.ntx86
Adobe Flash Player
ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player
Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Apple Software Update-->MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
ARP++-->MsiExec.exe /X{4BE4ABEF-18FE-457A-9B9A-3C4250220697}
AudibleManager-->E:\Program Files\Bin\Upgrade.exe /Uninstall
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
BitMeter-->"E:\Program Files\Codebox\BitMeter\uninstall.exe"
Bulk Rename Utility 2, 5, 4,
3-->C:\DOCUME~1\ALLUSE~1\APPLIC~1\TARMAI~1\{991B1~1\Setup.exe /remove /q0
CCleaner (remove only)-->"E:\Program Files\CCleaner\uninst.exe"
CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
Clipomatic-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\CLIPOMTC.INF,
DefaultUninstall.ntx86
Compton's Interactive Bible NIV-->C:\WINDOWS\uninst.exe -f"H:\Program
Files\Compton's Home Library\CIBNIV\DeIsL1.isu"
CompuApps SwissKnife V3-->C:\WINDOWS\ISUNINST.EXE -f"e:\program
files\SWISNIFE\SKUninst.ISU" -c"e:\program files\SWISNIFE\SKUNINST.DLL"
Coupon Printer for Windows-->"C:\Program Files\Coupons\uninstall.exe"
"/U:C:\Program Files\Coupons\Uninstall\uninstall.xml"
Creative MediaSource 5-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x9 /remove
Creative Removable Disk Manager-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9 /remove
Creative System Information-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
Creative ZEN V Series (R2)-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{9862E0CB-4727-4FFC-963A-E22A9E9EC10C}\SETUP.EXE" -l0x9 /remove
CSS Tab Designer v2.0-->"E:\Program Files\CSS Tab Designer 2\unins000.exe"
EasyCleaner-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9
EditPlus 2-->E:\Program Files\EditPlus 2\remove.exe
EPSON C88 User's Guide-->C:\Program Files\epson\guide\c88_e\uninstall.exe
EPSON Printer Software-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE
/R
Eraser-->"H:\Program Files\Eraser\unins000.exe"
ERUNT 1.1j-->"E:\Program Files\ERUNT\unins000.exe"
e-Sword-->MsiExec.exe /I{4FD27B25-4128-4CDA-A322-F1C8F0D8FEC9}
FastStone Image Viewer 3.2-->E:\Program Files\Faststone Image Viewer\uninst.exe
Files Compare Tool-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program
Files\InstallShield Installation
Information\{E69A76AA-71D9-4939-8EBB-8FC8BE22428D}\Setup.exe"
Foxit Reader-->E:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Free CSS Toolbox 1.0-->"E:\Program Files\Free CSS Toolbox\unins000.exe"
Free Mp3 Wma Converter V 1.6.1-->"E:\Program Files\Free Audio Pack\unins000.exe"
FUJIFILM USB Driver-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program
Files\InstallShield Installation
Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
GdiplusUpgrade-->MsiExec.exe /I{5421155F-B033-49DB-9B33-8F80F233D4D5}
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Hallmark Card Studio 2-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program
Files\InstallShield Installation
Information\{1EEDF3E1-C0EA-409B-A772-164EF9AB3BCE}\setup.exe"
Hallmark Christian Card Studio-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program
Files\InstallShield Installation
Information\{91029CA6-FAA2-40BB-829B-974D2DDD5298}\setup.exe"
Hidden Utilities XP-->MsiExec.exe /I{E4E3B247-9A66-45B0-A624-278A0606B896}
HijackThis 2.0.2-->"H:\Program Files\HijackThis\HijackThis.exe" /uninstall
IZArc 3.81-->"E:\Program Files\IZArc\unins000.exe"
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe
/I{3248F0A8-6813-11D6-A77B-00B0D0150110}
Java 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java SE Runtime Environment 6 Update 1-->MsiExec.exe
/I{3248F0A8-6813-11D6-A77B-00B0D0160010}
KhalInstallWrapper-->MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719}
K-Lite Mega Codec Pack 1.63-->"E:\Program Files\K-Lite Codec Pack\unins000.exe"
Logitech SetPoint-->C:\Program Files\InstallShield Installation
Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp
-l0x0009 -removeonly
Macromedia Dreamweaver 8-->MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9}
Macromedia Extension Manager-->MsiExec.exe
/I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Magnifier Powertoy for Windows XP-->MsiExec.exe
/I{2FBF04DC-404C-4FA4-BA28-99903080D2B9}
Malwarebytes' Anti-Malware-->"E:\Program Files\Malwarebytes'
Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix
(KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe"
"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.m
sp"
Microsoft .NET Framework 1.1-->msiexec.exe /X
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe
/X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Bootvis-->MsiExec.exe /I{0F9196C6-58B4-445B-B56E-B1200FECC151}
Microsoft Compression Client Pack 1.0 for Windows
XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack
1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft PowerPoint Viewer 97-->C:\Program Files\PowerPoint
Viewer\setup\setup.exe
Microsoft Streets and Trips 2001-->MsiExec.exe
/I{3D719053-5593-11D3-8F25-0060085C1758}
Microsoft User-Mode Driver Framework Feature Pack
1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe
/X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Word 2000 SR-1-->MsiExec.exe /I{00170409-78E1-11D2-B60F-006097C998E7}
Microsoft Works 2001 Setup Launcher-->C:\Program Files\Microsoft Works Suite
2001\Setup\Launcher.exe I:\
Microsoft Works 6.0-->MsiExec.exe /I{F8D0829C-9C6F-11D3-8080-00C04FA329AA}
Microsoft Works Suite Add-in for Microsoft Word-->MsiExec.exe
/I{5F629FE8-5B4C-4863-937A-AFC2961F7DD3}
Moffsoft FreeCalc-->"C:\Program Files\Moffsoft FreeCalc\unins000.exe"
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe
/I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero - Burning Rom-->MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
Norton AntiVirus SCSSDist MSI-->MsiExec.exe
/I{541230A3-1D3A-4879-B7E0-E71F90E35548}
Opera 9.23-->MsiExec.exe /X{E9EEE4CB-CB2B-4273-9AF5-7E12022B444B}
Paint Shop Pro 7 Anniversary Edition-->MsiExec.exe
/I{D6DE02C7-1F47-11D4-9515-00105AE4B89A}
Paint.NET v3.10-->MsiExec.exe /X{5E749AEB-5A19-43BA-BB20-3CBB37539FE4}
Password Safe-->"E:\Program Files\Password Safe\Uninstall.exe"
PC-Linq-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program
Files\InstallShield Installation
Information\{808FAA20-4C3A-11D4-8A57-00201853C903}\Setup.exe"
Personal RecordKeeper-->C:\WINDOWS\iun3401.exe C:\Program Files\Personal
RecordKeeper 5
PrintFolder 1.2-->"E:\Program Files\PrintFolder\unins000.exe"
PRK Manual-->C:\WINDOWS\iun3401.exe c:\program files\Personal RecordKeeper 5
Quicken 2006-->MsiExec.exe /X{2818095F-FB6C-42C8-827E-0A406CC9AFF5}
RegScrubXP 3.25-->"E:\Program Files\RegScrubXP\unins000.exe"
Road Runner Medic 5.4-->"C:\WINDOWS\unins000.exe"
Safari-->MsiExec.exe /X{3E719879-9914-4C56-843E-96D0C3FCC3FB}
Sapi-->MsiExec.exe /X{EA9A2BDE-D702-4B64-9C03-588409F82F81}
Security Update for Microsoft .NET Framework 2.0
(KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall
{8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package
{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Snood for Windows version 3.52-W-->"E:\Program Files\Snood\unins000.exe"
SpamPal-->"C:\Program Files\SpamPal\Uninstall.exe" "C:\Program
Files\SpamPal\install.log"
SpeeDefrag 5.2-->"E:\Program Files\SpeeDefrag\unins000.exe"
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe
/I{AC76BA86-7AD7-5464-3428-800000000003}
Spring Cleaning
3.0-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe
/M{DB21E6A3-D0D0-44B0-AB3F-6F3C2C2FC07D}
SUPERAntiSpyware Free Edition-->MsiExec.exe
/X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
The Cleaner-->C:\WINDOWS\iun3405.exe e:\Program Files\The Cleaner
The Print Shop Business Card Creator-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program
Files\InstallShield Installation
Information\{BCCBE608-5C44-4507-AE11-55B36AE0E41B}\setup.exe" -l0x9 anything
Tweak UI-->"C:\WINDOWS\system32\mshta.exe"
"res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
Ultimate Sudoku-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program
Files\InstallShield Installation
Information\{DB8F7090-0594-4C31-B33F-4740E2A3F4C9}\Setup.exe" -l0x9
UltraExplorer 1.3.2-->"E:\Program Files\UltraExplorer\unins000.exe"
Uniblue Quick Access-->"E:\Program Files\ProcessLibrary\unins000.exe"
Uninstall Startup Inspector-->"C:\Program Files\Startup Inspector for
Windows\unins000.exe"
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media
Player\mtsAxInstaller.exe /u
Webshots Desktop-->E:\PROGRA~1\WEBSHOTS\UNWISE.EXE
E:\PROGRA~1\WEBSHOTS\INSTALL.LOG
Windows Driver Package - Hewlett-Packard Image (12/27/2006
8.0.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst32.ex
e /u
C:\WINDOWS\system32\DRVSTORE\hpgt4850_8C48BFFEF3EE4C959122472287DAF892C799F7A0\h
pgt4850.inf
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe
/I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe"
/Uninstall
WinRAR archiver-->E:\Program Files\WinRAR\uninstall.exe
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
xplorer² lite-->"E:\Program Files\zabkat\xplorer2_lite\Uninstall.exe"
Yahoo! Messenger-->E:\PROGRA~1\YAHOO!\MESSEN~1\UNWISE.EXE /U
E:\PROGRA~1\YAHOO!\MESSEN~1\INSTALL.LOG
ZENcast Organizer-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu
p "C:\Program Files\InstallShield Installation
Information\{C029DB0E-C59F-417A-90F8-88FD5B2C4AE7}\setup.exe" -l0x9 /remove
=====HijackThis Backups=====
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.webshots.com/O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} -
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: AVG Anti-Virus Free
FW: ZoneAlarm Firewall
System event log
Computer Name: SUNRISE-RAP
Event Code: 4201
Message: The system detected that network adapter
\DEVICE\TCPIP_{F49BD778-4FA3-4DFC-ABB3-C7952D06E28E} was connected to the
network,
and has initiated normal operation over the network adapter.
Record Number: 85787
Source Name: Tcpip
Time Written: 20090207185837.000000-300
Event Type: information
User:
Computer Name: SUNRISE-RAP
Event Code: 4202
Message: The system detected that network adapter
\DEVICE\TCPIP_{F49BD778-4FA3-4DFC-ABB3-C7952D06E28E} was disconnected from the
network,
and the adapter's network configuration has been released. If the network
adapter was not disconnected, this may indicate that it has malfunctioned.
Please contact your vendor for updated drivers.
Record Number: 85786
Source Name: Tcpip
Time Written: 20090207182858.000000-300
Event Type: information
User:
Computer Name: SUNRISE-RAP
Event Code: 7035
Message: The TrueVector Internet Monitor service was successfully sent a start
control.
Record Number: 85785
Source Name: Service Control Manager
Time Written: 20090207182005.000000-300
Event Type: information
User: SUNRISE-RAP\Alan
Computer Name: SUNRISE-RAP
Event Code: 7034
Message: The TrueVector Internet Monitor service terminated unexpectedly. It
has done this 1 time(s).
Record Number: 85784
Source Name: Service Control Manager
Time Written: 20090207182002.000000-300
Event Type: error
User:
Computer Name: SUNRISE-RAP
Event Code: 26
Message: Application popup: dwwin.exe - Application Error : The application
failed to initialize properly (0xc0000142). Click on OK to terminate the
application.
Record Number: 85783
Source Name: Application Popup
Time Written: 20090207181937.000000-300
Event Type: information
User:
Application event log
Computer Name: SUNRISE-RAP
Event Code: 20
Message:
Record Number: 46284
Source Name: Google Update
Time Written: 20090123005113.000000-300
Event Type: error
User: SUNRISE-RAP\Alan
Computer Name: SUNRISE-RAP
Event Code: 20
Message:
Record Number: 46283
Source Name: Google Update
Time Written: 20090122235108.000000-300
Event Type: error
User: SUNRISE-RAP\Alan
Computer Name: SUNRISE-RAP
Event Code: 20
Message:
Record Number: 46282
Source Name: Google Update
Time Written: 20090122225634.000000-300
Event Type: error
User: SUNRISE-RAP\Alan
Computer Name: SUNRISE-RAP
Event Code: 20
Message:
Record Number: 46281
Source Name: Google Update
Time Written: 20090122220241.000000-300
Event Type: error
User: SUNRISE-RAP\Alan
Computer Name: SUNRISE-RAP
Event Code: 20
Message:
Record Number: 46280
Source Name: Google Update
Time Written: 20090122210327.000000-300
Event Type: error
User: SUNRISE-RAP\Alan
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;;"E:\Progra
m Files\Zone Labs\ZoneAlarm\MailFrontier"
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 1 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=0102
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"tvdumpflags"=8
-----------------EOF-----------------