Active internet search redirect?

[Active] internet search redirect?

Please help!! Everytime I use my search bar, the sites are ads that dont pertain to my search. I dont know what to do to fix it!!

 

here are my logs ...Logfile of random's system information tool 1.05 (written by random/random)
Run by Chris at 2009-01-03 13:26:29
Microsoft Windows XP Professional Service Pack 2
System drive C: has 105 GB (92%) free of 114 GB
Total RAM: 735 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:27:42 PM, on 1/3/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Chris\Desktop\RSIT.exe
C:\Program Files\trend micro\Chris.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Suggest - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\SearchSuggest\YSearchSuggest.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (file missing)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (file missing)
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe "
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Family%20Feud%202/Images/stg_drm.ocx
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Family%20Feud%202/Images/armhelper.ocx
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Unknown owner - C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 9708 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-12-08 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5A263CF7-56A6-4D68-A8CF-345BE45BC911}]
Yahoo! IE Suggest - C:\Program Files\Yahoo!\SearchSuggest\YSearchSuggest.dll [2008-01-14 233472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-10 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY "=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-12-08 1261336]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"SunJavaUpdateSched "=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-10 136600]
"NeroFilterCheck "=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-03-17 570664]
"SecurDisc "=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-06-25 1629480]
"InCD "=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-06-25 1057064]
"HP Software Update "=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]
"REGSHAVE "=C:\Program Files\REGSHAVE\REGSHAVE.EXE [2002-02-04 53248]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware "=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-12-03 399504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS "=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"SpybotSD TeaTimer "=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"LightScribe Control Panel "=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} "=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Exif Launcher.lnk - C:\Program Files\FinePixViewer\QuickDCF.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=157

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\AVG\AVG8\avgemc.exe "= "C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe "
"C:\Program Files\AVG\AVG8\avgupd.exe "= "C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe "
"C:\Program Files\LimeWire\LimeWire.exe "= "C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire "
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe "= "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger "
"C:\Program Files\Wyzo\wyzo.exe "= "C:\Program Files\Wyzo\wyzo.exe:*isabled:Wyzo "
"C:\Program Files\Java\jre6\bin\java.exe "= "C:\Program Files\Java\jre6\bin\java.exe:*isabled:Java(TM) Platform SE binary "
"D:\Installation\Setupx.exe "= "D:\Installation\Setupx.exe:*:Enabled:Nero ProductSetup "
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe "= "C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime Essentials "
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe "
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe "
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe "= "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe "
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe "= "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe "
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe "= "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "

======List of files/folders created in the last 3 months======

2009-01-03 13:26:31 ----D---- C:\Program Files\trend micro
2009-01-03 13:26:29 ----D---- C:\rsit
2009-01-03 12:20:21 ----D---- C:\Documents and Settings\Chris\Application Data\Malwarebytes
2009-01-03 12:20:13 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-03 12:20:13 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-03 11:59:23 ----D---- C:\WINDOWS\ERUNT
2009-01-03 11:53:37 ----A---- C:\WINDOWS\ntbtlog.txt
2009-01-03 11:50:04 ----D---- C:\SDFix
2009-01-02 21:55:04 ----D---- C:\Program Files\PIXELA
2009-01-02 21:54:03 ----A---- C:\WINDOWS\system32\FPXS2Pro.dll
2009-01-02 21:53:14 ----D---- C:\Documents and Settings\Chris\Application Data\FUJIFILM
2009-01-02 21:52:25 ----D---- C:\Program Files\FinePixViewer
2009-01-02 21:52:25 ----A---- C:\WINDOWS\system32\FFTIFF16.dll
2009-01-02 21:52:25 ----A---- C:\WINDOWS\system32\FFRAFLIB.DLL
2009-01-02 21:51:36 ----N---- C:\WINDOWS\system32\FINFCOPY.dll
2009-01-02 21:51:36 ----N---- C:\WINDOWS\system32\FINFCHECK.dll
2009-01-02 21:51:36 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-02 21:51:36 ----D---- C:\Program Files\REGSHAVE
2009-01-02 21:51:35 ----N---- C:\WINDOWS\system32\FREGSHEX.DLL
2009-01-02 21:51:35 ----N---- C:\WINDOWS\system32\FCLKBTN.DLL
2009-01-02 21:47:24 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2009-01-02 21:46:56 ----D---- C:\Program Files\Common Files\HP
2009-01-02 21:45:01 ----D---- C:\Program Files\Hewlett-Packard
2009-01-02 21:43:33 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2009-01-02 21:42:45 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2009-01-02 21:42:44 ----A---- C:\WINDOWS\system32\HPZisn12.dll
2009-01-02 21:42:44 ----A---- C:\WINDOWS\system32\HPZipt12.dll
2009-01-02 21:42:44 ----A---- C:\WINDOWS\system32\HPZipm12.exe
2009-01-02 21:42:43 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2009-01-02 21:42:43 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2009-01-02 21:34:34 ----D---- C:\Program Files\HP
2009-01-02 21:33:12 ----HD---- C:\Config.Msi
2009-01-02 21:31:40 ----D---- C:\Documents and Settings\Chris\Application Data\HP
2009-01-02 21:29:24 ----RA---- C:\WINDOWS\system32\HPZc3212.dll
2009-01-02 21:29:24 ----RA---- C:\WINDOWS\system32\hpovst08.dll
2009-01-02 21:29:23 ----RA---- C:\WINDOWS\system32\hpotscl.dll
2009-01-02 21:29:22 ----RA---- C:\WINDOWS\system32\hpgwiamd.dll
2009-01-02 14:25:33 ----D---- C:\Documents and Settings\All Users\Application Data\LightScribe
2009-01-02 13:45:56 ----D---- C:\Program Files\Sanyo
2009-01-02 13:45:51 ----D---- C:\Program Files\Common Files\InstallShield
2009-01-02 13:41:37 ----D---- C:\Program Files\Family Feud
2009-01-02 13:36:09 ----D---- C:\Program Files\Common Files\LightScribe
2009-01-02 13:34:11 ----D---- C:\Documents and Settings\Chris\Application Data\Ahead
2009-01-02 13:33:26 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2009-01-02 13:27:37 ----D---- C:\Program Files\Common Files\Ahead
2009-01-02 13:25:58 ----D---- C:\WINDOWS\RegisteredPackages
2009-01-02 13:24:24 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-12-28 22:13:58 ----D---- C:\Program Files\MSBuild
2008-12-28 22:04:15 ----D---- C:\WINDOWS\system32\XPSViewer
2008-12-28 22:03:16 ----D---- C:\Program Files\Reference Assemblies
2008-12-28 22:02:43 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-12-28 21:56:29 ----RSD---- C:\WINDOWS\assembly
2008-12-28 21:55:31 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-28 21:54:43 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2008-12-28 21:20:20 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-28 20:28:04 ----D---- C:\Documents and Settings\Chris\Application Data\Nero
2008-12-28 19:24:51 ----A---- C:\WINDOWS\Irremote.ini
2008-12-28 19:15:34 ----D---- C:\Program Files\Windows Sidebar
2008-12-28 18:33:03 ----D---- C:\Program Files\Nero
2008-12-28 18:31:01 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2008-12-28 18:31:00 ----D---- C:\Program Files\Common Files\Nero
2008-12-28 18:30:21 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-12-28 18:19:02 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-12-26 18:01:18 ----D---- C:\Documents and Settings\Chris\Application Data\Uniblue
2008-12-26 17:59:56 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2008-12-26 17:59:49 ----D---- C:\Program Files\WinZip
2008-12-25 18:37:03 ----D---- C:\Program Files\Family Feud 2
2008-12-25 18:37:03 ----D---- C:\Documents and Settings\Chris\Application Data\SpinTop
2008-12-25 17:49:18 ----D---- C:\WINDOWS\system32\appmgmt
2008-12-24 01:11:57 ----D---- C:\WINDOWS\BDOSCAN8
2008-12-24 00:50:41 ----D---- C:\Program Files\IrfanView
2008-12-23 01:23:40 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-23 01:23:40 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-20 23:53:48 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-12-20 23:51:36 ----D---- C:\Documents and Settings\Chris\Application Data\Google
2008-12-20 23:46:05 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-12-20 12:40:49 ----D---- C:\Documents and Settings\All Users\Application Data\MSN6
2008-12-20 12:40:47 ----D---- C:\Documents and Settings\Chris\Application Data\MSN6
2008-12-20 12:26:00 ----D---- C:\Documents and Settings\Chris\Application Data\.wyzo
2008-12-20 11:45:05 ----A---- C:\WINDOWS\st_affiliate.ini
2008-12-20 09:58:17 ----HD---- C:\WINDOWS\msdownld.tmp
2008-12-20 09:57:58 ----D---- C:\WINDOWS\WBEM
2008-12-20 09:57:57 ----D---- C:\WINDOWS\system32\en-US
2008-12-20 09:56:27 ----HDC---- C:\WINDOWS\ie7
2008-12-20 09:56:05 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-12-20 09:55:44 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-12-20 09:55:16 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-12-20 09:55:16 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-20 09:55:13 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-12-15 22:29:16 ----D---- C:\Documents and Settings\Chris\Application Data\Yahoo!
2008-12-15 22:29:16 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-12-15 22:27:54 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-12-15 22:27:45 ----D---- C:\Program Files\Yahoo!
2008-12-15 20:34:30 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-12-14 12:31:41 ----HD---- C:\$AVG8.VAULT$
2008-12-14 11:35:33 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia
2008-12-14 11:35:30 ----D---- C:\Documents and Settings\Chris\Application Data\iWin
2008-12-14 11:35:28 ----D---- C:\Documents and Settings\All Users\Application Data\NeoEdge Networks
2008-12-14 11:35:17 ----D---- C:\Program Files\Yahoo! Games
2008-12-11 01:18:11 ----SHD---- C:\RECYCLER
2008-12-10 21:38:45 ----D---- C:\WINDOWS\Sun
2008-12-10 20:36:16 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-12-10 18:25:36 ----D---- C:\Documents and Settings\Chris\Application Data\LimeWire
2008-12-10 17:29:25 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-10 17:29:25 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-10 17:29:25 ----A---- C:\WINDOWS\system32\java.exe
2008-12-10 17:29:25 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-10 17:29:08 ----D---- C:\Program Files\Java
2008-12-10 17:27:18 ----D---- C:\Documents and Settings\Chris\Application Data\Sun
2008-12-10 17:25:12 ----D---- C:\Program Files\LimeWire
2008-12-09 18:49:43 ----D---- C:\Documents and Settings\All Users\Application Data\SBT
2008-12-09 18:48:13 ----D---- C:\Program Files\Snapshot Viewer
2008-12-09 17:01:52 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-12-08 22:21:12 ----A---- C:\WINDOWS\ODBC.INI
2008-12-08 22:20:01 ----D---- C:\Program Files\Common Files\Designer
2008-12-08 22:19:22 ----D---- C:\WINDOWS\ShellNew
2008-12-08 22:17:34 ----D---- C:\Program Files\Microsoft Office
2008-12-08 22:17:34 ----D---- C:\Documents and Settings\Chris\Application Data\Microsoft Web Folders
2008-12-08 22:10:49 ----D---- C:\Documents and Settings\Chris\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2008-12-08 22:09:15 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-12-08 22:09:05 ----D---- C:\Documents and Settings\Chris\Application Data\Macromedia
2008-12-08 22:09:01 ----D---- C:\Documents and Settings\Chris\Application Data\Adobe
2008-12-08 22:06:04 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-08 22:05:17 ----D---- C:\Program Files\Common Files\Adobe
2008-12-08 22:05:17 ----D---- C:\Program Files\Adobe
2008-12-08 21:59:53 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-12-08 21:59:51 ----D---- C:\Program Files\NOS
2008-12-08 21:55:44 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-12-08 21:55:30 ----D---- C:\Program Files\AVG
2008-12-08 21:55:29 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-12-08 21:46:52 ----A---- C:\WINDOWS\system32\vusetup.dll
2008-12-08 21:44:17 ----D---- C:\Program Files\VIA Technologies, Inc
2008-12-08 21:44:17 ----A---- C:\WINDOWS\system32\UnAudioNT.dll
2008-12-08 21:41:35 ----A---- C:\WINDOWS\IsUninst.exe
2008-12-08 21:37:20 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-08 21:37:17 ----SD---- C:\WINDOWS\system32\Microsoft
2008-12-08 21:37:17 ----D---- C:\WINDOWS\Prefetch
2008-12-08 21:32:25 ----N---- C:\WINDOWS\system32\spiisupd.exe
2008-12-08 21:32:25 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-12-08 21:32:25 ----N---- C:\WINDOWS\system32\asr_pfu.exe
2008-12-08 21:32:20 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-12-08 21:32:20 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-12-08 21:32:20 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-12-08 21:32:20 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\httpapi.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\hccoin.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\fwcfg.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\fsquirt.exe
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\fltmc.exe
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\fltlib.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\encdec.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\encapi.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\dxdiagn.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\dsprpres.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\d3d9.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\btpanui.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\bthserv.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\bthci.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\blastcln.exe
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\auditusr.exe
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-12-08 21:32:19 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdno1.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdinben.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2008-12-08 21:32:18 ----A---- C:\WINDOWS\system32\ieencode.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\p2p.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\mssap.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\msftedit.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\msdadiag.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\mp4sdmod.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\mp43dmod.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\kbdukx.dll
2008-12-08 21:32:17 ----A---- C:\WINDOWS\system32\MsPMSNSv.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\wmerror.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\winshfhc.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\winhttp.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\winbrand.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\w3ssl.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\twext.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\strmfilt.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\smbinst.exe
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\slserv.exe
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\slgen.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\sbeio.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\sbe.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\powercfg.exe
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\p2psvc.dll
2008-12-08 21:32:16 ----A---- C:\WINDOWS\system32\wmidx.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\xmlprovi.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\xmlprov.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wuweb.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wups.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wucltui.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wuaueng1.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wuauclt1.exe
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wuapi.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wshbth.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wscsvc.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wscntfy.exe
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wmpdxm.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wmpasf.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wmp.dll
2008-12-08 21:32:15 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2008-12-08 21:32:15 ----A---- C:\WINDOWS\system32\wmspdmoe.dll
2008-12-08 21:32:15 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2008-12-08 21:32:15 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2008-12-08 21:32:14 ----N---- C:\WINDOWS\system32\xpsp1res.dll
2008-12-08 21:32:14 ----N---- C:\WINDOWS\system32\xpob2res.dll
2008-12-08 21:32:14 ----N---- C:\WINDOWS\slrundll.exe
2008-12-08 21:32:13 ----D---- C:\WINDOWS\provisioning
2008-12-08 21:32:13 ----D---- C:\WINDOWS\peernet
2008-12-08 21:30:32 ----D---- C:\WINDOWS\ServicePackFiles

======List of files/folders modified in the last 3 months======

2009-01-03 13:27:42 ----D---- C:\WINDOWS\Temp
2009-01-03 13:26:31 ----RD---- C:\Program Files
2009-01-03 12:55:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-03 12:20:17 ----D---- C:\WINDOWS\system32\drivers
2009-01-03 12:01:23 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-03 11:59:23 ----D---- C:\WINDOWS
2009-01-02 21:54:03 ----D---- C:\WINDOWS\system32
2009-01-02 21:51:45 ----HD---- C:\WINDOWS\inf
2009-01-02 21:51:43 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-02 21:48:24 ----SHD---- C:\WINDOWS\Installer
2009-01-02 21:47:46 ----A---- C:\WINDOWS\win.ini
2009-01-02 21:46:56 ----D---- C:\Program Files\Common Files
2009-01-02 21:44:24 ----D---- C:\WINDOWS\WinSxS
2009-01-02 21:44:14 ----D---- C:\WINDOWS\twain_32
2009-01-02 13:37:22 ----D---- C:\WINDOWS\security
2009-01-02 13:26:28 ----D---- C:\Program Files\Windows Media Player
2009-01-02 13:24:27 ----D---- C:\WINDOWS\system32\DirectX
2008-12-31 00:05:02 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-28 22:15:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-28 22:04:06 ----RSD---- C:\WINDOWS\Fonts
2008-12-28 22:02:58 ----D---- C:\WINDOWS\system32\spool
2008-12-28 21:55:45 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-28 21:55:35 ----D---- C:\WINDOWS\system32\mui
2008-12-28 21:55:35 ----D---- C:\Program Files\Internet Explorer
2008-12-28 21:55:31 ----D---- C:\WINDOWS\PCHEALTH
2008-12-28 18:21:55 ----SD---- C:\WINDOWS\Tasks
2008-12-28 18:19:33 ----A---- C:\WINDOWS\imsins.BAK
2008-12-26 18:04:37 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-20 10:00:59 ----D---- C:\WINDOWS\Help
2008-12-20 09:58:07 ----D---- C:\WINDOWS\system32\config
2008-12-20 09:57:50 ----D---- C:\WINDOWS\Media
2008-12-15 21:07:10 ----D---- C:\WINDOWS\system32\Macromed
2008-12-15 18:00:10 ----SD---- C:\Documents and Settings\Chris\Application Data\Microsoft
2008-12-09 18:48:17 ----D---- C:\Program Files\Common Files\System
2008-12-09 18:46:34 ----D---- C:\WINDOWS\system
2008-12-09 18:46:34 ----D---- C:\WINDOWS\msapps
2008-12-09 18:46:34 ----D---- C:\Program Files\microsoft frontpage
2008-12-08 21:48:03 ----D---- C:\WINDOWS\Debug
2008-12-08 21:43:53 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-08 21:38:25 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-08 21:38:11 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-08 21:37:36 ----A---- C:\WINDOWS\setuplog.txt
2008-12-08 21:37:31 ----D---- C:\WINDOWS\system32\wbem
2008-12-08 21:37:04 ----SHD---- C:\System Volume Information
2008-12-08 21:37:01 ----D---- C:\WINDOWS\AppPatch
2008-12-08 21:37:01 ----D---- C:\Program Files\Messenger
2008-12-08 21:33:25 ----RASH---- C:\boot.ini
2008-12-08 21:32:26 ----D---- C:\WINDOWS\system32\Setup
2008-12-08 21:32:24 ----D---- C:\WINDOWS\ime
2008-12-08 21:32:14 ----D---- C:\WINDOWS\system32\oobe
2008-12-08 21:32:13 ----D---- C:\Program Files\Movie Maker
2008-12-08 21:30:22 ----D---- C:\WINDOWS\system32\Restore
2008-12-08 21:30:22 ----D---- C:\WINDOWS\system32\npp
2008-12-08 21:30:21 ----D---- C:\WINDOWS\msagent
2008-12-08 21:30:20 ----D---- C:\WINDOWS\srchasst
2008-12-08 21:30:18 ----D---- C:\Program Files\NetMeeting
2008-12-08 21:30:17 ----D---- C:\WINDOWS\system32\Com
2008-12-08 21:30:15 ----D---- C:\Program Files\Windows NT
2008-12-08 21:30:14 ----D---- C:\Program Files\Outlook Express

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-12-08 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-12-08 26824]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 InCDPass;Nero InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-06-25 36776]
R1 incdrm;Nero InCD MRW Remapper; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-06-25 38440]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-03 36096]
R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-12-08 76040]
R3 catchme;catchme; \??\C:\DOCUME~1\Chris\LOCALS~1\Temp\catchme.sys []
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-07-29 41984]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-07 51120]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-07 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-07 21744]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 S3SavageNB;S3SavageNB; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2004-08-03 166912]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudio.sys [2002-09-16 64128]
R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2003-08-04 6912]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2003-08-04 11392]
R4 InCDfs;Nero InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-06-25 119080]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-12-08 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-12-08 231704]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-06-25 1552680]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-10 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-12-05 935208]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S1 InCDrec;Nero InCD File System Recognizer; C:\WINDOWS\system32\drivers\InCDRec.sys [2007-06-25 16040]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-01-03 13:27:49

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\NuNInst.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Family Feud 2-->C:\Program Files\Family Feud 2\uninstall.exe
Family Feud--> "C:\Program Files\Family Feud\uninstall.exe "
Family Feud-->MsiExec.exe /X{DCF9A8CC-6EB4-156B-7E67-BABDACF9218D}
FinePixViewer Resource-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B44529FF-501E-47CD-A06D-223C161BE058}\SETUP.EXE" -l0x9
FinePixViewer Ver.5.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE" -l0x9
FUJIFILM USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
getPlus(R) for Adobe--> "C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
HijackThis 2.0.2--> "C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB915865)--> "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe "
HP Image Zone Express-->MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
HP Imaging Device Functions 5.3-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP PSC & OfficeJet 5.3.B--> "C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP PSC 1400 series-->rundll32 hpzcon12.dll,VendorJettison HP PSC 1400 series
HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
ImageMixer VCD2 LE for FinePix-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B093990A-AAF2-44AC-9216-14BB7A2189B6}\SETUP.EXE" -l0x9
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
LimeWire PRO 4.12.3--> "C:\Program Files\LimeWire\uninstall.exe "
Malwarebytes' Anti-Malware--> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe "
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft Internationalized Domain Names Mitigation APIs--> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft National Language Support Downlevel APIs--> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft Office 2000 Disc 2-->MsiExec.exe /I{00040409-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 Professional-->MsiExec.exe /I{00010409-78E1-11D2-B60F-006097C998E7}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Nero 7 Essentials-->MsiExec.exe /X{7D6AD5AB-7BBA-46E5-B1C0-07DD06D81033}
Nero 9 Trial-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER= "8M01-20CX-4294-TL10-U4U0-UKE2-MMT7-AHWX "
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
RAW FILE CONVERTER LE-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D680C913-5955-469D-9D88-C1940F7506D6}\SETUP.EXE" -l0x9
Spybot - Search & Destroy--> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
VIA Audio Driver Setup Program-->RunDll32.exe UnAudioNT.dll,UninstallAudio C:\WINDOWS\IsUninst.exe -f "C:\PROGRA~1\VIATEC~1\VIAAUD~1/Uninst.isu "
Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Imaging Component--> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe "
Windows Installer 3.1 (KB893803)--> "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe "
Windows Internet Explorer 7--> "C:\WINDOWS\ie7\spuninst\spuninst.exe "
Windows Media Format Runtime--> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
WinZip 12.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}
Yahoo! Search Suggest Add-on for IE7-->C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: AVG Anti-Virus Free

System event log

Computer Name: PERSONAL-KK0FIE
Event Code: 3260
Message: This computer has been successfully joined to workgroup 'WORKGROUP'.

Record Number: 5
Source Name: Workstation
Time Written: 20080207205857.000000-360
Event Type: information
User:

Computer Name: PERSONAL-KK0FIE
Event Code: 6011
Message: The NetBIOS name and DNS host name of this machine have been changed from MACHINENAME to PERSONAL-KK0FIE.

Record Number: 4
Source Name: EventLog
Time Written: 20080207205807.000000-360
Event Type: information
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: The Event log service was started.

Record Number: 3
Source Name: EventLog
Time Written: 20080207145329.000000-360
Event Type: information
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Uniprocessor Free.

Record Number: 2
Source Name: EventLog
Time Written: 20080207145329.000000-360
Event Type: information
User:

Computer Name: MACHINENAME
Event Code: 2
Message: While validating that \Device\Serial0 was really a serial port, a fifo was detected. The fifo will be used.

Record Number: 1
Source Name: Serial
Time Written: 20080207145352.000000-360
Event Type: information
User:

Application event log

Computer Name: PERSONAL-KK0FIE
Event Code: 1000
Message: Faulting application i_view32.exe, version 4.2.2.0, faulting module mp3.dll, version 3.9.9.0, fault address 0x0000261b.

Record Number: 380
Source Name: Application Error
Time Written: 20081226181731.000000-360
Event Type: error
User:

Computer Name: PERSONAL-KK0FIE
Event Code: 1000
Message: Faulting application i_view32.exe, version 4.2.2.0, faulting module mp3.dll, version 3.9.9.0, fault address 0x0000261b.

Record Number: 379
Source Name: Application Error
Time Written: 20081226181729.000000-360
Event Type: error
User:

Computer Name: PERSONAL-KK0FIE
Event Code: 1000
Message: Faulting application i_view32.exe, version 4.2.2.0, faulting module mp3.dll, version 3.9.9.0, fault address 0x0000261b.

Record Number: 378
Source Name: Application Error
Time Written: 20081226181729.000000-360
Event Type: error
User:

Computer Name: PERSONAL-KK0FIE
Event Code: 1000
Message: Faulting application i_view32.exe, version 4.2.2.0, faulting module mp3.dll, version 3.9.9.0, fault address 0x0000261b.

Record Number: 377
Source Name: Application Error
Time Written: 20081226181729.000000-360
Event Type: error
User:

Computer Name: PERSONAL-KK0FIE
Event Code: 1000
Message: Faulting application i_view32.exe, version 4.2.2.0, faulting module mp3.dll, version 3.9.9.0, fault address 0x0000261b.

Record Number: 376
Source Name: Application Error
Time Written: 20081226181729.000000-360
Event Type: error
User:

======Environment variables======

"ComSpec "=%SystemRoot%\system32\cmd.exe
"Path "=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir "=%SystemRoot%
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=15
"PROCESSOR_IDENTIFIER "=x86 Family 15 Model 2 Stepping 7, GenuineIntel
"PROCESSOR_REVISION "=0207
"NUMBER_OF_PROCESSORS "=1
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK "=NO

-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-01-03 13:27:49

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\NuNInst.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Family Feud 2-->C:\Program Files\Family Feud 2\uninstall.exe
Family Feud--> "C:\Program Files\Family Feud\uninstall.exe "
Family Feud-->MsiExec.exe /X{DCF9A8CC-6EB4-156B-7E67-BABDACF9218D}
FinePixViewer Resource-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B44529FF-501E-47CD-A06D-223C161BE058}\SETUP.EXE" -l0x9
FinePixViewer Ver.5.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3EOF-----------------

 

~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE" -l0x9
FUJIFILM USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
getPlus(R) for Adobe--> "C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
HijackThis 2.0.2--> "C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB915865)--> "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe "
HP Image Zone Express-->MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
HP Imaging Device Functions 5.3-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP PSC & OfficeJet 5.3.B--> "C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP PSC 1400 series-->rundll32 hpzcon12.dll,VendorJettison HP PSC 1400 series
HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
ImageMixer VCD2 LE for FinePix-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B093990A-AAF2-44AC-9216-14BB7A2189B6}\SETUP.EXE" -l0x9
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
LimeWire PRO 4.12.3--> "C:\Program Files\LimeWire\uninstall.exe "
Malwarebytes' Anti-Malware--> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe "
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft Internationalized Domain Names Mitigation APIs--> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft National Language Support Downlevel APIs--> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft Office 2000 Disc 2-->MsiExec.exe /I{00040409-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 Professional-->MsiExec.exe /I{00010409-78E1-11D2-B60F-006097C998E7}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Nero 7 Essentials-->MsiExec.exe /X{7D6AD5AB-7BBA-46E5-B1C0-07DD06D81033}
Nero 9 Trial-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER= "8M01-20CX-4294-TL10-U4U0-UKE2-MMT7-AHWX "
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
RAW FILE CONVERTER LE-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\-----------------

 

info.txt logfile of random's system information tool 1.05 2009-01-03 13:27:49

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\NuNInst.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Family Feud 2-->C:\Program Files\Family Feud 2\uninstall.exe
Family Feud--> "C:\Program Files\Family Feud\uninstall.exe "
Family Feud-->MsiExec.exe /X{DCF9A8CC-6EB4-156B-7E67-BABDACF9218D}
FinePixViewer Resource-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B44529FF-501E-47CD-A06D-223C161BE058}\SETUP.EXE" -l0x9
FinePixViewer Ver.5.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE" -l0x9
FUJIFILM USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
getPlus(R) for Adobe--> "C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
HijackThis 2.0.2--> "C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB915865)--> "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe "
HP Image Zone Express-->MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
HP Imaging Device Functions 5.3-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP PSC & OfficeJet 5.3.B--> "C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP PSC 1400 series-->rundll32 hpzcon12.dll,VendorJettison HP PSC 1400 series
HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
ImageMixer VCD2 LE for FinePix-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B093990A-AAF2-44AC-9216-14BB7A2189B6}\SETUP.EXE" -l0x9
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
LimeWire PRO 4.12.3--> "C:\Program Files\LimeWire\uninstall.exe "
Malwarebytes' Anti-Malware--> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe "
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft Internationalized Domain Names Mitigation APIs--> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft National Language Support Downlevel APIs--> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft Office 2000 Disc 2-->MsiExec.exe /I{00040409-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 Professional-->MsiExec.exe /I{00010409-78E1-11D2-B60F-006097C998E7}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Nero 7 Essentials-->MsiExec.exe /X{7D6AD5AB-7BBA-46E5-B1C0-07DD06D81033}
Nero 9 Trial-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER= "8M01-20CX-4294-TL10-U4U0-UKE2-MMT7-AHWX "
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
RAW FILE CONVERTER LE-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D680C913-5955-469D-9D88-C1940F7506D6}\SETUP.EXE" -l0x9
Spybot - Search & Destroy--> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
VIA Audio Driver Setup Program-->RunDll32.exe UnAudioNT.dll,UninstallAudio C:\WINDOWS\IsUninst.exe -f "C:\PROGRA~1\VIATEC~1\VIAAUD~1/Uninst.isu "
Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Imaging Component--> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe "
Windows Installer 3.1 (KB893803)--> "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe "
Windows Internet Explorer 7--> "C:\WINDOWS\ie7\spuninst\spuninst.exe "
Windows Media Format Runtime--> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
WinZip 12.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}
Yahoo! Search Suggest Add-on for IE7-->C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

======Hosts File=====

 

127.0.0.1 localhost

======Security center information======

AV: AVG Anti-Virus Free

System event log

Computer Name: PERSONAL-KK0FIE
Event Code: 3260
Message: This computer has been successfully joined to workgroup 'WORKGROUP'.

Record Number: 5
Source Name: Workstation
Time Written: 20080207205857.000000-360
Event Type: information
User:

Computer Name: PERSONAL-KK0FIE
Event Code: 6011
Message: The NetBIOS name and DNS host name of this machine have been changed from MACHINENAME to PERSONAL-KK0FIE.

Record Number: 4
Source Name: EventLog
Time Written: 20080207205807.000000-360
Event Type: information
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: The Event log service was started.

Record Number: 3
Source Name: EventLog
Time Written: 20080207145329.000000-360
Event Type: information
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Uniprocessor Free.

Record Number: 2
Source Name: EventLog
Time Written: 20080207145329.000000-360
Event Type: information
User:

Computer Name: MACHINENAME
Event Code: 2
Message: While validating that \Device\Serial0 was really a serial port, a fifo was detected. The fifo will be used.

Record Number: 1
Source Name: Serial
Time Written: 20080207145352.000000-360
Event Type: information
User:

Application event log

Computer Name: PERSONAL-KK0FIE
Event Code: 1000
Message: Faulting application i_view32.exe, version 4.2.2.0, faulting module mp3.dll, version 3.9.9.0, fault address 0x0000261b.

Record Number: 380
Source Name: Application Error
Time Written: 20081226181731.000000-360
Event Type: error
User:

Computer Name: PERSONAL-KK0FIE
Event Code: 1000
Message: Faulting application i_view32.exe, version 4.2.2.0, faulting module mp3.dll, version 3.9.9.0, fault address 0x0000261b.

Record Number: 379
Source Name: Application Error
Time Written: 20081226181729.000000-360
Event Type: error
User:

Computer Name: PERSONAL-KK0FIE
Event Code: 1000
Message: Faulting application i_view32.exe, version 4.2.2.0, faulting module mp3.dll, version 3.9.9.0, fault address 0x0000261b.

Record Number: 378
Source Name: Application Error
Time Written: 20081226181729.000000-360
Event Type: error
User:

Computer Name: PERSONAL-KK0FIE
Event Code: 1000
Message: Faulting application i_view32.exe, version 4.2.2.0, faulting module mp3.dll, version 3.9.9.0, fault address 0x0000261b.

Record Number: 377
Source Name: Application Error
Time Written: 20081226181729.000000-360
Event Type: error
User:

Computer Name: PERSONAL-KK0FIE
Event Code: 1000
Message: Faulting application i_view32.exe, version 4.2.2.0, faulting module mp3.dll, version 3.9.9.0, fault address 0x0000261b.

Record Number: 376
Source Name: Application Error
Time Written: 20081226181729.000000-360
Event Type: error
User:

======Environment variables======

"ComSpec "=%SystemRoot%\system32\cmd.exe
"Path "=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir "=%SystemRoot%
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=15
"PROCESSOR_IDENTIFIER "=x86 Family 15 Model 2 Stepping 7, GenuineIntel
"PROCESSOR_REVISION "=0207
"NUMBER_OF_PROCESSORS "=1
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK "=NO

-----------------EOF-----------------

 

there, I really messed up the first time, Im sorry, my skill level is about on par with a ten yr old, but I think I got it!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-12-08 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5A263CF7-56A6-4D68-A8CF-345BE45BC911}]
Yahoo! IE Suggest - C:\Program Files\Yahoo!\SearchSuggest\YSearchSuggest.dll [2008-01-14 233472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-10 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY "=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-12-08 1261336]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"SunJavaUpdateSched "=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-10 136600]
"NeroFilterCheck "=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-03-17 570664]
"SecurDisc "=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-06-25 1629480]
"InCD "=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-06-25 1057064]
"HP Software Update "=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]
"REGSHAVE "=C:\Program Files\REGSHAVE\REGSHAVE.EXE [2002-02-04 53248]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware "=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-12-03 399504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS "=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"SpybotSD TeaTimer "=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"LightScribe Control Panel "=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} "=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Exif Launcher.lnk - C:\Program Files\FinePixViewer\QuickDCF.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=157

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\AVG\AVG8\avgemc.exe "= "C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe "
"C:\Program Files\AVG\AVG8\avgupd.exe "= "C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe "
"C:\Program Files\LimeWire\LimeWire.exe "= "C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire "
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe "= "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger "
"C:\Program Files\Wyzo\wyzo.exe "= "C:\Program Files\Wyzo\wyzo.exe:*isabled:Wyzo "
"C:\Program Files\Java\jre6\bin\java.exe "= "C:\Program Files\Java\jre6\bin\java.exe:*isabled:Java(TM) Platform SE binary "
"D:\Installation\Setupx.exe "= "D:\Installation\Setupx.exe:*:Enabled:Nero ProductSetup "
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe "= "C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime Essentials "
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe "
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe "
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe "= "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe "
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe "= "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe "
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe "= "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "

======List of files/folders created in the last 3 months======

 

2009-01-03 13:26:31 ----D---- C:\Program Files\trend micro
2009-01-03 13:26:29 ----D---- C:\rsit
2009-01-03 12:20:21 ----D---- C:\Documents and Settings\Chris\Application Data\Malwarebytes
2009-01-03 12:20:13 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-03 12:20:13 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-03 11:59:23 ----D---- C:\WINDOWS\ERUNT
2009-01-03 11:53:37 ----A---- C:\WINDOWS\ntbtlog.txt
2009-01-03 11:50:04 ----D---- C:\SDFix
2009-01-02 21:55:04 ----D---- C:\Program Files\PIXELA
2009-01-02 21:54:03 ----A---- C:\WINDOWS\system32\FPXS2Pro.dll
2009-01-02 21:53:14 ----D---- C:\Documents and Settings\Chris\Application Data\FUJIFILM
2009-01-02 21:52:25 ----D---- C:\Program Files\FinePixViewer
2009-01-02 21:52:25 ----A---- C:\WINDOWS\system32\FFTIFF16.dll
2009-01-02 21:52:25 ----A---- C:\WINDOWS\system32\FFRAFLIB.DLL
2009-01-02 21:51:36 ----N---- C:\WINDOWS\system32\FINFCOPY.dll
2009-01-02 21:51:36 ----N---- C:\WINDOWS\system32\FINFCHECK.dll
2009-01-02 21:51:36 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-02 21:51:36 ----D---- C:\Program Files\REGSHAVE
2009-01-02 21:51:35 ----N---- C:\WINDOWS\system32\FREGSHEX.DLL
2009-01-02 21:51:35 ----N---- C:\WINDOWS\system32\FCLKBTN.DLL
2009-01-02 21:47:24 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2009-01-02 21:46:56 ----D---- C:\Program Files\Common Files\HP
2009-01-02 21:45:01 ----D---- C:\Program Files\Hewlett-Packard
2009-01-02 21:43:33 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2009-01-02 21:42:45 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2009-01-02 21:42:44 ----A---- C:\WINDOWS\system32\HPZisn12.dll
2009-01-02 21:42:44 ----A---- C:\WINDOWS\system32\HPZipt12.dll
2009-01-02 21:42:44 ----A---- C:\WINDOWS\system32\HPZipm12.exe
2009-01-02 21:42:43 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2009-01-02 21:42:43 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2009-01-02 21:34:34 ----D---- C:\Program Files\HP
2009-01-02 21:33:12 ----HD---- C:\Config.Msi
2009-01-02 21:31:40 ----D---- C:\Documents and Settings\Chris\Application Data\HP
2009-01-02 21:29:24 ----RA---- C:\WINDOWS\system32\HPZc3212.dll
2009-01-02 21:29:24 ----RA---- C:\WINDOWS\system32\hpovst08.dll
2009-01-02 21:29:23 ----RA---- C:\WINDOWS\system32\hpotscl.dll
2009-01-02 21:29:22 ----RA---- C:\WINDOWS\system32\hpgwiamd.dll
2009-01-02 14:25:33 ----D---- C:\Documents and Settings\All Users\Application Data\LightScribe
2009-01-02 13:45:56 ----D---- C:\Program Files\Sanyo
2009-01-02 13:45:51 ----D---- C:\Program Files\Common Files\InstallShield
2009-01-02 13:41:37 ----D---- C:\Program Files\Family Feud
2009-01-02 13:36:09 ----D---- C:\Program Files\Common Files\LightScribe
2009-01-02 13:34:11 ----D---- C:\Documents and Settings\Chris\Application Data\Ahead
2009-01-02 13:33:26 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2009-01-02 13:27:37 ----D---- C:\Program Files\Common Files\Ahead
2009-01-02 13:25:58 ----D---- C:\WINDOWS\RegisteredPackages
2009-01-02 13:24:24 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-12-28 22:13:58 ----D---- C:\Program Files\MSBuild
2008-12-28 22:04:15 ----D---- C:\WINDOWS\system32\XPSViewer
2008-12-28 22:03:16 ----D---- C:\Program Files\Reference Assemblies
2008-12-28 22:02:43 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-12-28 21:56:29 ----RSD---- C:\WINDOWS\assembly
2008-12-28 21:55:31 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-28 21:54:43 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2008-12-28 21:20:20 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-28 20:28:04 ----D---- C:\Documents and Settings\Chris\Application Data\Nero
2008-12-28 19:24:51 ----A---- C:\WINDOWS\Irremote.ini
2008-12-28 19:15:34 ----D---- C:\Program Files\Windows Sidebar
2008-12-28 18:33:03 ----D---- C:\Program Files\Nero
2008-12-28 18:31:01 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2008-12-28 18:31:00 ----D---- C:\Program Files\Common Files\Nero
2008-12-28 18:30:21 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-12-28 18:19:02 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-12-26 18:01:18 ----D---- C:\Documents and Settings\Chris\Application Data\Uniblue
2008-12-26 17:59:56 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2008-12-26 17:59:49 ----D---- C:\Program Files\WinZip
2008-12-25 18:37:03 ----D---- C:\Program Files\Family Feud 2
2008-12-25 18:37:03 ----D---- C:\Documents and Settings\Chris\Application Data\SpinTop
2008-12-25 17:49:18 ----D---- C:\WINDOWS\system32\appmgmt
2008-12-24 01:11:57 ----D---- C:\WINDOWS\BDOSCAN8
2008-12-24 00:50:41 ----D---- C:\Program Files\IrfanView
2008-12-23 01:23:40 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-23 01:23:40 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-20 23:53:48 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-12-20 23:51:36 ----D---- C:\Documents and Settings\Chris\Application Data\Google
2008-12-20 23:46:05 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-12-20 12:40:49 ----D---- C:\Documents and Settings\All Users\Application Data\MSN6
2008-12-20 12:40:47 ----D---- C:\Documents and Settings\Chris\Application Data\MSN6
2008-12-20 12:26:00 ----D---- C:\Documents and Settings\Chris\Application Data\.wyzo
2008-12-20 11:45:05 ----A---- C:\WINDOWS\st_affiliate.ini
2008-12-20 09:58:17 ----HD---- C:\WINDOWS\msdownld.tmp
2008-12-20 09:57:58 ----D---- C:\WINDOWS\WBEM
2008-12-20 09:57:57 ----D---- C:\WINDOWS\system32\en-US
2008-12-20 09:56:27 ----HDC---- C:\WINDOWS\ie7
2008-12-20 09:56:05 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-12-20 09:55:44 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-12-20 09:55:16 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-12-20 09:55:16 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-20 09:55:13 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-12-15 22:29:16 ----D---- C:\Documents and Settings\Chris\Application Data\Yahoo!
2008-12-15 22:29:16 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-12-15 22:27:54 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-12-15 22:27:45 ----D---- C:\Program Files\Yahoo!
2008-12-15 20:34:30 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-12-14 12:31:41 ----HD---- C:\$AVG8.VAULT$
2008-12-14 11:35:33 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia
2008-12-14 11:35:30 ----D---- C:\Documents and Settings\Chris\Application Data\iWin
2008-12-14 11:35:28 ----D---- C:\Documents and Settings\All Users\Application Data\NeoEdge Networks
2008-12-14 11:35:17 ----D---- C:\Program Files\Yahoo! Games
2008-12-11 01:18:11 ----SHD---- C:\RECYCLER
2008-12-10 21:38:45 ----D---- C:\WINDOWS\Sun
2008-12-10 20:36:16 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-12-10 18:25:36 ----D---- C:\Documents and Settings\Chris\Application Data\LimeWire
2008-12-10 17:29:25 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-10 17:29:25 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-10 17:29:25 ----A---- C:\WINDOWS\system32\java.exe
2008-12-10 17:29:25 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-10 17:29:08 ----D---- C:\Program Files\Java
2008-12-10 17:27:18 ----D---- C:\Documents and Settings\Chris\Application Data\Sun
2008-12-10 17:25:12 ----D---- C:\Program Files\LimeWire
2008-12-09 18:49:43 ----D---- C:\Documents and Settings\All Users\Application Data\SBT
2008-12-09 18:48:13 ----D---- C:\Program Files\Snapshot Viewer
2008-12-09 17:01:52 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-12-08 22:21:12 ----A---- C:\WINDOWS\ODBC.INI
2008-12-08 22:20:01 ----D---- C:\Program Files\Common Files\Designer
2008-12-08 22:19:22 ----D---- C:\WINDOWS\ShellNew
2008-12-08 22:17:34 ----D---- C:\Program Files\Microsoft Office
2008-12-08 22:17:34 ----D---- C:\Documents and Settings\Chris\Application Data\Microsoft Web Folders
2008-12-08 22:10:49 ----D---- C:\Documents and Settings\Chris\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2008-12-08 22:09:15 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-12-08 22:09:05 ----D---- C:\Documents and Settings\Chris\Application Data\Macromedia
2008-12-08 22:09:01 ----D---- C:\Documents and Settings\Chris\Application Data\Adobe
2008-12-08 22:06:04 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-08 22:05:17 ----D---- C:\Program Files\Common Files\Adobe
2008-12-08 22:05:17 ----D---- C:\Program Files\Adobe
2008-12-08 21:59:53 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-12-08 21:59:51 ----D---- C:\Program Files\NOS
2008-12-08 21:55:44 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-12-08 21:55:30 ----D---- C:\Program Files\AVG
2008-12-08 21:55:29 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-12-08 21:46:52 ----A---- C:\WINDOWS\system32\vusetup.dll
2008-12-08 21:44:17 ----D---- C:\Program Files\VIA Technologies, Inc
2008-12-08 21:44:17 ----A---- C:\WINDOWS\system32\UnAudioNT.dll
2008-12-08 21:41:35 ----A---- C:\WINDOWS\IsUninst.exe
2008-12-08 21:37:20 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-08 21:37:17 ----SD---- C:\WINDOWS\system32\Microsoft
2008-12-08 21:37:17 ----D---- C:\WINDOWS\Prefetch
2008-12-08 21:32:25 ----N---- C:\WINDOWS\system32\spiisupd.exe
2008-12-08 21:32:25 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-12-08 21:32:25 ----N---- C:\WINDOWS\system32\asr_pfu.exe
2008-12-08 21:32:20 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-12-08 21:32:20 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-12-08 21:32:20 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-12-08 21:32:20 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\httpapi.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\hccoin.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\fwcfg.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\fsquirt.exe
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\fltmc.exe
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\fltlib.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\encdec.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\encapi.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\dxdiagn.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\dsprpres.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\d3d9.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\btpanui.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\bthserv.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\bthci.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\blastcln.exe
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\auditusr.exe
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-12-08 21:32:19 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-12-08 21:32:19 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdno1.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdinben.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2008-12-08 21:32:18 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2008-12-08 21:32:18 ----A---- C:\WINDOWS\system32\ieencode.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\p2p.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\mssap.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\msftedit.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\msdadiag.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\mp4sdmod.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\mp43dmod.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-12-08 21:32:17 ----N---- C:\WINDOWS\system32\kbdukx.dll
2008-12-08 21:32:17 ----A---- C:\WINDOWS\system32\MsPMSNSv.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\wmerror.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\winshfhc.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\winhttp.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\winbrand.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\w3ssl.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\twext.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\strmfilt.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\smbinst.exe
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\slserv.exe
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\slgen.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\sbeio.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\sbe.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\powercfg.exe
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
2008-12-08 21:32:16 ----N---- C:\WINDOWS\system32\p2psvc.dll
2008-12-08 21:32:16 ----A---- C:\WINDOWS\system32\wmidx.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\xmlprovi.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\xmlprov.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wuweb.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wups.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wucltui.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wuaueng1.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wuauclt1.exe
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wuapi.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wshbth.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wscsvc.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wscntfy.exe
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wmpdxm.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wmpasf.dll
2008-12-08 21:32:15 ----N---- C:\WINDOWS\system32\wmp.dll
2008-12-08 21:32:15 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2008-12-08 21:32:15 ----A---- C:\WINDOWS\system32\wmspdmoe.dll
2008-12-08 21:32:15 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2008-12-08 21:32:15 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2008-12-08 21:32:14 ----N---- C:\WINDOWS\system32\xpsp1res.dll
2008-12-08 21:32:14 ----N---- C:\WINDOWS\system32\xpob2res.dll
2008-12-08 21:32:14 ----N---- C:\WINDOWS\slrundll.exe
2008-12-08 21:32:13 ----D---- C:\WINDOWS\provisioning
2008-12-08 21:32:13 ----D---- C:\WINDOWS\peernet
2008-12-08 21:30:32 ----D---- C:\WINDOWS\ServicePackFiles

 

=====List of files/folders modified in the last 3 months======

2009-01-03 13:27:42 ----D---- C:\WINDOWS\Temp
2009-01-03 13:26:31 ----RD---- C:\Program Files
2009-01-03 12:55:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-03 12:20:17 ----D---- C:\WINDOWS\system32\drivers
2009-01-03 12:01:23 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-03 11:59:23 ----D---- C:\WINDOWS
2009-01-02 21:54:03 ----D---- C:\WINDOWS\system32
2009-01-02 21:51:45 ----HD---- C:\WINDOWS\inf
2009-01-02 21:51:43 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-02 21:48:24 ----SHD---- C:\WINDOWS\Installer
2009-01-02 21:47:46 ----A---- C:\WINDOWS\win.ini
2009-01-02 21:46:56 ----D---- C:\Program Files\Common Files
2009-01-02 21:44:24 ----D---- C:\WINDOWS\WinSxS
2009-01-02 21:44:14 ----D---- C:\WINDOWS\twain_32
2009-01-02 13:37:22 ----D---- C:\WINDOWS\security
2009-01-02 13:26:28 ----D---- C:\Program Files\Windows Media Player
2009-01-02 13:24:27 ----D---- C:\WINDOWS\system32\DirectX
2008-12-31 00:05:02 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-28 22:15:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-28 22:04:06 ----RSD---- C:\WINDOWS\Fonts
2008-12-28 22:02:58 ----D---- C:\WINDOWS\system32\spool
2008-12-28 21:55:45 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-28 21:55:35 ----D---- C:\WINDOWS\system32\mui
2008-12-28 21:55:35 ----D---- C:\Program Files\Internet Explorer
2008-12-28 21:55:31 ----D---- C:\WINDOWS\PCHEALTH
2008-12-28 18:21:55 ----SD---- C:\WINDOWS\Tasks
2008-12-28 18:19:33 ----A---- C:\WINDOWS\imsins.BAK
2008-12-26 18:04:37 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-20 10:00:59 ----D---- C:\WINDOWS\Help
2008-12-20 09:58:07 ----D---- C:\WINDOWS\system32\config
2008-12-20 09:57:50 ----D---- C:\WINDOWS\Media
2008-12-15 21:07:10 ----D---- C:\WINDOWS\system32\Macromed
2008-12-15 18:00:10 ----SD---- C:\Documents and Settings\Chris\Application Data\Microsoft
2008-12-09 18:48:17 ----D---- C:\Program Files\Common Files\System
2008-12-09 18:46:34 ----D---- C:\WINDOWS\system
2008-12-09 18:46:34 ----D---- C:\WINDOWS\msapps
2008-12-09 18:46:34 ----D---- C:\Program Files\microsoft frontpage
2008-12-08 21:48:03 ----D---- C:\WINDOWS\Debug
2008-12-08 21:43:53 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-08 21:38:25 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-08 21:38:11 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-08 21:37:36 ----A---- C:\WINDOWS\setuplog.txt
2008-12-08 21:37:31 ----D---- C:\WINDOWS\system32\wbem
2008-12-08 21:37:04 ----SHD---- C:\System Volume Information
2008-12-08 21:37:01 ----D---- C:\WINDOWS\AppPatch
2008-12-08 21:37:01 ----D---- C:\Program Files\Messenger
2008-12-08 21:33:25 ----RASH---- C:\boot.ini
2008-12-08 21:32:26 ----D---- C:\WINDOWS\system32\Setup
2008-12-08 21:32:24 ----D---- C:\WINDOWS\ime
2008-12-08 21:32:14 ----D---- C:\WINDOWS\system32\oobe
2008-12-08 21:32:13 ----D---- C:\Program Files\Movie Maker
2008-12-08 21:30:22 ----D---- C:\WINDOWS\system32\Restore
2008-12-08 21:30:22 ----D---- C:\WINDOWS\system32\npp
2008-12-08 21:30:21 ----D---- C:\WINDOWS\msagent
2008-12-08 21:30:20 ----D---- C:\WINDOWS\srchasst
2008-12-08 21:30:18 ----D---- C:\Program Files\NetMeeting
2008-12-08 21:30:17 ----D---- C:\WINDOWS\system32\Com
2008-12-08 21:30:15 ----D---- C:\Program Files\Windows NT
2008-12-08 21:30:14 ----D---- C:\Program Files\Outlook Express

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-12-08 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-12-08 26824]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 InCDPass;Nero InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-06-25 36776]
R1 incdrm;Nero InCD MRW Remapper; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-06-25 38440]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-03 36096]
R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-12-08 76040]
R3 catchme;catchme; \??\C:\DOCUME~1\Chris\LOCALS~1\Temp\catchme.sys []
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-07-29 41984]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-07 51120]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-07 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-07 21744]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 S3SavageNB;S3SavageNB; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2004-08-03 166912]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudio.sys [2002-09-16 64128]
R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2003-08-04 6912]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2003-08-04 11392]
R4 InCDfs;Nero InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-06-25 119080]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-12-08 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-12-08 231704]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-06-25 1552680]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-10 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-12-05 935208]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S1 InCDrec;Nero InCD File System Recognizer; C:\WINDOWS\system32\drivers\InCDRec.sys [2007-06-25 16040]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

 

thanks...wasnt sure how the thread thing worked. sorry!

 

yep, that helped!

 

also ran malwarebyMalwarebytes' Anti-Malware 1.31 here is the log..
Database version: 1602
Windows 5.1.2600 Service Pack 2

1/3/2009 12:30:12 PM
mbam-log-2009-01-03 (12-30-12).txt

Scan type: Quick Scan
Objects scanned: 51533
Time elapsed: 7 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 6
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3b8fb116-d358-48a3-a5c7-db84f15cbb04} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3b8fb116-d358-48a3-a5c7-db84f15cbb04} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\webmedia.chl (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Online Alert Manager (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser Toolbar (Trojan.Zlob) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{3b8fb116-d358-48a3-a5c7-db84f15cbb04} (Trojan.Zlob) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\System Tools\Run Virus Scan.url (Trojan.Zlob) -> Quarantined and deleted successfully.
tes program. .

 

Hi bears1985

Please visit the following webpage for instructions for downloading and running ComboFix

How to use ComboFix


Download ComboFix by sUBs from here, saving the file to your desktop.


Disable realtime protection applications as they sometimes interfere with the tool. Check this link for your applicable programs.

• Close all open programs and windows
• Double click ComboFix.exe and follow the prompts.
• It may reboot your computer and resume running when you logon. Wait for it to complete. When finished, it will open a log for you. Post that log in your next reply.

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

**NOTE - I recommend you allow the Recovery Console to be downloaded and installed if or when prompted.

 

here is the log...
ComboFix 09-01-05.03 - Chris 2009-01-05 19:27:22.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.735.369 [GMT -6:00]
Running from: c:\documents and settings\Chris\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\ntnet.drv
c:\windows\system32\wdmaud.sys

.
((((((((((((((((((((((((( Files Created from 2008-12-06 to 2009-01-06 )))))))))))))))))))))))))))))))
.

2009-01-03 13:26 . 2009-01-03 13:27 <DIR> d-------- C:\rsit
2009-01-03 13:26 . 2009-01-03 13:27 <DIR> d-------- c:\program files\trend micro
2009-01-03 12:20 . 2009-01-03 12:20 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-03 12:20 . 2009-01-03 12:20 <DIR> d-------- c:\documents and settings\Chris\Application Data\Malwarebytes
2009-01-03 12:20 . 2009-01-03 12:20 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-03 12:20 . 2008-12-03 19:59 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-03 12:20 . 2008-12-03 19:59 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-03 12:01 . 2009-01-03 12:01 577,024 --a--c--- c:\windows\system32\dllcache\user32.dll
2009-01-03 11:59 . 2009-01-03 11:59 <DIR> d-------- c:\windows\ERUNT
2009-01-03 11:50 . 2008-11-06 02:03 <DIR> d-------- C:\SDFix
2009-01-02 21:55 . 2009-01-02 21:55 <DIR> d-------- c:\program files\PIXELA
2009-01-02 21:55 . 2004-03-08 12:55 13,567 --a------ c:\windows\system32\drivers\CDRBSDRV.SYS
2009-01-02 21:54 . 2002-04-07 13:26 106,496 --a------ c:\windows\system32\FPXS2Pro.dll
2009-01-02 21:53 . 2009-01-02 21:53 <DIR> d-------- c:\documents and settings\Chris\Application Data\FUJIFILM
2009-01-02 21:52 . 2009-01-02 21:53 <DIR> d-------- c:\program files\FinePixViewer
2009-01-02 21:52 . 2003-09-03 07:45 274,432 --a------ c:\windows\system32\FFTIFF16.dll
2009-01-02 21:52 . 2004-07-24 12:28 155,648 --a------ c:\windows\system32\FFRAFLIB.DLL
2009-01-02 21:51 . 2009-01-02 21:51 <DIR> d-------- c:\program files\REGSHAVE
2009-01-02 21:51 . 2009-01-02 21:55 <DIR> d--h----- c:\program files\InstallShield Installation Information
2009-01-02 21:51 . 2001-11-25 05:11 81,924 --------- c:\windows\system32\drivers\VC4CB104.SYS
2009-01-02 21:51 . 2002-02-05 10:33 69,632 --------- c:\windows\system32\FREGSHEX.DLL
2009-01-02 21:51 . 2002-02-27 05:27 65,536 --------- c:\windows\system32\FINFCHECK.dll
2009-01-02 21:51 . 2002-06-25 10:06 45,056 --------- c:\windows\system32\FINFCOPY.dll
2009-01-02 21:51 . 2002-02-13 04:00 45,056 --------- c:\windows\system32\FCLKBTN.DLL
2009-01-02 21:47 . 2009-01-02 21:47 <DIR> d-------- c:\documents and settings\All Users\Application Data\HP
2009-01-02 21:46 . 2009-01-02 21:46 <DIR> d-------- c:\program files\Common Files\HP
2009-01-02 21:45 . 2009-01-02 21:45 <DIR> d-------- c:\program files\Hewlett-Packard
2009-01-02 21:43 . 2009-01-02 21:43 <DIR> d-------- c:\program files\Common Files\Hewlett-Packard
2009-01-02 21:42 . 2004-09-29 12:12 278,584 --a------ c:\windows\system32\HPZidr12.dll
2009-01-02 21:42 . 2004-09-29 12:15 204,800 --a------ c:\windows\system32\HPZipr12.dll
2009-01-02 21:42 . 2004-09-29 12:09 94,208 --a------ c:\windows\system32\HPZipt12.dll
2009-01-02 21:42 . 2004-09-29 12:14 69,632 --a------ c:\windows\system32\HPZipm12.exe
2009-01-02 21:42 . 2004-09-29 12:08 61,440 --a------ c:\windows\system32\HPZinw12.exe
2009-01-02 21:42 . 2004-09-29 12:09 57,344 --a------ c:\windows\system32\HPZisn12.dll
2009-01-02 21:34 . 2009-01-02 21:47 <DIR> d-------- c:\program files\HP
2009-01-02 21:32 . 2005-03-07 22:43 16,496 -ra------ c:\windows\system32\drivers\HPZipr12.sys
2009-01-02 21:31 . 2009-01-02 21:31 <DIR> d-------- c:\documents and settings\Chris\Application Data\HP
2009-01-02 21:31 . 2009-01-02 21:49 112,885 --a------ c:\windows\hpoins07.dat
2009-01-02 21:31 . 2005-03-07 22:43 51,120 -ra------ c:\windows\system32\drivers\HPZid412.sys
2009-01-02 21:31 . 2005-05-24 00:52 21,124 --------- c:\windows\hpomdl07.dat
2009-01-02 21:29 . 2005-04-07 19:51 606,208 -ra------ c:\windows\system32\hpotscl.dll
2009-01-02 21:29 . 2005-04-07 19:51 278,528 -ra------ c:\windows\system32\hpgwiamd.dll
2009-01-02 21:29 . 2005-03-07 22:39 274,432 -ra------ c:\windows\system32\HPZc3212.dll
2009-01-02 21:29 . 2005-04-07 19:51 258,122 -ra------ c:\windows\system32\hpovst08.dll
2009-01-02 21:29 . 2005-03-07 22:43 21,744 -ra------ c:\windows\system32\drivers\HPZius12.sys
2009-01-02 21:29 . 2004-08-03 22:58 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2009-01-02 21:29 . 2004-08-03 22:58 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
2009-01-02 14:25 . 2009-01-02 14:25 <DIR> d-------- c:\documents and settings\All Users\Application Data\LightScribe
2009-01-02 13:45 . 2009-01-02 13:45 <DIR> d-------- c:\program files\Sanyo
2009-01-02 13:45 . 2009-01-02 21:51 <DIR> d-------- c:\program files\Common Files\InstallShield
2009-01-02 13:41 . 2009-01-02 13:43 <DIR> d-------- c:\program files\Family Feud
2009-01-02 13:36 . 2009-01-02 13:36 <DIR> d-------- c:\program files\Common Files\LightScribe
2009-01-02 13:34 . 2009-01-02 14:26 <DIR> d-------- c:\documents and settings\Chris\Application Data\Ahead
2009-01-02 13:33 . 2009-01-02 13:33 <DIR> d-------- c:\documents and settings\All Users\Application Data\Ahead
2009-01-02 13:27 . 2009-01-02 13:32 <DIR> d-------- c:\program files\Common Files\Ahead
2008-12-30 23:08 . 2004-08-03 23:01 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2008-12-30 23:08 . 2004-08-03 23:01 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2008-12-28 22:13 . 2008-12-28 22:13 <DIR> d-------- c:\program files\MSBuild
2008-12-28 22:04 . 2008-12-28 22:04 <DIR> d-------- c:\windows\system32\XPSViewer
2008-12-28 22:03 . 2008-12-28 22:03 <DIR> d-------- c:\program files\Reference Assemblies
2008-12-28 22:02 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2008-12-28 21:20 . 2009-01-02 13:43 69 --a------ c:\windows\NeroDigital.ini
2008-12-28 20:28 . 2008-12-28 21:04 <DIR> d-------- c:\documents and settings\Chris\Application Data\Nero
2008-12-28 19:24 . 2008-12-28 19:24 4,767 --a------ c:\windows\Irremote.ini
2008-12-28 19:15 . 2008-12-28 19:15 <DIR> d-------- c:\program files\Windows Sidebar
2008-12-28 18:33 . 2009-01-02 13:27 <DIR> d-------- c:\program files\Nero
2008-12-28 18:31 . 2008-12-28 20:29 <DIR> d-------- c:\program files\Common Files\Nero
2008-12-28 18:31 . 2008-12-28 18:55 <DIR> d-------- c:\documents and settings\All Users\Application Data\Nero
2008-12-26 18:01 . 2008-12-26 18:01 <DIR> d-------- c:\documents and settings\Chris\Application Data\Uniblue
2008-12-26 17:59 . 2008-12-26 18:00 <DIR> d-------- c:\documents and settings\All Users\Application Data\WinZip
2008-12-25 18:37 . 2008-12-25 18:37 <DIR> d-------- c:\documents and settings\Chris\Application Data\SpinTop
2008-12-24 01:11 . 2008-12-24 01:12 <DIR> d-------- c:\windows\BDOSCAN8
2008-12-24 00:50 . 2008-12-24 00:50 <DIR> d-------- c:\program files\IrfanView
2008-12-23 01:23 . 2008-12-23 01:25 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2008-12-23 01:23 . 2008-12-23 18:32 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-20 23:46 . 2008-12-28 07:54 <DIR> d-------- c:\documents and settings\All Users\Application Data\Google Updater
2008-12-20 12:40 . 2008-12-20 12:43 <DIR> d-------- c:\documents and settings\Chris\Application Data\MSN6
2008-12-20 12:40 . 2008-12-20 12:40 <DIR> d-------- c:\documents and settings\All Users\Application Data\MSN6
2008-12-20 12:26 . 2008-12-20 12:26 <DIR> d-------- c:\documents and settings\Chris\Application Data\.wyzo
2008-12-20 12:26 . 2008-12-20 12:26 0 --a------ c:\windows\nsreg.dat
2008-12-20 11:45 . 2008-12-20 11:45 74 --a------ c:\windows\st_affiliate.ini
2008-12-20 09:58 . 2008-12-20 09:58 <DIR> d--h----- c:\windows\msdownld.tmp
2008-12-20 09:55 . 2008-12-20 09:55 <DIR> d--h----- c:\windows\$hf_mig$
2008-12-15 22:29 . 2008-12-15 22:29 <DIR> d-------- c:\documents and settings\Chris\Application Data\Yahoo!
2008-12-15 22:29 . 2008-12-15 23:17 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2008-12-15 22:27 . 2008-12-24 00:35 <DIR> d-------- c:\program files\Yahoo!
2008-12-15 22:27 . 2008-12-24 00:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo!
2008-12-15 20:34 . 2008-12-25 20:45 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2008-12-14 12:31 . 2009-01-05 19:06 <DIR> d--h----- C:\$AVG8.VAULT$
2008-12-14 11:35 . 2008-12-14 11:35 <DIR> d-------- c:\program files\Yahoo! Games
2008-12-14 11:35 . 2008-12-14 11:35 <DIR> d-------- c:\documents and settings\Chris\Application Data\iWin
2008-12-14 11:35 . 2008-12-14 11:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\Trymedia
2008-12-14 11:35 . 2008-12-14 11:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\NeoEdge Networks
2008-12-10 21:38 . 2008-12-10 21:38 <DIR> d-------- c:\windows\Sun
2008-12-10 20:36 . 2004-08-04 00:56 221,184 --a------ c:\windows\system32\wmpns.dll
2008-12-10 18:25 . 2008-12-29 00:05 <DIR> d-------- c:\documents and settings\Chris\Application Data\LimeWire
2008-12-10 17:29 . 2008-12-10 17:29 <DIR> d-------- c:\program files\Java
2008-12-10 17:29 . 2008-12-10 17:29 410,984 --a------ c:\windows\system32\deploytk.dll
2008-12-10 17:29 . 2008-12-10 17:29 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-12-10 17:25 . 2008-12-26 18:05 <DIR> d-------- c:\program files\LimeWire
2008-12-09 18:49 . 2008-12-09 18:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\SBT
2008-12-09 18:48 . 2008-12-09 18:48 <DIR> d-------- c:\program files\Snapshot Viewer
2008-12-09 17:01 . 2004-08-03 23:08 31,616 --a------ c:\windows\system32\drivers\usbccgp.sys
2008-12-09 17:01 . 2004-08-03 23:08 31,616 --a--c--- c:\windows\system32\dllcache\usbccgp.sys
2008-12-09 17:01 . 2004-08-04 00:56 21,504 --a------ c:\windows\system32\hidserv.dll
2008-12-09 17:01 . 2004-08-04 00:56 21,504 --a--c--- c:\windows\system32\dllcache\hidserv.dll
2008-12-09 17:01 . 2004-08-03 22:58 14,848 --a------ c:\windows\system32\drivers\kbdhid.sys
2008-12-09 17:01 . 2004-08-03 22:58 14,848 --a--c--- c:\windows\system32\dllcache\kbdhid.sys
2008-12-09 17:01 . 2001-08-17 13:48 12,160 --a------ c:\windows\system32\drivers\mouhid.sys
2008-12-09 17:01 . 2001-08-17 13:48 12,160 --a--c--- c:\windows\system32\dllcache\mouhid.sys
2008-12-09 17:01 . 2001-08-17 14:02 9,600 --a------ c:\windows\system32\drivers\hidusb.sys
2008-12-09 17:01 . 2001-08-17 14:02 9,600 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2008-12-08 22:21 . 2008-12-09 18:59 376 --a------ c:\windows\ODBC.INI
2008-12-08 22:19 . 2008-12-08 22:19 <DIR> d-------- c:\windows\ShellNew
2008-12-08 22:17 . 2008-12-08 22:17 <DIR> d-------- c:\documents and settings\Chris\Application Data\Microsoft Web Folders
2008-12-08 22:11 . 2004-08-03 23:08 26,496 --a--c--- c:\windows\system32\dllcache\usbstor.sys
2008-12-08 22:10 . 2008-12-08 22:10 <DIR> d-------- c:\documents and settings\Chris\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2008-12-08 22:09 . 2008-12-08 22:09 <DIR> d-------- c:\program files\Common Files\Adobe AIR
2008-12-08 22:05 . 2008-12-08 22:06 <DIR> d-------- c:\program files\Common Files\Adobe
2008-12-08 21:59 . 2008-12-08 21:59 <DIR> d-------- c:\program files\NOS
2008-12-08 21:59 . 2008-12-08 22:00 <DIR> d-------- c:\documents and settings\All Users\Application Data\NOS
2008-12-08 21:55 . 2009-01-05 17:11 <DIR> d-------- c:\windows\system32\drivers\Avg
2008-12-08 21:55 . 2008-12-08 21:55 <DIR> d-------- c:\program files\AVG
2008-12-08 21:55 . 2008-12-08 21:55 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2008-12-08 21:55 . 2008-12-08 21:55 97,928 --a------ c:\windows\system32\drivers\avgldx86.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-10 00:46 --------- d-----w c:\program files\microsoft frontpage
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
2008-07-28 04:47 160496 --a------ c:\progra~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS "= "c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
"ctfmon.exe "= "c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"LightScribe Control Panel "= "c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} "= "c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY "= "c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-08 1261336]
"Adobe Reader Speed Launcher "= "c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched "= "c:\program files\Java\jre6\bin\jusched.exe" [2008-12-10 136600]
"NeroFilterCheck "= "c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2008-03-17 570664]
"SecurDisc "= "c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-06-25 1629480]
"InCD "= "c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-06-25 1057064]
"HP Software Update "= "c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"REGSHAVE "= "c:\program files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Exif Launcher.lnk - c:\program files\FinePixViewer\QuickDCF.exe [2009-01-02 282624]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 282624]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-02-17 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux "= wdmaud.sys

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe "=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe "=
"c:\\Program Files\\LimeWire\\LimeWire.exe "=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe "=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe "=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-08 97928]
R4 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-12-08 875288]
R4 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-08 231704]
R4 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-12-08 76040]
R4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-12-05 935208]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2008-12-08 33752]
S4 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe --> c:\program files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - InCDrec

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe "
.
Contents of the 'Scheduled Tasks' folder

2009-01-06 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe []
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com

c:\windows\Downloaded Program Files\stg_drm.ocx - O16 -: {149E45D8-163E-4189-86FC-45022AB2B6C9}
file:///C:/Program%20Files/Family%20Feud%202/Images/stg_drm.ocx

c:\windows\Downloaded Program Files\ewidoOnlineScan.dll - O16 -: {193C772A-87BE-4B19-A7BB-445B226FE9A1}
hxxp://downloads.ewido.net/ewidoOnlineScan.cab

c:\windows\Downloaded Program Files\armhelper.ocx - O16 -: {CC450D71-CC90-424C-8638-1F2DBAC87A54}
file:///C:/Program%20Files/Family%20Feud%202/Images/armhelper.ocx
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-05 19:29:34
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-01-05 19:31:03
ComboFix-quarantined-files.txt 2009-01-06 01:31:00

Pre-Run: 109,886,455,808 bytes free
Post-Run: 109,864,701,952 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT= "Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS= "Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

243

 

Highlight and copy the contents of the code box below.

Code:

reg delete  "HKLM\software\microsoft\windows nt\currentversion\drivers32" /v aux /f
exit
cls

Click Start>Run and type cmd then hit enter to open a command window. Right click in the command window and select paste. The command window will close on it's own.


Now, do an online scan with Kaspersky Online Scanner

Click Accept, when prompted to download and install the program files and database of malware definitions.

• Click Run at the Security prompt.
• The program will then begin downloading and installing and will also update the database.
• Please be patient as this can take several minutes.
• Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
• Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
• Click View scan report at the bottom.
• Click the Save Report As... button.
• Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.

**Note**

To optimize scanning time and produce a more sensible report for review:

• Close any open programs.
• Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.

Post the Kaspersky log here and let me know how the computer is behaving.

 

I am running the scan now, its 50 percent complete. searches are no longer being redirected, but scan says it has found 2 infected items so far. will post the log as soon as it is complete! thank you soooo much!