Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

popup.adv.net


  • Please log in to reply
2 replies to this topic

#1 troutsc

troutsc

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:57 PM

Posted 18 December 2008 - 08:22 PM

Hello and first of all thank you for your help!

lately I have been getting this pop-up that comes up at random times even if I'm not using my internet browser. Before it goes to the random ad that it does the pop-up name is popup.adv.net etc. I don't know nothing more about it and where or when it came from. And I especially don't know how to get rid of it so any help and information would be greatly appreciated. I have Norton AntiVirus 2009 recently installed, WebRoot SpySweeper, I've ran SpyBot S&D, and avast, no luck in getting rid of this annoying pop-up. As I am new to this, please let me know any more information that I need to provide you in assisting because I would be most willing! I have followed the instructions on starting a new topic so I have ran the RSIT and have the logs.

info.txt logfile of random's system information tool 1.05 2008-12-18 19:13:22

======Uninstall list======

-->"C:\Program Files\Gateway Games\Big Money\Uninstall.exe"
-->"C:\Program Files\Gateway Games\Boggle\Uninstall.exe"
-->"C:\Program Files\Gateway Games\JEOPARDY\Uninstall.exe"
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Adobe Acrobat 4.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll"
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Audacity 1.3.4 (Unicode)-->"C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe"
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
CardRecovery-->C:\PROGRA~1\CARDRE~1\UNWISE.EXE C:\PROGRA~1\CARDRE~1\INSTALL.LOG
Cisco Systems VPN Client 5.0.00.0320-->MsiExec.exe /X{C91DE044-D900-4F15-BBD1-44FD9D59B277}
Clickster-->C:\Program Files\Clickster\Uninst.exe
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Digital Voice Recorder-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B478ACE-8512-4A46-ACB2-69D83DF2F6C7}\setup.exe" -l0x9 -remove
DVD Profiler Version 3.5.0-->"C:\Program Files\DVD Profiler\unins000.exe"
DVD Solution-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
EPSON CX 4200 4800 Guide-->C:\Program Files\epson\guide\cx4200_4800_e\uninstall.exe
EPSON Printer Software-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
Finale 2001d-->C:\WINDOWS\unvise32.exe C:\Finale 2001d\uninstal.log
Finale 2008-->C:\Program Files\Finale 2008\uninstallFinale.exe
Gateway Game Console-->"C:\Program Files\WildTangent\Apps\Gateway Game Console\Uninstall.exe"
Gateway Games-->"C:\Program Files\Gateway Games\Uninstall.exe"
GiPo@FileUtilities 3.2-->MsiExec.exe /I{E2B64929-B616-4235-B10E-D26D686296F9}
GoldWave v5.23-->"C:\Program Files\GoldWave\unstall.exe" "GoldWave v5.23" "C:\Program Files\GoldWave\unstall.log"
gtw_logo-->C:\WINDOWS\system32\gtw_logo.scr /UNINSTALL "C:\WINDOWS\system32\gtw_logo.log"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Deskjet All-In-One Software 8.0-->C:\Program Files\HP\Digital Imaging\{24557DC0-0839-496f-82F9-C4EB72EFE4FA}\setup\hpzscr01.exe -datfile hposcr12.dat
Intel Matrix Storage Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}\Setup.exe" -l0409 -INTELUNINST
Intel® Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Intel® PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
J2SE Runtime Environment 5.0 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
Java™ 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
JGoodies JDiskReport 1.3.1-->"F:\JDiskReport 1.3.1\uninstall.exe"
Live Search Club Toolbar-->MsiExec.exe /X{878D0EC5-9426-4CE7-9298-855D32CCE955}
LiveUpdate 3.0 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Magic ISO Maker v5.4 (build 0256)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Standard Edition 2003-->MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Motorola SM56 Data Fax Modem-->rundll32.exe sm56coin.dll,SM56UnInstaller
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Napster Burn Engine-->MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Norton AntiVirus-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV\562C4DD5\16.1.0.33\InstStub.exe /X
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Power2Go 4.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Prism Video Converter-->C:\Program Files\NCH Software\Prism\uninst.exe
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Rhapsody Player Engine-->MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
SearchPerks! Perk Counter-->MsiExec.exe /X{0980C810-4CEF-465A-8064-1EC4DC6572D2}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913433)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB913433.inf
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sibelius 5-->MsiExec.exe /X{C23B8C30-E05E-4CB5-8188-F27CC3B2DD3E}
SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Spy Sweeper-->"C:\Program Files\Webroot\Spy Sweeper\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Super DVD Creator 9.8 Full Version-->"C:\Program Files\Super_DVD_Creator_9.8\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A} /l1033
Unix Utilities for Yahoo! Widgets-->C:\Program Files\Yahoo!\Widgets\UnixUtils\uninstall.exe
Update for Windows Media Player 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update Rollup 2 for Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
USB Web Camera Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FC96C2B-76D4-4E70-AA51-A08C2F8D2CA4}\SETUP.EXE" -l0x9
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
VIMICRO USB PC Camera-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41E496B5-47F4-11D6-9BBB-00E0987BB2CD}\setup.exe" -l0x9
Windows Driver Package - (mr7910) Image (08/08/2006 1.4.0.0)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInstXP.exe /u C:\WINDOWS\system32\DRVSTORE\mr7910_1FFEF370F39864F3AAA62219D434AE06B02B70AB\mr7910.inf
Windows Driver Package - LeapFrog (FlyUsb) USB (06/15/2007 1.0.0.6)-->C:\PROGRA~1\DIFX\5BE688ACC8BC158E\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\flyusb_ECE9FCB25A55FF8E782476B8116A3635CD5AD324\flyusb.inf
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Media Center Edition 2005 KB908250-->"C:\WINDOWS\$NtUninstallKB908250$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB914548-->"C:\WINDOWS\$NtUninstallKB914548$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Widgets-->C:\PROGRA~1\Yahoo!\Widgets\uninstall.exe

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: Norton AntiVirus (disabled)

System event log

Computer Name: OWNER
Event Code: 4201
Message: The system detected that network adapter \DEVICE\TCPIP_{683D3236-3304-441F-8D89-996E47299A39} was connected to the network,
and has initiated normal operation over the network adapter.

Record Number: 26434
Source Name: Tcpip
Time Written: 20081211191310.000000-360
Event Type: information
User:

Computer Name: OWNER
Event Code: 4201
Message: The system detected that network adapter \DEVICE\TCPIP_{683D3236-3304-441F-8D89-996E47299A39} was connected to the network,
and has initiated normal operation over the network adapter.

Record Number: 26433
Source Name: Tcpip
Time Written: 20081211191300.000000-360
Event Type: information
User:

Computer Name: OWNER
Event Code: 4201
Message: The system detected that network adapter \DEVICE\TCPIP_{683D3236-3304-441F-8D89-996E47299A39} was connected to the network,
and has initiated normal operation over the network adapter.

Record Number: 26432
Source Name: Tcpip
Time Written: 20081211191255.000000-360
Event Type: information
User:

Computer Name: OWNER
Event Code: 4201
Message: The system detected that network adapter \DEVICE\TCPIP_{683D3236-3304-441F-8D89-996E47299A39} was connected to the network,
and has initiated normal operation over the network adapter.

Record Number: 26431
Source Name: Tcpip
Time Written: 20081211191050.000000-360
Event Type: information
User:

Computer Name: OWNER
Event Code: 4201
Message: The system detected that network adapter \DEVICE\TCPIP_{683D3236-3304-441F-8D89-996E47299A39} was connected to the network,
and has initiated normal operation over the network adapter.

Record Number: 26430
Source Name: Tcpip
Time Written: 20081211191040.000000-360
Event Type: information
User:

Application event log

Computer Name: OWNER
Event Code: 1904
Message:
Record Number: 14429
Source Name: HHCTRL
Time Written: 20081118230007.000000-360
Event Type: information
User:

Computer Name: OWNER
Event Code: 1904
Message:
Record Number: 14428
Source Name: HHCTRL
Time Written: 20081118230007.000000-360
Event Type: information
User:

Computer Name: OWNER
Event Code: 1904
Message:
Record Number: 14427
Source Name: HHCTRL
Time Written: 20081118230007.000000-360
Event Type: information
User:

Computer Name: OWNER
Event Code: 1904
Message:
Record Number: 14426
Source Name: HHCTRL
Time Written: 20081118230007.000000-360
Event Type: information
User:

Computer Name: OWNER
Event Code: 1904
Message:
Record Number: 14425
Source Name: HHCTRL
Time Written: 20081118230007.000000-360
Event Type: information
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0e08
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip

-----------------EOF-----------------


Logfile of random's system information tool 1.05 (written by random/random)
Run by Owner at 2008-12-18 19:12:34
Microsoft Windows XP Professional Service Pack 3
System drive C: has 56 GB (39%) free of 146 GB
Total RAM: 1014 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:13:19 PM, on 12/18/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\WINDOWS\system32\LxrSII1s.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.1.0.33\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.1.0.33\ccSvcHst.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner.Scott\Local Settings\Temporary Internet Files\Content.IE5\TK5274JA\RSIT[1].exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/sphome.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/g/startpage.html?Ch...TB&M=MX6956
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SearchPerks! Perk Counter - {2787EA8E-8D87-48af-88AD-B30246C917AB} - C:\Program Files\SearchPerks! Perk Counter\Bmbho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.1.0.33\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: SearchPerks! Perk Counter - {2787EA8E-8D87-48af-88AD-B30246C917AB} - C:\Program Files\SearchPerks! Perk Counter\Bmbho.dll
O3 - Toolbar: Live Search Club Toolbar - {719D74AB-1AF9-43A1-8C62-D8750628D93E} - C:\Program Files\Live Search Club Toolbar\Toolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SMSERIAL] "C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [MSKDetectorExe] "C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" /uninstall
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BigDogPath] "C:\WINDOWS\VM_STI.EXE" VIMICRO USB PC Camera
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [iPodVideoConverter_upgrade] "C:\Program Files\E-Zsoft\iPodVideoConverter\iPodVideoConverter.exe" /upgrade
O4 - HKLM\..\Run: [DVDtoiPodConverter_upgrade] "C:\Program Files\E-Zsoft\DVDtoiPodConverter\DVDtoiPodConverter.exe" /upgrade
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [UnlockerAssistant] "G:\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [mount.exe] C:\Program Files\GiPo@Utilities\FileUtilities.3\mount.exe /z
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: VPN Client.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} (TPIR Control) - http://www.worldwinner.com/games/v50/tpir/tpir.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/...login-devel.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} (compid Class) - http://support.gateway.com/support/serialharvest/gwCID.CAB
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {C738EA53-97C2-441B-AC52-DFBC597BCBE5} (Chess Control) - http://www.worldwinner.com/games/v50/chess/chess.cab
O16 - DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} (WWSpades Control) - http://www.worldwinner.com/games/v53/wwspades/wwspades.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{683D3236-3304-441F-8D89-996E47299A39}: NameServer = 85.255.113.141;85.255.112.145
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 85.255.113.141;85.255.112.145
O17 - HKLM\System\CS5\Services\Tcpip\Parameters: NameServer = 85.255.113.141;85.255.112.145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.141;85.255.112.145
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Lexar Secure II (LxrSII1s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrSII1s.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Super_DVD_Creator_9.8\NMSAccessU.exe (file missing)
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.1.0.33\ccSvcHst.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

--
End of file - 13016 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2787EA8E-8D87-48af-88AD-B30246C917AB}]
SearchPerks! Perk Counter - C:\Program Files\SearchPerks! Perk Counter\Bmbho.dll [2008-09-30 514096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2007-12-09 370296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.1.0.33\IPSBHO.DLL [2008-12-13 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2787EA8E-8D87-48af-88AD-B30246C917AB} - SearchPerks! Perk Counter - C:\Program Files\SearchPerks! Perk Counter\Bmbho.dll [2008-09-30 514096]
{719D74AB-1AF9-43A1-8C62-D8750628D93E} - Live Search Club Toolbar - C:\Program Files\Live Search Club Toolbar\Toolbar.dll [2008-09-17 582680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-11-05 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-11-05 688218]
"Reminder"=C:\WINDOWS\Creator\Remind_XP.exe [2005-02-25 966656]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-14 212992]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2005-10-12 139264]
"SigmatelSysTrayApp"=C:\WINDOWS\stsystra.exe [2005-12-27 413696]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-05-23 573440]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-03-23 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-03-23 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-03-23 118784]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-12-28 667718]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-12-28 602182]
"MSKDetectorExe"=C:\Program Files\McAfee\SpamKiller\MSKDetct.exe [2005-08-12 1121792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2007-12-09 185896]
"BigDogPath"=C:\WINDOWS\VM_STI.EXE [2004-12-15 40960]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe []
"outlook"=C:\Program Files\outlook\outlook.exe /auto []
"iPodVideoConverter_upgrade"=C:\Program Files\E-Zsoft\iPodVideoConverter\iPodVideoConverter.exe [2008-06-16 474624]
"DVDtoiPodConverter_upgrade"=C:\Program Files\E-Zsoft\DVDtoiPodConverter\DVDtoiPodConverter.exe [2008-06-16 842240]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"UnlockerAssistant"=G:\Unlocker\UnlockerAssistant.exe []
"SpySweeper"=C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe [2005-07-06 2972672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress"=NA []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"mount.exe"=C:\Program Files\GiPo@Utilities\FileUtilities.3\mount.exe [2008-04-11 374272]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
VPN Client.lnk - C:\WINDOWS\Installer\{C91DE044-D900-4F15-BBD1-44FD9D59B277}\Icon3E5562ED7.ico

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2007-11-15 87352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier]
WRLogonNTF.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\svcWRSSSDK]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\LeapFrog\FlyWorld\bin\FLYMonitor.exe"="C:\Program Files\LeapFrog\FlyWorld\bin\FLYMonitor.exe:*:Enabled:FLYMonitor.exe"
"C:\Program Files\LeapFrog\FlyWorld\bin\FLYWorld.exe"="C:\Program Files\LeapFrog\FlyWorld\bin\FLYWorld.exe:*:Enabled:FLYWorld.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\CallWave\IAM.exe"="C:\Program Files\CallWave\IAM.exe:*:Enabled:CallWave"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\Owner.Scott\Local Settings\Application Data\AbacastDistributedOnDemand\Node\11\AbacastDistributedOnDemand.exe"="C:\Documents and Settings\Owner.Scott\Local Settings\Application Data\AbacastDistributedOnDemand\Node\11\AbacastDistributedOnDemand.exe:*:Disabled:Abacast Distributed On-Demand"
"C:\WINDOWS\LMI17.tmp\lmi_rescue.exe"="C:\WINDOWS\LMI17.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{028bb828-b6b4-11dd-916a-0018de70dae2}]
shell\AutoRun\command - F:\USBankDemo_BillPay.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{127c5655-a175-11dc-9002-0018de70dae2}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com f:
shell\Open\command - F:\resycled\boot.com f:


======List of files/folders created in the last 2 months======

2008-12-18 19:12:34 ----D---- C:\rsit
2008-12-18 13:37:26 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-12-18 13:26:47 ----D---- C:\Documents and Settings\Owner.Scott\Application Data\Lavasoft
2008-12-17 00:25:04 ----A---- C:\WINDOWS\wininit.ini
2008-12-16 21:46:15 ----D---- C:\Program Files\Trend Micro
2008-12-14 16:34:03 ----D---- C:\WINDOWS\LMI4F.tmp
2008-12-14 15:36:17 ----D---- C:\WINDOWS\pss
2008-12-14 15:00:05 ----D---- C:\WINDOWS\LMI17.tmp
2008-12-14 13:41:29 ----A---- C:\WINDOWS\system32\islzma.dll
2008-12-14 13:41:19 ----D---- C:\Program Files\Webroot
2008-12-14 13:41:19 ----D---- C:\Documents and Settings\Owner.Scott\Application Data\Webroot
2008-12-14 13:41:19 ----A---- C:\WINDOWS\WRServices.dll
2008-12-14 13:39:42 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-13 22:44:41 ----D---- C:\Program Files\Norton Support
2008-12-13 22:33:27 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2008-12-13 22:32:59 ----D---- C:\Program Files\Windows Sidebar
2008-12-13 22:05:33 ----D---- C:\Documents and Settings\All Users\Application Data\PCSettings
2008-12-13 22:05:28 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2008-12-13 22:05:25 ----D---- C:\Program Files\NortonInstaller
2008-12-13 22:05:25 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2008-12-13 18:08:38 ----D---- C:\Documents and Settings\Owner.Scott\Application Data\NCH Swift Sound
2008-12-13 16:19:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-13 15:29:35 ----D---- C:\Program Files\NCH Swift Sound
2008-12-13 15:10:38 ----D---- C:\Program Files\MagicDVDRipper
2008-12-13 15:06:31 ----A---- C:\WINDOWS\system32\WNASPI32.DLL
2008-12-13 14:21:00 ----D---- C:\Program Files\iTunesKeys
2008-12-10 15:13:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-10 15:13:06 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-10 15:12:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-08 21:02:18 ----D---- C:\Documents and Settings\Owner.Scott\Application Data\DVD Profiler
2008-12-08 21:01:51 ----D---- C:\Program Files\DVD Profiler
2008-12-08 14:09:48 ----D---- C:\Program Files\TightVNC
2008-12-01 19:44:39 ----A---- C:\WINDOWS\system32\LxrUnplug.exe
2008-12-01 19:44:39 ----A---- C:\WINDOWS\system32\LxrSII1s.exe
2008-12-01 19:44:39 ----A---- C:\WINDOWS\system32\LxrSII1.dll
2008-12-01 15:05:30 ----D---- C:\Program Files\Clickster
2008-12-01 14:43:25 ----D---- C:\s2h
2008-11-13 20:26:28 ----D---- C:\Program Files\MSECache
2008-11-12 03:02:22 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-12 03:01:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-12 03:01:03 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-07 20:37:04 ----A---- C:\WINDOWS\marscam.ini
2008-11-03 21:10:12 ----D---- C:\Program Files\Unlocker
2008-11-03 21:10:12 ----D---- C:\Documents and Settings\Owner.Scott\Application Data\Desktopicon
2008-11-03 18:20:00 ----A---- C:\WINDOWS\system32\javaws.exe
2008-11-03 18:20:00 ----A---- C:\WINDOWS\system32\javaw.exe
2008-11-03 18:20:00 ----A---- C:\WINDOWS\system32\java.exe
2008-11-03 18:19:30 ----D---- C:\Program Files\Screen Calendar
2008-10-31 07:41:47 ----D---- C:\Program Files\Super_DVD_Creator_9.8
2008-10-29 15:39:40 ----D---- C:\Program Files\GiPo@Utilities
2008-10-29 15:39:40 ----D---- C:\Program Files\Common Files\Gibinsoft Shared
2008-10-29 15:39:13 ----D---- C:\WINDOWS\Downloaded Installations
2008-10-29 09:06:00 ----D---- C:\Documents and Settings\Owner.Scott\Application Data\JGoodies
2008-10-29 09:05:35 ----D---- C:\Program Files\JGoodies
2008-10-29 09:02:06 ----D---- C:\Documents and Settings\Owner.Scott\Application Data\JAM Software
2008-10-29 00:22:45 ----D---- C:\Program Files\Common Files\Download Manager
2008-10-29 00:10:08 ----D---- C:\Documents and Settings\Owner.Scott\Application Data\NCH Software
2008-10-28 23:42:32 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2008-10-28 23:41:01 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Software
2008-10-28 23:40:38 ----D---- C:\Program Files\NCH Software
2008-10-28 22:53:08 ----D---- C:\Program Files\Common Files\Common Share
2008-10-28 22:53:07 ----D---- C:\Program Files\OJOsoft
2008-10-28 22:38:35 ----D---- C:\Program Files\VideoLAN
2008-10-28 22:23:34 ----D---- C:\YouTubeDownload
2008-10-28 22:23:33 ----D---- C:\ConverterOutput
2008-10-28 22:23:31 ----A---- C:\Cucu_Video_log.txt
2008-10-28 22:23:22 ----D---- C:\Program Files\Cucusoft
2008-10-28 21:35:28 ----D---- C:\Documents and Settings\Owner.Scott\Application Data\Any DVD Converter Professional
2008-10-28 21:35:24 ----D---- C:\Program Files\Any DVD Converter Professional
2008-10-28 21:33:50 ----D---- C:\Program Files\Common Files\SWF Studio
2008-10-26 12:08:37 ----D---- C:\Documents and Settings\Owner.Scott\Application Data\AVS4YOU
2008-10-26 12:08:35 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2008-10-26 12:08:00 ----D---- C:\Program Files\Common Files\AVSMedia
2008-10-26 12:07:57 ----A---- C:\WINDOWS\system32\msvcp70.dll
2008-10-26 12:07:57 ----A---- C:\WINDOWS\system32\mfc70.dll
2008-10-26 12:07:56 ----D---- C:\Program Files\AVS4YOU
2008-10-26 12:07:56 ----A---- C:\WINDOWS\system32\msxml3a.dll
2008-10-26 12:07:56 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2008-10-24 01:06:05 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$

======List of files/folders modified in the last 2 months======

2008-12-18 18:53:51 ----D---- C:\Program Files\Mozilla Firefox
2008-12-18 18:34:07 ----D---- C:\Program Files
2008-12-18 18:34:06 ----SHD---- C:\WINDOWS\system32
2008-12-18 18:33:38 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-12-18 18:31:21 ----D---- C:\WINDOWS\Temp
2008-12-18 18:10:02 ----D---- C:\WINDOWS\Prefetch
2008-12-18 18:09:10 ----D---- C:\WINDOWS
2008-12-18 16:12:15 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-18 15:08:55 ----SHD---- C:\WINDOWS\Installer
2008-12-18 15:08:55 ----D---- C:\Program Files\Common Files
2008-12-18 15:08:54 ----HD---- C:\Config.Msi
2008-12-18 15:08:50 ----D---- C:\WINDOWS\system32\drivers
2008-12-17 17:35:48 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-17 17:06:34 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-14 20:57:53 ----D---- C:\WINDOWS\system32\wbem
2008-12-14 20:57:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-14 12:13:06 ----D---- C:\Documents and Settings
2008-12-14 11:15:21 ----SHD---- C:\System Volume Information
2008-12-13 22:35:00 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2008-12-13 22:33:44 ----HD---- C:\WINDOWS\inf
2008-12-13 22:33:28 ----D---- C:\Program Files\Symantec
2008-12-13 22:33:27 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-12-13 22:32:59 ----D---- C:\Program Files\Norton AntiVirus
2008-12-13 22:06:53 ----SD---- C:\WINDOWS\Tasks
2008-12-13 21:52:51 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-13 17:41:34 ----D---- C:\Multimedia Files
2008-12-13 16:19:14 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-13 15:34:09 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-12 19:26:14 ----D---- C:\Documents and Settings\Owner.Scott\Application Data\Audacity
2008-12-12 16:56:54 ----D---- C:\Documents and Settings\Owner.Scott\Application Data\BitTorrent
2008-12-12 16:43:17 ----D---- C:\Documents and Settings\Owner.Scott\Application Data\U3
2008-12-12 12:51:18 ----SD---- C:\Documents and Settings\Owner.Scott\Application Data\Microsoft
2008-12-11 13:48:10 ----A---- C:\WINDOWS\imsins.BAK
2008-12-11 13:48:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-11 13:48:01 ----D---- C:\Program Files\Internet Explorer
2008-12-11 12:42:31 ----D---- C:\Documents and Settings\Owner.Scott\Application Data\Mozilla
2008-12-10 15:16:55 ----A---- C:\WINDOWS\win.ini
2008-12-09 17:24:37 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-07 22:11:04 ----A---- C:\WINDOWS\demdata.txt
2008-12-01 19:34:30 ----RSD---- C:\WINDOWS\Fonts
2008-12-01 19:34:15 ----D---- C:\Program Files\Microsoft Office
2008-12-01 19:34:13 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-11-14 05:07:19 ----D---- C:\WINDOWS\Help
2008-11-12 03:00:52 ----D---- C:\WINDOWS\WinSxS
2008-11-10 22:42:27 ----A---- C:\WINDOWS\cdplayer.ini
2008-11-07 20:42:37 ----D---- C:\WINDOWS\Minidump
2008-11-07 20:36:42 ----D---- C:\Program Files\DIFX
2008-11-07 20:36:38 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-11-03 18:20:00 ----D---- C:\Program Files\Java
2008-11-03 17:59:20 ----D---- C:\WINDOWS\system32\config
2008-11-03 17:58:57 ----D---- C:\WINDOWS\Registration
2008-11-03 17:57:03 ----A---- C:\WINDOWS\system.ini
2008-10-28 22:08:21 ----D---- C:\Program Files\Smallvideosoft
2008-10-23 06:36:14 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-10-23 04:06:59 ----N---- C:\WINDOWS\system32\tzchange.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 BHDrvx86;Symantec Heuristics Driver; \??\C:\WINDOWS\system32\drivers\NAV\1001000.021\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; \??\C:\WINDOWS\system32\drivers\NAV\1001000.021\ccHPx86.sys []
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2004-11-10 44288]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2004-11-10 24832]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20080826.006\IDSxpx86.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\WINDOWS\system32\drivers\NAV\1001000.021\SRTSPX.SYS []
R1 SYMTDI;SYMTDI; \??\C:\WINDOWS\system32\drivers\NAV\1001000.021\SYMTDI.SYS []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-11-18 21275]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 LxrSII1d;Secure II Driver; \??\C:\WINDOWS\system32\Drivers\LxrSII1d.sys []
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-12-28 13568]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2007-01-31 127376]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2007-08-03 10144]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081218.007\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081218.007\NAVEX15.SYS []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-05-23 893952]
R3 SRTSP;Symantec Real Time Storage Protection; \??\C:\WINDOWS\system32\drivers\NAV\1001000.021\SRTSP.SYS []
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-06-15 1179784]
R3 SYMDNS;SYMDNS; \??\C:\WINDOWS\system32\drivers\NAV\1001000.021\SYMDNS.SYS []
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; \??\C:\WINDOWS\system32\drivers\NAV\1001000.021\SYMFW.SYS []
R3 SYMIDS;SYMIDS; \??\C:\WINDOWS\system32\drivers\NAV\1001000.021\SYMIDS.SYS []
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-12-13 35888]
R3 SYMNDIS;SYMNDIS; \??\C:\WINDOWS\system32\drivers\NAV\1001000.021\SYMNDIS.SYS []
R3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\drivers\NAV\1001000.021\SYMREDRV.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-11-05 185824]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-09-20 162432]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-05 1428096]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys []
S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\C:\WINDOWS\System32\DRIVERS\ASPI32.sys []
S3 BOCDRIVE;BOClean Kernel Monitor.; \??\C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 FlyUsb;FLY Fusion; C:\WINDOWS\system32\DRIVERS\FlyUsb.sys [2007-09-05 18560]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-12-06 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-12-06 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-12-06 21568]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mirrorv3;mirrorv3; C:\WINDOWS\system32\DRIVERS\rminiv3.sys [2006-11-01 3328]
S3 mr7910;Photo Viewer; C:\WINDOWS\system32\DRIVERS\mr7910.sys [2006-08-02 114560]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-12-08 47360]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sonyhcs;Sony Digital Imaging Video; C:\WINDOWS\system32\DRIVERS\sonyhcs.sys [2001-11-05 299923]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-12-13 35888]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vaxscsi;vaxscsi; C:\WINDOWS\System32\Drivers\vaxscsi.sys [2007-12-19 223128]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-01-22 244480]
S3 ZSMC301b;VIMICRO USB PC Camera; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2004-12-01 93632]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\WINDOWS\TEMP\mc21.tmp []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-07-25 100032]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2007-03-20 1516584]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-12-28 114753]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 IAANTMon;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe [2005-10-12 86140]
R2 LxrSII1s;Lexar Secure II; C:\WINDOWS\system32\LxrSII1s.exe [2006-01-09 49152]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 Norton AntiVirus;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.1.0.33\ccSvcHst.exe [2008-12-13 115560]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 PrismXL;PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS [2007-11-18 172032]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-12-28 217164]
R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-12-28 540745]
R2 svcWRSSSDK;Webroot Spy Sweeper Engine; C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe [2005-07-06 1707008]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S2 NMSAccessU;NMSAccessU; C:\Program Files\Super_DVD_Creator_9.8\NMSAccessU.exe []
S2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-01-18 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-07-25 2119360]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-04 38912]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

Again thank you very much for your time, help, and expertise!!!

BC AdBot (Login to Remove)

 


#2 troutsc

troutsc
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:57 PM

Posted 19 December 2008 - 04:58 AM

:thumbsup: :)

Just a heads up for anyone going to help me with this, need not reply. I was able to take care of the problem by downloading and running "Malwarebytes" and it not only fixed my problem I was having with not being able to defragment my hdd, but also seemed to find 31 other problems, one of them seeming to be the popup cuz its gone!! :) plus the live updates for my NAV 2009 now work as well. I'm obviously new to this so sorry if this is the wrong way to dismiss my post.

#3 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:02:57 AM

Posted 27 December 2008 - 11:10 AM

Hi troutsc

Thanks for letting us know. :thumbsup:

BBPP6nz.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users