Logfile of random's system information tool 1.04 (written by random/random)
Run by Karen Messervey at 2008-11-03 18:23:12
Microsoft Windows XP Professional Service Pack 2
System drive C: has 3 GB (17%) free of 19 GB
Total RAM: 639 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:23:17 PM, on 11/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Eastlink Internet Security\Common\FSM32.EXE
C:\Program Files\Eastlink Internet Security\Anti-Virus\fsgk32st.exe
C:\Program Files\Eastlink Internet Security\Common\FSMA32.EXE
C:\Program Files\Eastlink Internet Security\Anti-Virus\FSGK32.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Eastlink Internet Security\Common\FSMB32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Eastlink Internet Security\Common\FCH32.EXE
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Eastlink Internet Security\Common\FAMEH32.EXE
C:\Program Files\Eastlink Internet Security\Anti-Virus\fsqh.exe
C:\Program Files\Eastlink Internet Security\FSPC\fspc.exe
C:\Program Files\Eastlink Internet Security\FSGUI\fsguidll.exe
C:\Program Files\Eastlink Internet Security\FSAUA\program\fsaua.exe
C:\Program Files\Eastlink Internet Security\Anti-Virus\fssm32.exe
C:\Program Files\Eastlink Internet Security\FWES\Program\fsdfwd.exe
C:\Program Files\Eastlink Internet Security\Anti-Virus\fsav32.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Karen Messervey\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Karen Messervey.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Eastlink Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Eastlink Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?d08f8ed9ae2a47c294da8353de138b31
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?d08f8ed9ae2a47c294da8353de138b31
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Eastlink Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Eastlink Internet Security\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Eastlink Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resou ... NPUpld.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/A ... tPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/A ... gWXMSN.cab
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://walmart.pnimedia.com/upload/acti ... .0.0.9.cab?
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://walmart.pnimedia.com/upload/acti ... 0.0.10.cab?
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Eastlink Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Eastlink Internet Security\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Eastlink Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Eastlink Internet Security\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 7690 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Scheduled scanning task.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-07-07 324416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-06 652784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2006-07-07 493856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2006-07-07 493856]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]
"F-Secure Manager"=C:\Program Files\Eastlink Internet Security\Common\FSM32.EXE [2008-04-23 182936]
"F-Secure TNB"=C:\Program Files\Eastlink Internet Security\FSGUI\TNBUtil.exe [2008-04-23 744032]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeUpdater"=C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2007-10-01 2321600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\VideoCall\VideoCall.exe"="C:\Program Files\Logitech\VideoCall\VideoCall.exe:*:Enabled:videocall.exe"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice"
"C:\Documents and Settings\Karen Messervey\Local Settings\temp\7zS3B18.tmp\SymNRT.exe"="C:\Documents and Settings\Karen Messervey\Local Settings\temp\7zS3B18.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
======List of files/folders created in the last 3 months======
2008-11-03 11:05:31 ----D---- C:\rsit
2008-10-30 23:29:15 ----SHD---- C:\RECYCLER
2008-10-30 16:58:01 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2008-10-30 08:33:05 ----A---- C:\ComboFix.txt
2008-10-27 15:38:27 ----A---- C:\Boot.bak
2008-10-27 15:38:09 ----RASHD---- C:\cmdcons
2008-10-27 15:33:28 ----A---- C:\WINDOWS\zip.exe
2008-10-27 15:33:28 ----A---- C:\WINDOWS\VFIND.exe
2008-10-27 15:33:28 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-10-27 15:33:28 ----A---- C:\WINDOWS\SWSC.exe
2008-10-27 15:33:28 ----A---- C:\WINDOWS\SWREG.exe
2008-10-27 15:33:28 ----A---- C:\WINDOWS\sed.exe
2008-10-27 15:33:28 ----A---- C:\WINDOWS\NIRCMD.exe
2008-10-27 15:33:28 ----A---- C:\WINDOWS\grep.exe
2008-10-27 15:33:28 ----A---- C:\WINDOWS\fdsv.exe
2008-10-27 15:32:58 ----D---- C:\WINDOWS\ERDNT
2008-10-27 15:32:58 ----D---- C:\Qoobox
2008-10-26 13:07:28 ----D---- C:\Program Files\Trend Micro
2008-10-25 18:08:05 ----D---- C:\Documents and Settings\Karen Messervey\Application Data\F-Secure
2008-10-25 17:49:47 ----D---- C:\Program Files\Eastlink Internet Security
2008-10-25 17:49:14 ----D---- C:\Documents and Settings\All Users\Application Data\F-Secure
2008-10-25 17:48:42 ----D---- C:\Documents and Settings\All Users\Application Data\fssg
2008-10-25 17:36:11 ----A---- C:\WINDOWS\WININIT.INI
2008-10-24 02:01:53 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-15 02:08:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-15 02:08:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-15 02:07:48 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-15 02:07:15 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-15 02:06:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-15 02:01:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-09-10 02:01:52 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-09 12:41:17 ----D---- C:\Documents and Settings\Karen Messervey\Application Data\Uniblue
2008-08-29 22:30:06 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-08-27 05:56:39 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-08-13 02:04:51 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-08-13 02:04:33 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-08-13 02:04:16 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-13 02:03:51 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-08-13 02:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-13 02:03:05 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-08-13 02:02:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-13 02:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
======List of files/folders modified in the last 3 months======
2008-11-03 18:23:15 ----D---- C:\WINDOWS\Temp
2008-11-03 15:04:08 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-03 15:02:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-03 11:05:46 ----D---- C:\WINDOWS\Prefetch
2008-11-02 04:29:21 ----D---- C:\WINDOWS\system32
2008-11-02 04:29:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-30 17:06:05 ----RD---- C:\Program Files
2008-10-30 17:01:32 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-10-30 08:33:09 ----D---- C:\WINDOWS
2008-10-30 08:29:22 ----A---- C:\WINDOWS\system.ini
2008-10-30 08:28:35 ----D---- C:\WINDOWS\system32\drivers
2008-10-30 08:28:34 ----D---- C:\WINDOWS\AppPatch
2008-10-30 08:28:34 ----D---- C:\Program Files\Common Files
2008-10-27 15:38:28 ----RASH---- C:\boot.ini
2008-10-26 12:32:43 ----SD---- C:\WINDOWS\Tasks
2008-10-25 18:01:52 ----HD---- C:\WINDOWS\inf
2008-10-25 17:37:33 ----D---- C:\Program Files\Logitech
2008-10-25 17:36:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-25 16:19:58 ----D---- C:\Program Files\Ahead
2008-10-24 02:00:47 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-15 12:57:55 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-15 02:08:42 ----A---- C:\WINDOWS\imsins.BAK
2008-10-15 02:02:09 ----D---- C:\Program Files\Internet Explorer
2008-10-14 12:21:31 ----D---- C:\WINDOWS\Help
2008-10-07 15:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-09-23 01:20:00 ----D---- C:\Program Files\Common Files\InstallShield
2008-09-23 01:19:50 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-23 01:19:49 ----D---- C:\Program Files\ArcSoft
2008-09-23 01:04:21 ----SHD---- C:\WINDOWS\Installer
2008-09-23 01:04:20 ----HD---- C:\Config.Msi
2008-09-23 01:04:05 ----D---- C:\Program Files\Java
2008-09-23 00:26:38 ----D---- C:\WINDOWS\system32\Restore
2008-09-16 15:00:46 ----D---- C:\WINDOWS\system32\CatRoot
2008-09-15 06:31:38 ----SHD---- C:\System Volume Information
2008-09-10 23:33:24 ----A---- C:\WINDOWS\system32\MRT.INI
2008-09-10 02:01:55 ----D---- C:\WINDOWS\WinSxS
2008-09-04 23:51:50 ----D---- C:\Program Files\Common Files\Ahead
2008-09-04 23:43:36 ----D---- C:\Program Files\Google
2008-08-27 05:56:39 ----D---- C:\WINDOWS\Debug
2008-08-26 18:51:07 ----D---- C:\Program Files\MSN Messenger
2008-08-26 16:11:21 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-08-20 01:38:47 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-20 01:38:45 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-20 01:38:45 ----A---- C:\WINDOWS\system32\browseui.dll
2008-08-20 01:38:44 ----A---- C:\WINDOWS\system32\shlwapi.dll
2008-08-20 01:38:44 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-08-20 01:38:43 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-20 01:38:43 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-08-20 01:38:42 ----A---- C:\WINDOWS\system32\shdocvw.dll
2008-08-20 01:38:41 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-08-20 01:38:41 ----A---- C:\WINDOWS\system32\mstime.dll
2008-08-20 01:38:41 ----A---- C:\WINDOWS\system32\msrating.dll
2008-08-20 01:38:41 ----A---- C:\WINDOWS\system32\inseng.dll
2008-08-20 01:38:41 ----A---- C:\WINDOWS\system32\iepeers.dll
2008-08-20 01:38:40 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-08-20 01:38:40 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-08-20 01:38:40 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-08-20 01:38:40 ----A---- C:\WINDOWS\system32\danim.dll
2008-08-20 01:38:39 ----A---- C:\WINDOWS\system32\cdfview.dll
2008-08-19 05:20:32 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2008-08-14 06:00:45 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 05:22:13 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-14 02:09:02 ----D---- C:\WINDOWS\pchealth
2008-08-14 02:08:55 ----D---- C:\WINDOWS\system32\mui
2008-08-14 02:08:22 ----RSD---- C:\WINDOWS\assembly
2008-08-13 02:04:38 ----D---- C:\Program Files\Messenger
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 F-Secure HIPS;F-Secure HIPS; \??\C:\Program Files\Eastlink Internet Security\HIPS\fshs.sys []
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\Eastlink Internet Security\Anti-Virus\minifilter\fsgk.sys []
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 sbpci;SB PCI Family Audio Driver (WDM); C:\WINDOWS\system32\drivers\sbpci.sys [2002-10-22 668160]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\ac97via.sys [2004-08-03 84480]
S3 catchme;catchme; \??\C:\ComboFix1\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 CoachUsb;Coach Digital Camera on USB; C:\WINDOWS\system32\DRIVERS\CoachUsb.sys [2004-01-22 46944]
S3 CoachVc;Coach Video Capture; C:\WINDOWS\system32\DRIVERS\CoachVc.sys [2003-11-03 44256]
S3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-22 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-22 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-22 21744]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [2005-05-27 1317152]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\Eastlink Internet Security\Anti-Virus\Win2K\FSfilter.sys []
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\Eastlink Internet Security\Anti-Virus\Win2K\FSrec.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\Eastlink Internet Security\Anti-Virus\fsgk32st.exe [2008-04-23 47800]
R2 FSMA;F-Secure Management Agent; C:\Program Files\Eastlink Internet Security\Common\FSMA32.EXE [2008-04-23 113304]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-06 168432]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R3 FSAUA;F-Secure Automatic Update Agent; C:\Program Files\Eastlink Internet Security\FSAUA\program\fsaua.exe [2008-04-23 461408]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\Eastlink Internet Security\FWES\Program\fsdfwd.exe [2008-04-23 453216]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe []
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
-----------------EOF-----------------