Logfile of random's system information tool 1.06 (written by random/random)
Run by AMincher at 2009-04-27 20:29:46
Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (7%) free of 19 GB
Total RAM: 1279 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:30:30 PM, on 4/27/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\program files\advanced system optimizer\memtuneup.exe
C:\Program Files\GhostSurf 2005\Proxy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\AMincher.ERICA_CARTMAN\Local Settings\Application
Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Toddler Keys\Toddler Keys.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\KCeasy\KCeasy.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\KCeasy\giFT\giFTl.exe
C:\Documents and Settings\AMincher.ERICA_CARTMAN\Local Settings\Application
Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\AMincher.ERICA_CARTMAN\Local Settings\Application
Data\Google\Chrome\Application\chrome.exe
D:\Downloads\RSIT.exe
C:\Documents and Settings\AMincher.ERICA_CARTMAN\Local Settings\Application
Data\Google\Chrome\Application\chrome.exe
D:\AVasquez\My PROGRAM FILES\AMincher.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:7212
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program
Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {93935F7F-9C88-42F8-8445-95251D27FABC} - (no file)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free
Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program
Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program
Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe
bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Systweak Memory Optimizer] c:\program files\advanced system
optimizer\memtuneup.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: GhostSurf proxy.lnk = C:\Program Files\GhostSurf 2005\Proxy.exe
O4 - Startup: Scheduler.lnk = C:\Program Files\GhostSurf 2005\Scheduler daemon.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver -
res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download all with Free Download Manager -
file://C:\Program Files\Free
Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager -
file://C:\Program
Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager -
file://C:\Program
Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager -
file://C:\Program Files\Free
Download Manager\dllink.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows
Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer -
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows
Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: IE Theme Search Bar - {323AF0A7-690A-47D9-819B-348831CC7DC5} -
C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Free Themes for Internet Explorer -
{323AF0A7-690A-47D9-819B-348831CC7DC5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {472A296E-D7C1-4A70-8511-5039B09EBDDB} -
javascript:document.location='http://www.iecustomizer.com/iethemes' (file missing)
O9 - Extra 'Tools' menuitem: Online Themes Gallery - {472A296E-D7C1-4A70-8511-5039B09EBDDB} -
javascript:document.location='http://www.iecustomizer.com/iethemes' (file missing)
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} -
C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C}
- C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Themes - {B9844E33-6201-47AA-B30A-BCA3363C2BFA} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Themes - {B9844E33-6201-47AA-B30A-BCA3363C2BFA} -
C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration -
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} -
http://us.dl1.yimg.com/download.yahoo.c ... urrent.cabO16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) -
http://dl.tvunetworks.com/TVUAx.cabO16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} -
https://webdl.symantec.com/activex/symdlmgr.cabO16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} -
http://cid-1b3f5e27851a876f.spaces.live ... nPUpld.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O20 - AppInit_DLLs:
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil
Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program
Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program
Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 9587 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-861567501-1214440339-725345543-1003.job
C:\WINDOWS\tasks\NSSstub.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
[2008-06-12 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows
Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{93935F7F-9C88-42F8-8445-95251D27FABC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-08 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
[2009-03-08 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-09-29 344064]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-06 81000]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"COMODO Internet Security"=C:\Program Files\COMODO\Firewall\cfp.exe [2003-01-01 1851128]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Systweak Memory Optimizer"=c:\program files\advanced system optimizer\memtuneup.exe [2007-06-22
119024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO Firewall Pro]
C:\Program Files\COMODO\Firewall\cfp.exe [2003-01-01 1851128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GhostSurfDelSatellite]
C:\Program Files\GhostSurf 2005\DeleteSatellite.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-03-12 342312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and
Settings^All Users.WINDOWS^Start Menu^Programs^Startup^GhostSurf proxy.lnk]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and
Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Launchy.lnk]
C:\PROGRA~1\Launchy\Launchy.exe [2008-08-05 286720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and
Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~3\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and
Settings^AMincher.ERICA_CARTMAN^Start Menu^Programs^Startup^GhostSurf main window.lnk]
C:\PROGRA~1\GHOSTS~1\GHOSTS~1.EXE [2004-07-11 73845]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and
Settings^AMincher.ERICA_CARTMAN^Start Menu^Programs^Startup^Scheduler.lnk]
C:\PROGRA~1\GHOSTS~1\SCHEDU~1.EXE [2004-03-09 86133]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLSetupSvc"=3
"usnjsvc"=3
"sp_rssrv"=2
"UPS"=3
"iPod Service"=3
"gusvc"=3
"Dnscache"=2
"avast! Mail Scanner"=3
"Apple Mobile Device"=2
C:\Documents and Settings\AMincher.ERICA_CARTMAN\Start Menu\Programs\Startup
GhostSurf proxy.lnk - C:\Program Files\GhostSurf 2005\Proxy.exe
Scheduler.lnk - C:\Program Files\GhostSurf 2005\Scheduler daemon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\SYSTEM32\Ati2evxx.dll [2004-09-29 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\SYSTEM32\WgaLogon.dll [2009-03-10 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
[2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE}"=C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll
[2008-10-27 693744]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standar
dprofile\authorizedapplications\list]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program
Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\GhostSurf 2005\Proxy.exe"="C:\Program Files\GhostSurf
2005\Proxy.exe:*:Enabled:GhostSurf proxy"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program
Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program
Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia
Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common
Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google
Talk\googletalk.exe:*:Enabled:Google Talk"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT
Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program
Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows
Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil_.exe"="C:\Program Files\IVT
Corporation\BlueSoleil\BlueSoleil_.exe:*:Enabled:BlueSoleil"
"D:\DownLoaded\BlueSoleil 6.2.227.11 + Crack\Crack\BlueSoleilCS.exe"="D:\DownLoaded\BlueSoleil
6.2.227.11 + Crack\Crack\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS"
"C:\Program Files\KCeasy\giFT\giFTl.exe"="C:\Program Files\KCeasy\giFT\giFTl.exe:*:Enabled:giFT
Loader for KCeasy"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainp
rofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows
Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows
Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network
Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows
Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b2eb638-b164-11
dd-90a1-000d87992fd1}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe
tracker.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23f3e93b-1cf7-11
d7-90b0-000d87992fd1}]
shell\AutoRun\command - H:\
shell\explore\command - H:\RECYCLER\INFO.exe
shell\open\command - H:\RECYCLER\INFO.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd927ecc-0341-11
de-9138-000d87992fd1}]
shell\AutoRun\command - qxty9be.cmd
shell\open\command - qxty9be.cmd
======List of files/folders created in the last 1 months======
2009-04-27 20:29:46 ----DC---- C:\rsit
2009-04-27 19:14:16 ----D---- C:\Program Files\mIRC
2009-04-27 19:14:16 ----D---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application Data\mIRC
2009-04-24 11:35:32 ----D---- C:\WINDOWS\Free CD Music Converter
2009-04-24 11:35:32 ----D---- C:\Program Files\Free CD Music Converter
2009-04-24 11:21:40 ----D---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application
Data\AccurateRip
2009-04-24 11:21:33 ----D---- C:\Program Files\Exact Audio Copy
2009-04-24 07:00:43 ----D---- C:\Program Files\KCeasy
2009-04-22 10:22:04 ----D---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application Data\NCH
Software
2009-04-17 02:07:25 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-04-17 02:07:15 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-04-17 02:05:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-04-17 02:04:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-04-17 02:03:35 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-04-17 02:03:26 ----A---- C:\WINDOWS\imsins.BAK
2009-04-17 02:03:15 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-04-16 04:37:03 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2009-04-15 15:47:36 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-04-15 11:48:12 ----D---- C:\Program Files\Toddler Keys
2009-04-14 21:04:38 ----D---- C:\Program Files\Eraser
2009-04-12 20:35:30 ----D---- C:\Program Files\Horizon5
2009-04-12 19:14:11 ----D---- C:\Program Files\Recuva
2009-04-08 10:47:54 ----D---- C:\Program Files\NCH Software
2009-04-08 10:47:45 ----D---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application Data\NCH
Swift Sound
2009-04-08 07:07:06 ----HD---- C:\WINDOWS\system32\GroupPolicy
2009-04-08 06:27:59 ----D---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application Data\Free
Download Manager
2009-04-08 06:27:54 ----D---- C:\Program Files\Free Download Manager
2009-04-08 05:53:50 ----D---- C:\Program Files\CCleaner
2009-04-08 01:36:20 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Bluetooth
2009-04-08 01:31:54 ----D---- C:\Program Files\IVT Corporation
2009-04-08 01:24:03 ----D---- C:\Program Files\OLVI Soft
2009-04-08 00:04:15 ----A---- C:\WINDOWS\ModemLog_Bluetooth LAP Modem #2.txt
2009-04-08 00:04:00 ----A---- C:\WINDOWS\ModemLog_Bluetooth LAP Modem.txt
2009-04-05 15:12:48 ----A---- C:\WINDOWS\system32\devil.dll
2009-04-05 15:12:48 ----A---- C:\WINDOWS\system32\avisynth.dll
2009-04-05 15:12:46 ----A---- C:\WINDOWS\system32\AVSredirect.dll
2009-04-05 15:12:45 ----A---- C:\WINDOWS\system32\i420vfw.dll
2009-04-05 15:12:44 ----D---- C:\Program Files\AviSynth 2.5
2009-04-04 16:42:55 ----D---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application
Data\WinFF
2009-04-04 16:42:49 ----D---- C:\Program Files\WinFF
2009-04-04 16:26:32 ----D---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application Data\Any
Video Converter
2009-04-04 16:26:19 ----D---- C:\Program Files\Any Video Converter
2009-04-04 09:05:06 ----D---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application
Data\GRETECH
2009-04-04 09:02:49 ----D---- C:\Program Files\GRETECH
2009-04-03 08:05:08 ----D---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application
Data\Launchy
2009-04-03 08:04:14 ----D---- C:\Program Files\Launchy
2009-04-02 16:18:25 ----D---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application
Data\Windows Live Writer
2009-04-02 09:31:17 ----D---- C:\Program Files\YouTube Downloader
2009-04-02 06:56:24 ----D---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application
Data\GPSoftware
2009-04-02 06:55:56 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application
Data\GPSoftware
2009-04-02 06:55:40 ----D---- C:\Program Files\GPSoftware
2009-04-02 02:40:52 ----D---- C:\Program Files\MediaCoder
2009-04-01 06:09:49 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2009-04-01 00:51:14 ----D---- C:\Program Files\UltraExplorer
2009-03-31 22:15:56 ----D---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application
Data\Mp3tag
2009-03-31 22:15:47 ----D---- C:\Program Files\Mp3tag
2009-03-31 05:27:14 ----D---- C:\Program Files\IrfanView
2009-03-31 02:21:35 ----D---- C:\Program Files\TeraCopy
2009-03-30 13:39:03 ----D---- C:\Program Files\Microsoft Silverlight
2009-03-30 13:36:10 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-03-30 13:35:55 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-03-30 13:35:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954708$
2009-03-30 13:34:39 ----D---- C:\Program Files\Microsoft
2009-03-30 13:33:54 ----D---- C:\Program Files\Windows Live SkyDrive
2009-03-28 13:17:34 ----D---- C:\Program Files\Worms 4 Mayhem
======List of files/folders modified in the last 1 months======
2009-04-27 20:30:17 ----D---- C:\WINDOWS\Prefetch
2009-04-27 19:14:16 ----D---- C:\Program Files
2009-04-27 17:15:31 ----D---- C:\WINDOWS\Temp
2009-04-26 19:39:13 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-26 19:12:23 ----D---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application
Data\TeraCopy
2009-04-26 17:06:00 ----D---- C:\WINDOWS\system32
2009-04-26 17:06:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-04-26 10:36:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-24 06:54:56 ----D---- C:\WINDOWS\system32\drivers
2009-04-24 06:43:14 ----SHD---- C:\WINDOWS\Installer
2009-04-24 06:43:14 ----DC---- C:\Config.Msi
2009-04-22 01:52:42 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-04-22 01:47:33 ----RASHC---- C:\boot.ini
2009-04-22 01:47:33 ----AC---- C:\WINDOWS\win.ini
2009-04-22 01:47:33 ----AC---- C:\WINDOWS\system.ini
2009-04-22 01:47:29 ----D---- C:\WINDOWS\pss
2009-04-20 18:47:44 ----SD---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application
Data\Microsoft
2009-04-19 21:54:21 ----D---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application
Data\Cabos
2009-04-17 03:40:34 ----D---- C:\WINDOWS\system32\wbem
2009-04-17 03:40:34 ----D---- C:\WINDOWS\AppPatch
2009-04-17 02:05:29 ----D---- C:\WINDOWS\Debug
2009-04-17 02:04:55 ----HD---- C:\WINDOWS\$hf_mig$
2009-04-15 18:38:02 ----D---- C:\Program Files\Google
2009-04-15 15:43:29 ----D---- C:\WINDOWS\security
2009-04-14 20:45:09 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot -
Search & Destroy
2009-04-12 20:32:53 ----RSD---- C:\WINDOWS\Fonts
2009-04-08 07:37:56 ----SD---- C:\WINDOWS\system32\Microsoft
2009-04-08 05:55:28 ----D---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application
Data\SUPERAntiSpyware.com
2009-04-08 05:55:16 ----D---- C:\Program Files\Common Files
2009-04-08 05:55:14 ----D---- C:\Program Files\SUPERAntiSpyware
2009-04-08 02:23:10 ----A---- C:\WINDOWS\Uninstall Manager.INI
2009-04-08 01:38:02 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-04-08 01:12:30 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-08 01:11:36 ----D---- C:\WINDOWS\system32\ias
2009-04-06 22:57:24 ----A---- C:\WINDOWS\system32\MRT.exe
2009-04-03 16:37:07 ----D---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application
Data\gtk-2.0
2009-04-02 17:20:49 ----D---- C:\WINDOWS\network diagnostic
2009-04-01 05:50:48 ----D---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application
Data\DAEMON Tools Lite
2009-03-30 14:09:36 ----RSD---- C:\WINDOWS\assembly
2009-03-30 14:06:58 ----D---- C:\WINDOWS\Microsoft.NET
2009-03-30 13:37:51 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-03-30 13:37:49 ----D---- C:\Program Files\Windows Live
2009-03-30 13:36:13 ----D---- C:\WINDOWS\system32\DirectX
2009-03-30 13:34:02 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Application
Data\Microsoft
2009-03-28 12:38:40 ----D---- C:\Documents and Settings\AMincher.ERICA_CARTMAN\Application
Data\WinRAR
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-06
26944]
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 37760]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-06 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-06 51376]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2003-01-01
110992]
R1 cmdHlp;COMODO Firewall Pro Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2003-01-01
24336]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-06 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-06
94032]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-06 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-09-29 800256]
R3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14
17024]
R3 BTHMODEM;Bluetooth Modem Communications Driver; C:\WINDOWS\system32\DRIVERS\bthmodem.sys
[2008-04-14 37888]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys
[2008-04-14 101120]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2004-01-08 812416]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-01-15
23848]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys
[2002-11-27 80896]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14
59136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04
5888]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14
12288]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver;
C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver;
C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 awvxp5f4;awvxp5f4; C:\WINDOWS\system32\drivers\awvxp5f4.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-02-27 21504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys
[2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26
18816]
S3 pgfilter;pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service;
C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-14 12800]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06
28672]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14
19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector;
C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73472]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment;
C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[2009-02-06 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-09-29 405504]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-06
138680]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\Firewall\cmdagent.exe
[2003-01-01 700152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-08
152984]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe
[2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
[2009-02-06 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
[2009-02-06 352920]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11
620544]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-09-29 516096]
S3 aspnet_state;ASP.NET State Service;
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86;
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 fsssvc;Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe
[2009-02-06 533360]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media
Player\WMPNetwk.exe [2006-10-18 913408]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe [2008-11-21 136120]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-03-12 656168]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-04-27 20:30:39
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->msiexec /qb /x {77DCDCE3-2DED-62F3-8154-05E745472D07}
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 Lite-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Advanced System Optimizer-->"C:\Program Files\Advanced System Optimizer\unins000.exe"
Apple Mobile Device Support-->MsiExec.exe /I{162B71B8-8464-4680-A086-601D555B331D}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avanquest update-->C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x0009 -removeonly
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Chikka Messenger V4-->C:\PROGRA~1\CHIKKA~1\CHIKKA~1.4\UNWISE.EXE C:\PROGRA~1\CHIKKA~1\CHIKKA~1.4\INSTALL.LOG
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
C-Media 3D Audio-->C:\WINDOWS\CMIUnInstall.exe
COMODO Firewall Pro-->C:\Program Files\COMODO\Firewall\cfpconfg.exe -u
Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
EAX Unified-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\EAX Unified\Uninst.isu"
Eraser-->"C:\Program Files\Eraser\unins000.exe"
Free CD Music Converter 10-->"C:\WINDOWS\Free CD Music Converter\uninstall.exe" "/U:C:\Program Files\Free CD Music Converter\irunin.xml"
Free Download Manager 3.0-->"C:\Program Files\Free Download Manager\unins000.exe"
GhostSurf 2005-->"C:\Program Files\GhostSurf 2005\unins000.exe"
GIMP 2.6.3-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
GPSoftware Directory Opus-->"C:\Program Files\InstallShield Installation Information\{556DF27F-5B74-11D5-B876-004005E12EF1}\setup.exe" -runfromtemp -l0x0009 -DentalFloss -removeonly
Guild Wars-->"C:\Program Files\Guild Wars\Gw.exe" -uninstall
HijackThis 2.0.2-->"D:\AVasquez\My PROGRAM FILES\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB954708)-->"C:\WINDOWS\$NtUninstallKB954708$\spuninst\spuninst.exe"
iTunes-->MsiExec.exe /I{C26B06A9-27BB-45B0-9873-9C623EC2BA38}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
KCeasy 0.19-rc1-->"C:\Program Files\KCeasy\uninstall.exe"
Launchy 2.1.2-->"C:\Program Files\Launchy\unins000.exe"
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office XP Professional-->MsiExec.exe /I{91110409-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
mIRC-->C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC
Mp3tag v2.43-->C:\Program Files\Mp3tag\Mp3tagUninstall.EXE
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nokia Connectivity Cable Driver-->MsiExec.exe /X{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}
Nokia Flashing Cable Driver-->MsiExec.exe /X{D99C322D-C21B-40C7-AE71-EE51AA096B6E}
Nokia PC Suite-->C:\Documents and Settings\All Users.WINDOWS\Application Data\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Nokia_PC_Suite_7_1_18_0_eng_us_web.exe
Nokia PC Suite-->MsiExec.exe /I{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}
NVIDIA nForce Drivers-->C:\WINDOWS\system32\nvuninst.exe Uninstall C:\WINDOWS\system32\NVU001.nvu,NVIDIA nForce Drivers
PC Connectivity Solution-->MsiExec.exe /I{D848D140-41C3-4A53-86D8-E866A100B4CD}
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Python 2.5.2-->MsiExec.exe /I{6B976ADF-8AE8-434E-B282-A06C7F624D2F}
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek RTL8139/810x Fast Ethernet NIC Driver Setup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}\Setup.exe" -l0x9 REMOVE
Recuva (remove only)-->"C:\Program Files\Recuva\uninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Tcl 8.0.5 for Windows-->C:\PROGRA~1\Tcl\UNWISE.EXE C:\PROGRA~1\Tcl\INSTALL.LOG
TeraCopy 2.0 beta 4a-->"C:\Program Files\TeraCopy\unins000.exe"
Toddler Keys-->MsiExec.exe /I{7339E7E7-FB6A-46EC-8303-D31E655EF617}
Update for Windows Internet Explorer 8 (KB968220)-->"C:\WINDOWS\ie8updates\KB968220-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Windows Driver Package - Nokia Modem (10/27/2008 3.9)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_79486EC6AA0D1732FB17E5167077C07ECAE1B870\nokia_bluetooth.inf
Windows Driver Package - Nokia Modem (10/27/2008 7.01.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_247189AEBF39EB69A7C75429610DFED2F2EDC1B6\nokbtmdm.inf
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{C6CA8874-5F22-4AF0-9BE3-016BF299C536}
Windows Live Family Safety-->MsiExec.exe /X{76CD2979-09C0-493A-84B3-8FD97EF4BCEA}
Windows Live Mail-->MsiExec.exe /I{63C1109E-D977-49ED-BCE3-D00D0BF187D6}
Windows Live Photo Gallery-->MsiExec.exe /X{3C52E7DA-C431-4239-B66B-1BF703D5B194}
Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5}
Windows Live Sync-->MsiExec.exe /X{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Writer-->MsiExec.exe /X{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\WINDOWS\DOWNLO~1\YINSTH~1.DLL
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
=====HijackThis Backups=====
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) [2009-04-18]
O3 - Toolbar: (no name) - {C70E30C7-140A-4166-A2E8-43557E62B41A} - (no file) [2009-04-18]
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) [2009-04-18]
======Hosts File======
127.0.0.1
http://www.007guard.com127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
http://www.008k.com127.0.0.1 008k.com
127.0.0.1
http://www.00hq.com127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
http://www.032439.com127.0.0.1 032439.com
======Security center information======
AV: avast! antivirus 4.8.1335 [VPS 090425-0]
FW: COMODO Firewall
======System event log======
Computer Name: ERICA_CARTMAN
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 7943
Source Name: Tcpip
Time Written: 20090330014515.000000+480
Event Type: warning
User:
Computer Name: ERICA_CARTMAN
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 7942
Source Name: Tcpip
Time Written: 20090329235552.000000+480
Event Type: warning
User:
Computer Name: ERICA_CARTMAN
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 7941
Source Name: Tcpip
Time Written: 20090329230106.000000+480
Event Type: warning
User:
Computer Name: ERICA_CARTMAN
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 7940
Source Name: Tcpip
Time Written: 20090329223123.000000+480
Event Type: warning
User:
Computer Name: ERICA_CARTMAN
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 7939
Source Name: Tcpip
Time Written: 20090329211006.000000+480
Event Type: warning
User:
=====Application event log=====
Computer Name: ERICA_CARTMAN
Event Code: 1102
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Succesfully compiled: System.EnterpriseServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
Record Number: 416
Source Name: .NET Runtime Optimization Service
Time Written: 20090104210619.000000+480
Event Type:
User:
Computer Name: ERICA_CARTMAN
Event Code: 1102
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Succesfully compiled: System.DirectoryServices.Protocols, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
Record Number: 414
Source Name: .NET Runtime Optimization Service
Time Written: 20090104210617.000000+480
Event Type:
User:
Computer Name: ERICA_CARTMAN
Event Code: 1102
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Succesfully compiled: System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
Record Number: 412
Source Name: .NET Runtime Optimization Service
Time Written: 20090104210615.000000+480
Event Type:
User:
Computer Name: ERICA_CARTMAN
Event Code: 1102
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Succesfully compiled: System.Deployment, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
Record Number: 410
Source Name: .NET Runtime Optimization Service
Time Written: 20090104210612.000000+480
Event Type:
User:
Computer Name: ERICA_CARTMAN
Event Code: 1102
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Succesfully compiled: System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
Record Number: 408
Source Name: .NET Runtime Optimization Service
Time Written: 20090104210609.000000+480
Event Type:
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\PC Connectivity Solution\;%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL;C:\WINDOWS\system32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0801
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------