Thanks Scotty.Here are the two logs.
Logfile of random's system information tool 1.02 (written by random/random)
Run by Default at 2008-09-24 09:58:29
Microsoft Windows XP Professional Service Pack 3
System drive C: has 48 GB (61%) free of 78 GB
Total RAM: 255 MB (5% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:59:21, on 24/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Comodo\CBOClean\BOCORE.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\PROGRA~1\Comodo\CBOClean\BOC427.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Default\Desktop\RSIT.exe
C:\Documents and Settings\Default\Desktop\Default.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avwsc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://uk.rd.yahoo.com/customize/ycomp/ ... ch/ie.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [BOC-427] C:\PROGRA~1\Comodo\CBOClean\BOC427.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) -
http://www.eset.eu/buxus/docs/OnlineScanner.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 5185 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GlaryInitialize.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll [2008-07-07 1562448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Firewall Pro"=C:\Program Files\Comodo\Firewall\CPF.exe [2008-03-07 1115728]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-08-27 1783808]
"BOC-427"=C:\PROGRA~1\Comodo\CBOClean\BOC427.exe [2008-07-14 351480]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-08-18 1832272]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPodService"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2007-04-19 294912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\WINDOWS\system32\
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDriveAutoRun"=
"NoResolveSearch"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Documents and Settings\Default\Desktop\utorrent.exe"="C:\Documents and Settings\Default\Desktop\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Default\Desktop\utorrent(2).exe"="C:\Documents and Settings\Default\Desktop\utorrent(2).exe:*:Enabled:µTorrent"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======File associations======
.txt - open - C:\WINDOWS\NOTEPAD.EXE %1
======List of files/folders created in the last 1 months======
2008-09-24 09:58:29 ----DC---- C:\rsit
2008-09-22 22:27:29 ----D---- C:\Program Files\Avira
2008-09-22 22:27:29 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2008-09-18 12:23:24 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-09-18 12:22:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-09-18 11:51:39 ----D---- C:\WINDOWS\Prefetch
2008-09-18 11:48:51 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
2008-09-18 11:48:08 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-18 11:42:23 ----D---- C:\Program Files\Messenger
2008-09-18 11:41:52 ----D---- C:\WINDOWS\system32\en-us
2008-09-18 11:41:51 ----D---- C:\WINDOWS\system32\scripting
2008-09-18 11:41:48 ----D---- C:\WINDOWS\l2schemas
2008-09-18 11:41:48 ----D---- C:\Program Files\msn
2008-09-18 11:41:47 ----D---- C:\WINDOWS\system32\en
2008-09-18 11:41:47 ----D---- C:\WINDOWS\system32\bits
2008-09-18 11:38:11 ----D---- C:\WINDOWS\ServicePackFiles
2008-09-18 11:35:40 ----D---- C:\WINDOWS\network diagnostic
2008-09-18 11:33:02 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-09-18 11:29:25 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-09-18 11:21:47 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-09-18 11:21:44 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-09-18 11:21:43 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-09-18 11:21:40 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-09-18 11:21:40 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-09-18 11:21:31 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-09-18 11:21:31 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-09-18 11:21:24 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-09-18 11:21:21 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-09-18 11:21:20 ----N---- C:\WINDOWS\system32\slserv.exe
2008-09-18 11:21:20 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-09-18 11:21:20 ----N---- C:\WINDOWS\system32\slgen.dll
2008-09-18 11:21:20 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-09-18 11:21:20 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-09-18 11:21:20 ----N---- C:\WINDOWS\slrundll.exe
2008-09-18 11:21:16 ----N---- C:\WINDOWS\system32\setupn.exe
2008-09-18 11:21:14 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-09-18 11:21:13 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-09-18 11:21:12 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-09-18 11:21:10 ----N---- C:\WINDOWS\system32\qutil.dll
2008-09-18 11:21:09 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-09-18 11:21:09 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-09-18 11:21:09 ----N---- C:\WINDOWS\system32\qagent.dll
2008-09-18 11:21:08 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-09-18 11:21:05 ----N---- C:\WINDOWS\system32\onex.dll
2008-09-18 11:20:56 ----N---- C:\WINDOWS\system32\napstat.exe
2008-09-18 11:20:55 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-09-18 11:20:55 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-09-18 11:20:55 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-09-18 11:20:55 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-09-18 11:20:54 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-09-18 11:20:52 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-09-18 11:20:52 ----N---- C:\WINDOWS\system32\mssha.dll
2008-09-18 11:20:33 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-09-18 11:20:33 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-09-18 11:20:33 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-09-18 11:20:33 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-09-18 11:20:30 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-09-18 11:20:19 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-09-18 11:20:18 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-09-18 11:20:18 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-09-18 11:20:18 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-09-18 11:20:18 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-09-18 11:20:18 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-09-18 11:20:08 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-09-18 11:20:07 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-09-18 11:20:03 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-09-18 11:19:58 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-09-18 11:19:52 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-09-18 11:19:52 ----A---- C:\WINDOWS\002948_.tmp
2008-09-18 11:19:51 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-09-18 11:19:51 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-09-18 11:19:51 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-09-18 11:19:51 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-09-18 11:19:51 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-09-18 11:19:51 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-09-18 11:19:51 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-09-18 11:19:51 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-09-18 11:19:47 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-09-18 11:19:47 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-09-18 11:19:46 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-09-18 11:19:46 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-09-18 11:19:46 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-09-18 11:19:46 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-09-18 11:19:46 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-09-18 11:19:45 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-09-18 11:19:45 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-09-18 11:19:44 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-09-18 11:19:41 ----N---- C:\WINDOWS\system32\credssp.dll
2008-09-18 11:19:34 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-09-18 11:19:33 ----N---- C:\WINDOWS\system32\azroles.dll
2008-09-18 11:19:32 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-09-18 11:19:32 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-09-18 11:19:32 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-09-18 11:19:32 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-09-18 11:19:32 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-09-18 11:19:32 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-09-18 11:19:31 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-09-18 11:19:25 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-09-10 10:28:58 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-09-09 13:07:23 ----D---- C:\WINDOWS\system32\Macromed
2008-08-29 11:08:58 ----D---- C:\Documents and Settings\All Users\Application Data\BOC427
2008-08-29 11:08:54 ----A---- C:\WINDOWS\BOC427.INI
2008-08-27 11:52:37 ----D---- C:\WINDOWS\Sun
======List of files/folders modified in the last 1 months======
2008-09-24 09:58:54 ----D---- C:\WINDOWS\TEMP
2008-09-24 09:52:40 ----D---- C:\Program Files\Mozilla Firefox
2008-09-24 09:45:16 ----D---- C:\WINDOWS
2008-09-23 16:24:45 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-09-23 16:24:26 ----D---- C:\Documents and Settings\Default\Application Data\Spyware Terminator
2008-09-23 10:17:21 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-09-23 10:15:17 ----D---- C:\WINDOWS\system32\CatRoot2
2008-09-23 09:15:08 ----D---- C:\Program Files\RegScrubXP
2008-09-23 09:12:44 ----SHC---- C:\boot.ini
2008-09-23 09:12:44 ----AC---- C:\WINDOWS\win.ini
2008-09-23 09:12:44 ----AC---- C:\WINDOWS\system.ini
2008-09-23 01:41:20 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-22 22:27:35 ----D---- C:\WINDOWS\system32\drivers
2008-09-22 22:27:29 ----RAD---- C:\Program Files
2008-09-22 22:13:08 ----D---- C:\WINDOWS\system32
2008-09-22 12:45:13 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-22 12:45:10 ----D---- C:\Program Files\SpywareBlaster
2008-09-19 10:52:37 ----D---- C:\Documents and Settings\Default\Application Data\Auslogics
2008-09-19 10:52:25 ----D---- C:\Program Files\Auslogics
2008-09-19 10:39:39 ----AC---- C:\WINDOWS\NeroDigital.ini
2008-09-18 13:47:20 ----D---- C:\WINDOWS\system32\config
2008-09-18 12:23:30 ----HD---- C:\WINDOWS\inf
2008-09-18 12:23:20 ----HD---- C:\WINDOWS\$hf_mig$
2008-09-18 12:22:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-09-18 12:14:51 ----D---- C:\WINDOWS\Debug
2008-09-18 12:08:41 ----D---- C:\WINDOWS\system32\CatRoot
2008-09-18 11:55:02 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-09-18 11:54:51 ----SHDC---- C:\Config.Msi
2008-09-18 11:54:51 ----SHD---- C:\WINDOWS\Installer
2008-09-18 11:51:08 ----D---- C:\WINDOWS\system32\wbem
2008-09-18 11:51:08 ----D---- C:\WINDOWS\system32\Setup
2008-09-18 11:51:08 ----D---- C:\WINDOWS\AppPatch
2008-09-18 11:51:08 ----D---- C:\Program Files\Internet Explorer
2008-09-18 11:51:07 ----RSD---- C:\WINDOWS\Fonts
2008-09-18 11:47:44 ----D---- C:\WINDOWS\security
2008-09-18 11:42:30 ----D---- C:\WINDOWS\WinSxS
2008-09-18 11:42:09 ----D---- C:\WINDOWS\system32\inetsrv
2008-09-18 11:42:09 ----D---- C:\WINDOWS\ime
2008-09-18 11:42:09 ----D---- C:\WINDOWS\Help
2008-09-18 11:41:52 ----D---- C:\WINDOWS\system32\usmt
2008-09-18 11:41:47 ----D---- C:\WINDOWS\PeerNet
2008-09-18 11:41:47 ----D---- C:\Program Files\Movie Maker
2008-09-18 11:37:59 ----D---- C:\WINDOWS\system32\Restore
2008-09-18 11:37:59 ----D---- C:\WINDOWS\system32\npp
2008-09-18 11:37:59 ----D---- C:\WINDOWS\mui
2008-09-18 11:37:58 ----D---- C:\WINDOWS\msagent
2008-09-18 11:37:56 ----D---- C:\WINDOWS\srchasst
2008-09-18 11:37:55 ----D---- C:\Program Files\NetMeeting
2008-09-18 11:37:54 ----D---- C:\WINDOWS\system32\Com
2008-09-18 11:37:51 ----D---- C:\Program Files\Windows Media Player
2008-09-18 11:37:51 ----D---- C:\Program Files\Outlook Express
2008-09-18 11:37:47 ----D---- C:\Program Files\Common Files\System
2008-09-18 11:37:26 ----D---- C:\WINDOWS\system32\oobe
2008-09-18 11:37:24 ----D---- C:\WINDOWS\system
2008-09-18 11:28:49 ----D---- C:\WINDOWS\ehome
2008-09-15 17:06:07 ----SHDC---- C:\System Volume Information
2008-09-15 14:52:28 ----D---- C:\Program Files\EsetOnlineScanner
2008-09-12 10:08:41 ----D---- C:\WINDOWS\BDOSCAN8
2008-09-11 16:38:10 ----D---- C:\Program Files\Spyware Terminator
2008-09-11 10:00:03 ----D---- C:\Documents and Settings\Default\Application Data\uTorrent
2008-09-10 17:40:27 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-10 16:55:25 ----D---- C:\Documents and Settings\Default\Application Data\CyberLink
2008-08-30 10:53:15 ----D---- C:\Documents and Settings\Default\Application Data\Mozilla
2008-08-29 11:08:51 ----D---- C:\Program Files\Comodo
2008-08-26 21:28:12 ----AC---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072]
R1 CmdMon;Comodo Application Engine; C:\WINDOWS\System32\DRIVERS\cmdmon.sys [2008-03-07 75520]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2004-07-16 16512]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-19 2317504]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 BOCDRIVE;BOClean Kernel Monitor.; \??\C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys []
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2005-02-02 14408]
R3 ip100xp;IC Plus IP100 10/100 Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\ipfnd51.sys [2005-02-02 26752]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-12-24 1897408]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S1 Klif;Klif; \??\C:\WINDOWS\system32\Drivers\klif.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 TSP;TSP; \??\C:\WINDOWS\system32\drivers\klif.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-06-12 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-07 149761]
R2 BOCore;BOCore; C:\Program Files\Comodo\CBOClean\BOCORE.exe [2008-07-14 73464]
R2 CmdAgent;Comodo Application Agent; C:\Program Files\Comodo\Firewall\cmdagent.exe [2008-03-07 361040]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-08-27 570880]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-12-31 89136]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.02 2008-09-24 09:59:27
======Uninstall list======
-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{0906B442-D0EC-4FE2-B666-95C82EF8B8A6}
-->C:\PROGRA~1\ntl\BROADB~1\Uninstall.exe ntl
-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Audacity 1.2.4-->"C:\Program Files\Audacity\unins000.exe"
AusLogics Disk Defrag-->"C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe"
AusLogics Registry Defrag-->"C:\Program Files\Auslogics\AusLogics Registry Defrag\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Backup CD Player-->C:\PROGRA~1\BACKUP~1\UNWISE.EXE C:\PROGRA~1\BACKUP~1\INSTALL.LOG
BOClean-->C:\WINDOWS\UNBOC.EXE
broadband medic-->C:\WINDOWS\Motive\ntl\MCCUninst.exe
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
COMODO Firewall Pro-->C:\Program Files\Comodo\Firewall\fwconfig.exe -uninstalln
ESET Online Scanner-->C:\WINDOWS\system32\OnlineScannerUninstaller.exe
Eusing Free Registry Cleaner-->C:\PROGRA~1\EUSING~1\UNWISE.EXE C:\PROGRA~1\EUSING~1\INSTALL.LOG
FLAC Installer 1.1.2a (remove only)-->C:\Program Files\FLAC\uninstall.exe
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Glary Utilities 2.6-->"C:\Program Files\Glary Utilities\unins000.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\Default\Desktop\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Kaspersky Online Scanner-->C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSConfig CleanUp 1.2-->"C:\Program Files\MSConfig CleanUp\UninsHs.exe"
Nero Suite-->C:\Program Files\Common Files\Nero\Uninstall\setup.exe /uninstall ExtraUninstallID=""
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
RegScrubXP 3.25-->"C:\Program Files\RegScrubXP\unins000.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spyware Terminator-->"C:\Program Files\Spyware Terminator\unins000.exe"
SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe"
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
======Hosts File======
127.0.0.1
www.007guard.com127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
www.008k.com127.0.0.1 008k.com
127.0.0.1
www.00hq.com127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
www.032439.com127.0.0.1 032439.com
======Security center information======
AV: Avira AntiVir PersonalEdition
FW: COMODO Firewall Pro
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=1
"OS"=Windows_NT
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\QuickTime\QTSystem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=2c02
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
-----------------EOF-----------------