Wow! Wow! Wow1
Actually Java stopped working in internet explorer (IE) maybe 6 months ago, this despite the fact that I tried to download and install and test that I had installed Java. My machine passes all of the Java tests, so I can't figure this out. I don't know why I have the database or the developers but here's what I have
Java runtume developers kis
Java DB 10.4.1.3
Java 6 update 10 and 3
Java SE developer's kit
which ones should I keep?
Now spybotware: I have tried to get rid of this, contacted the maker, ran their removal software, it still comes back. Is it gone now??
IE still does not go anywhere, until I hit stop, then it goes to
res://ieframe.dll/navcancl.htm. But then I can type in a URL and it will go there, just fine.
Thanks soooooo much
Steve
4 logs pasted below:
1. Logfile of random's system information tool 1.05 (written by random/random)
Run by sje at 2008-12-20 13:11:43
Microsoft Windows XP Professional Service Pack 3
System drive C: has 18 GB (31%) free of 57 GB
Total RAM: 1023 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:11:48 PM, on 12/20/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\TPWRTRAY.EXE
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\WINDOWS\system32\TFNF5.exe
C:\WINDOWS\system32\SxgTkBar.exe
C:\WINDOWS\System32\00THotkey.exe
C:\WINDOWS\system32\hdsp32.exe
C:\WINDOWS\system32\hdspmix.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\quickenw\QAGENT.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\mrtMngr.EXE
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TOSHIBA\TME3\Tmesbs3.exe
C:\Program Files\TOSHIBA\TME3\Tmesrv3.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\sje\Desktop\RSIT.exe
C:\Documents and Settings\sje\Desktop\donwload\virus\sje.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page =
http://go.microsoft.com/fwlink/?LinkId=54843O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [TosHKCW.exe] C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [SxgTkBar] SxgTkBar.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPWU_MPM_Agent] C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\mpm.exe
O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV3.EXE /Logon
O4 - HKLM\..\Run: [TMESBS.EXE] C:\Program Files\TOSHIBA\TME3\TMESBS3.EXE /logon
O4 - HKLM\..\Run: [HPWUTOOLBOX] C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe "-i"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [HDSPTray1] hdsp32.exe
O4 - HKLM\..\Run: [HDSPTray2] hdspmix.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QAGENT] C:\quickenw\QAGENT.EXE
O4 - HKLM\..\Run: [T-Mobile Connection Manager] "C:\Program Files\T-Mobile\Connection Manager\TMobileCM.exe" -a
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Stock Spy Tray] "C:\Program Files\Stock Spy\Stock Spy Tray.lnk"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DropBoxUtility] "C:\Program Files\DropBox\DropBox\DropBox.exe" /s
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpywareBot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
O4 - Startup: Check for TWS Updates.lnk = C:\Jts\WiseUpdt.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: ewido anti-spyware 4.0 guard - Unknown owner - C:\Program Files\ewido anti-spyware 4.0\guard.exe (file missing)
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SpywareBot Scanning Engine (SpywareBotSrv) - Unknown owner - C:\Program Files\SpywareBot\SpywareBotSrv.srv.exe (file missing)
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: Tmesbs3 (Tmesbs) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TME3\Tmesbs3.exe
O23 - Service: Tmesrv3 (Tmesrv) - TOSHIBA - C:\Program Files\TOSHIBA\TME3\Tmesrv3.exe
O24 - Desktop Component 0: (no name) - (no file)
--
End of file - 8254 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
C:\WINDOWS\tasks\SpywareBot Scheduled Scan.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-16 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-16 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-16 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Tpwrtray"=TPWRTRAY.EXE []
"TosHKCW.exe"=C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe [2002-01-22 49152]
"TFNF5"=TFNF5.exe []
"SxgTkBar"=SxgTkBar.exe []
"NvCplDaemon"=NvQTwk []
"00THotkey"=C:\WINDOWS\System32\00THotkey.exe [2002-01-30 249856]
"000StTHK"=000StTHK.exe []
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe [2003-11-10 188416]
"HPWU_MPM_Agent"=C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\mpm.exe [2005-11-08 106496]
"TMESRV.EXE"=C:\Program Files\TOSHIBA\TME3\TMESRV3.EXE [2002-02-18 126976]
"TMESBS.EXE"=C:\Program Files\TOSHIBA\TME3\TMESBS3.EXE [2001-08-23 61440]
"HPWUTOOLBOX"=C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe [2005-11-08 352256]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-08-09 221184]
"HDSPTray1"=hdsp32.exe []
"HDSPTray2"=hdspmix.exe []
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-09-29 155648]
"PaperPort PTD"=C:\Program Files\Scansoft\PaperPort\pptd40nt.exe [2006-05-05 36864]
"IndexSearch"=C:\Program Files\Scansoft\PaperPort\IndexSearch.exe [2006-05-05 40960]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-12-11 286720]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16 81920]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-02-20 1443072]
"QAGENT"=C:\quickenw\QAGENT.EXE [2000-09-19 94208]
"T-Mobile Connection Manager"=C:\Program Files\T-Mobile\Connection Manager\TMobileCM.exe [2007-07-23 18968]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-16 136600]
"Stock Spy Tray"=C:\Program Files\Stock Spy\Stock Spy Tray.lnk []
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe []
"DropBoxUtility"=C:\Program Files\DropBox\DropBox\DropBox.exe /s []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [2005-01-04 405583]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"SpywareBot"=C:\Program Files\SpywareBot\SpywareBot.exe -boot []
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Documents and Settings\sje\Start Menu\Programs\Startup
Check for TWS Updates.lnk - C:\Jts\WiseUpdt.exe
OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
OpenOffice.org 2.2.lnk - C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoBandCustomize"=0
"NoMovingBands"=0
"NoCloseDragDropBands"=0
"NoActiveDesktop"=0
"ExSearchOptions"=170685
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\PHILLIP 2\Games\Flight Simulator\Flight Simulator 9\fs9.exe"="E:\PHILLIP 2\Games\Flight Simulator\Flight Simulator 9\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\Microsoft Visual FoxPro 8\vfp8.exe"="C:\Program Files\Microsoft Visual FoxPro 8\vfp8.exe:*:Enabled:Microsoft Visual FoxPro 8.0"
"C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console"
"C:\Program Files\EA GAMES\Battlefield 1942\BF1942.exe"="C:\Program Files\EA GAMES\Battlefield 1942\BF1942.exe:*:Enabled:BF1942"
"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\Program Files\Xfire\xfire.exe"="C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire"
"C:\Program Files\QuoteTracker\stocks.exe"="C:\Program Files\QuoteTracker\stocks.exe:*:Enabled:stocks"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager"
"C:\WINDOWS\system32\javaw.exe"="C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\Microsoft Visual FoxPro 9\vfp9.exe"="C:\Program Files\Microsoft Visual FoxPro 9\vfp9.exe:*:Enabled:Microsoft Visual FoxPro 9.0 SP1"
"C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe"="C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\QuoteLink\0-73-1\Run\winql.exe"="C:\Program Files\QuoteLink\0-73-1\Run\winql.exe:*:Enabled:QuoteLink Tools module"
"C:\Program Files\Microsoft Office\Office\EXCEL.EXE"="C:\Program Files\Microsoft Office\Office\EXCEL.EXE:*:Enabled:Microsoft Excel for Windows"
"C:\Program Files\QuoteLink\0-73-1\Run\qview.exe"="C:\Program Files\QuoteLink\0-73-1\Run\qview.exe:*:Enabled:QuoteLink Tools module"
"C:\Program Files\DTN\IQFeed\iqconnect.exe"="C:\Program Files\DTN\IQFeed\iqconnect.exe:*:Enabled:IQConnect Application"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Prophet\plink.exe"="C:\Prophet\plink.exe:*:Enabled:a5"
"C:\Program Files\CLR Script\CLRScrpt.exe"="C:\Program Files\CLR Script\CLRScrpt.exe:*:Enabled:CLR Script"
"C:\Documents and Settings\sje\Desktop\Phillip\WELCOME PHILLIP!\ALL GAMES\FLIGHT SIMULATOR\squak box\squawkbox.exe"="C:\Documents and Settings\sje\Desktop\Phillip\WELCOME PHILLIP!\ALL GAMES\FLIGHT SIMULATOR\squak box\squawkbox.exe:*:Enabled:squawkbox.exe"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"E:\PHILLIP 2\Games\Flight simulator\fs9.exe"="E:\PHILLIP 2\Games\Flight simulator\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:eBay - Skype"
"C:\Program Files\Stock Spy Demo\jre\bin\javaw.exe"="C:\Program Files\Stock Spy Demo\jre\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\Stock Spy\jre\bin\javaw.exe"="C:\Program Files\Stock Spy\jre\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Documents and Settings\Phillip.SE\Desktop\Phillip Hub\WELCOME PHILLIP!\ALL GAMES\FLIGHT SIMULATOR\squak box\squawkbox.exe"="C:\Documents and Settings\Phillip.SE\Desktop\Phillip Hub\WELCOME PHILLIP!\ALL GAMES\FLIGHT SIMULATOR\squak box\squawkbox.exe:*:Enabled:squawkbox.exe"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"I:\PHILLIP 2\Games\Flight Simulator\fs9.exe"="I:\PHILLIP 2\Games\Flight Simulator\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"E:\LAPNETWIZARD.EXE"="E:\LAPNETWIZARD.EXE:*:Enabled:LapNet Wizard Application"
"D:\LAPNETWIZARD.EXE"="D:\LAPNETWIZARD.EXE:*:Enabled:LapNet Wizard Application"
"C:\Program Files\DropBox\DropBox\DropBox.exe"="C:\Program Files\DropBox\DropBox\DropBox.exe:*:Enabled:DropBox"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32569a55-090d-11dd-a32b-000039f85fb6}]
shell\AutoRun\command - D:\LapNetWizard.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5c41281-b5a3-11dc-a2ff-00022d5d410b}]
shell\AutoRun\command - D:\wd_windows_tools\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dcb58341-0397-11dd-a324-00022d5d410b}]
shell\AutoRun\command - E:\LapNetWizard.exe
======List of files/folders created in the last 1 months======
2008-12-20 13:11:43 ----D---- C:\rsit
2008-12-20 11:12:30 ----D---- C:\Documents and Settings\sje\Application Data\Malwarebytes
2008-12-20 11:12:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-20 11:12:22 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-11 17:30:21 ----D---- C:\Documents and Settings\sje\Application Data\FileZilla
2008-12-11 14:57:09 ----A---- C:\reregisterie.cmd
2008-12-11 13:37:51 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-11 13:36:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-11 13:36:12 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-11 13:35:52 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-05 21:40:40 ----A---- C:\WINDOWS\system32\CNMLM87.DLL
2008-12-03 20:12:01 ----D---- C:\Program Files\Traction Software
2008-12-03 20:01:41 ----D---- C:\Program Files\MS PowerPoint Print Multiple Presentations Software
2008-12-03 09:10:08 ----A---- C:\WINDOWS\SamControlpanel95.INI
2008-11-30 18:39:32 ----HDC---- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-11-24 11:45:28 ----D---- C:\Documents and Settings\sje\Application Data\Mozilla
2008-11-24 11:45:16 ----D---- C:\Program Files\Mozilla Firefox
2008-11-23 19:29:48 ----D---- C:\Program Files\WIBU-SYSTEMS
2008-11-23 19:29:47 ----D---- C:\Program Files\CodeMeter
2008-11-23 19:29:08 ----A---- C:\WINDOWS\system32\TTIC32.dll
2008-11-23 19:29:08 ----A---- C:\WINDOWS\system32\MXRestore.exe
2008-11-23 19:29:08 ----A---- C:\WINDOWS\system32\mgxasio2.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\TTI32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\STRING32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\mgxcdr.txt
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLTPO32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLRES32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLRD32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLPTL32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLPRJ32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLPRF32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLPNT32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLMSC32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLIX.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLISO32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLIO32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLIMG32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLDRV32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLDIR32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLDEV32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLCPY32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLCDF32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLCDA32.dll
2008-11-23 19:29:07 ----A---- C:\WINDOWS\system32\DLLAV32.dll
2008-11-23 19:27:53 ----D---- C:\Program Files\MAGIX
2008-11-23 19:27:53 ----A---- C:\WINDOWS\system32\DLLDEV32i.dll
2008-11-21 08:05:46 ----A---- C:\WINDOWS\system32\msvcr80.dll
2008-11-21 08:05:46 ----A---- C:\WINDOWS\system32\msvcp80.dll
2008-11-21 08:05:46 ----A---- C:\WINDOWS\system32\msvcm80.dll
2008-11-21 08:05:46 ----A---- C:\WINDOWS\system32\mfcm80u.dll
2008-11-21 08:05:46 ----A---- C:\WINDOWS\system32\mfcm80.dll
2008-11-21 08:05:46 ----A---- C:\WINDOWS\system32\mfc80u.dll
2008-11-21 08:05:46 ----A---- C:\WINDOWS\system32\mfc80.dll
======List of files/folders modified in the last 1 months======
2008-12-20 13:11:50 ----D---- C:\WINDOWS\Prefetch
2008-12-20 13:11:33 ----D---- C:\WINDOWS\temp
2008-12-20 13:09:33 ----A---- C:\WINDOWS\ModemLog_TOSHIBA Software Modem AMR.txt
2008-12-20 13:08:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-20 13:06:35 ----ASH---- C:\boot.ini
2008-12-20 13:06:35 ----A---- C:\WINDOWS\win.ini
2008-12-20 13:06:34 ----A---- C:\WINDOWS\SYSTEM.INI
2008-12-20 13:06:33 ----D---- C:\WINDOWS\pss
2008-12-20 13:06:14 ----D---- C:\WINDOWS
2008-12-20 13:04:47 ----HD---- C:\Config.Msi
2008-12-20 13:04:06 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-20 11:12:28 ----D---- C:\WINDOWS\system32\drivers
2008-12-20 11:12:22 ----RD---- C:\Program Files
2008-12-20 11:04:10 ----D---- C:\WINDOWS\system32
2008-12-20 11:04:10 ----D---- C:\Program Files\AquaNotes
2008-12-20 11:03:29 ----SHD---- C:\WINDOWS\Installer
2008-12-20 11:03:29 ----D---- C:\Program Files\Common Files
2008-12-20 11:03:06 ----D---- C:\Program Files\Adobe
2008-12-20 11:03:05 ----D---- C:\Documents and Settings\sje\Application Data\Adobe
2008-12-20 11:02:26 ----D---- C:\Program Files\Apple Software Update
2008-12-20 11:02:20 ----SD---- C:\WINDOWS\Tasks
2008-12-20 11:02:02 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-20 11:01:36 ----HD---- C:\WINDOWS\inf
2008-12-20 11:01:29 ----D---- C:\WINDOWS\twain_32
2008-12-20 10:57:59 ----D---- C:\Program Files\DropBox
2008-12-20 10:57:36 ----D---- C:\WINDOWS\WinSxS
2008-12-20 10:56:56 ----D---- C:\Program Files\HP
2008-12-20 10:56:44 ----D---- C:\Documents and Settings\All Users\Application Data\PureEdge
2008-12-20 10:56:44 ----AC---- C:\WINDOWS\PureEdgeAPI.ini
2008-12-20 10:56:31 ----D---- C:\Program Files\IrfanView
2008-12-20 10:55:09 ----RSD---- C:\WINDOWS\assembly
2008-12-20 10:55:07 ----D---- C:\Program Files\OpenOffice.org 2.2
2008-12-20 10:49:55 ----D---- C:\Program Files\Replay Screencast
2008-12-20 10:48:14 ----D---- C:\Program Files\Smart PDF Converter Pro
2008-12-20 10:47:03 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-20 10:46:19 ----D---- C:\Documents and Settings\sje\Application Data\Viewpoint
2008-12-20 10:46:19 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-12-20 10:46:14 ----D---- C:\Program Files\Viewpoint
2008-12-18 19:24:50 ----D---- C:\Jts
2008-12-18 11:00:47 ----D---- C:\WINDOWS\system32\FxsTmp
2008-12-15 07:54:15 ----D---- C:\Program Files\Outlook Express
2008-12-11 16:09:08 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-11 16:08:19 ----D---- C:\Program Files\Common Files\Software FX Shared
2008-12-11 13:37:30 ----A---- C:\WINDOWS\imsins.BAK
2008-12-11 13:37:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-11 13:37:07 ----D---- C:\Program Files\Internet Explorer
2008-12-11 13:36:49 ----D---- C:\WINDOWS\ie7updates
2008-12-11 13:36:39 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-09 15:24:37 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-08 12:30:12 ----A---- C:\WINDOWS\smartkeydiagnostics.txt
2008-12-05 21:48:03 ----D---- C:\WINDOWS\Media
2008-11-23 19:29:33 ----D---- C:\WINDOWS\system32\MAGIX
2008-11-23 19:27:39 ----A---- C:\WINDOWS\mgxoschk.ini
2008-11-23 13:15:42 ----D---- C:\Program Files\CLR Script
2008-11-23 11:29:53 ----D---- C:\d
2008-11-22 03:21:54 ----D---- C:\WINDOWS\Help
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AntiSpyFilter;AntiSpyFilter; C:\WINDOWS\system32\DRIVERS\antispyfilter.sys [2007-08-10 18672]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-02-20 29704]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-02-20 33800]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 TMEI3E;TMEI3E; C:\WINDOWS\System32\Drivers\TMEI3E.sys [2002-01-08 5802]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-18 12032]
R2 CmosTime;CmosTime; \??\C:\WINDOWS\system32\CmosTime.sys []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-02-20 39944]
R2 irda;IrDA Protocol; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mrtRate;mrtRate; C:\WINDOWS\system32\drivers\mrtRate.sys [2000-05-31 34712]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2001-11-16 119808]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2002-04-19 911661]
R3 pfc;Padus ASPI Shell; \??\C:\WINDOWS\system32\drivers\pfc.sys []
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\System32\DRIVERS\smcirda.sys [2001-09-11 38425]
R3 SOFTXG;YAMAHA XG WDM SoftSynthesizer; C:\WINDOWS\system32\drivers\sxgxgwdm.sys [2001-07-09 967040]
R3 TOSHIBASoftModem;TOSHIBA Software Modem; C:\WINDOWS\System32\DRIVERS\LTSM.sys [2001-09-26 799816]
R3 tsdhd;TOSHIBA SD Card Host Controller Driver; C:\WINDOWS\System32\DRIVERS\tsdhd.sys [2002-01-07 22928]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WDM_YAMAHAAC97;YAMAHA AC-XG Audio Device; C:\WINDOWS\system32\drivers\yacxg.sys [2002-07-19 1099264]
S1 ewido anti-spyware 4.0 driver;ewido anti-spyware 4.0 driver; \??\C:\Program Files\ewido anti-spyware 4.0\guard.sys []
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 ac97intc;Intel(r) 82801 Audio Driver Install Service (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender9\bdfdll.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 evomouflt;Evoluent Mouse Filter Service; C:\WINDOWS\system32\DRIVERS\evomouflt.sys [2007-12-06 15744]
S3 hdsp;RME Hammerfall Audio Device; C:\WINDOWS\system32\DRIVERS\hdsp.sys [2007-08-16 42624]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-30 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-30 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-30 21568]
S3 marsqx5;Digital Blue QX5 V2 Microscope; C:\WINDOWS\system32\DRIVERS\marsqx5.sys [2007-04-02 72576]
S3 MaxtorFrontPanel1;Maxtor 1394 Storage Front Panel Driver; C:\WINDOWS\system32\DRIVERS\mxofwfp.sys [2003-03-13 19712]
S3 MouseCmn;Mouse Driver; C:\WINDOWS\system32\DRIVERS\Ms2KFlt.sys []
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 pciSd;pciSd; C:\WINDOWS\System32\DRIVERS\tossdpci.sys [2002-01-07 15111]
S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCTINDIS5.SYS []
S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-11-07 21760]
S3 sermouse;Serial Mouse Driver; C:\WINDOWS\System32\DRIVERS\sermouse.sys [2001-08-17 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 toslane;Toshiba BT-LANE; C:\WINDOWS\System32\DRIVERS\TOSRFLAN.sys [2002-02-07 25420]
S3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\System32\DRIVERS\tosporte.sys [2001-11-16 39087]
S3 Tosrfbd;Bluetooth RFBUS from Toshiba; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2002-02-07 76920]
S3 Tosrfcom;Bluetooth RFCOMM from Toshiba; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2002-01-24 52341]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2002-01-24 35497]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2004-12-06 104064]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 wlluc48;Wireless LAN PC Card Driver; C:\WINDOWS\System32\DRIVERS\wlluc48.sys [2001-12-19 155136]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-09-06 110592]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-02-20 472320]
R2 Irmon;Infrared Monitor; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-16 152984]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2002-04-19 61440]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 Tmesbs;Tmesbs3; C:\Program Files\TOSHIBA\TME3\Tmesbs3.exe [2001-08-23 61440]
R2 Tmesrv;Tmesrv3; C:\Program Files\TOSHIBA\TME3\Tmesrv3.exe [2002-02-18 126976]
S2 ewido anti-spyware 4.0 guard;ewido anti-spyware 4.0 guard; C:\Program Files\ewido anti-spyware 4.0\guard.exe []
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S2 SpywareBotSrv;SpywareBot Scanning Engine; C:\Program Files\SpywareBot\SpywareBotSrv.srv.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-02-20 19200]
S3 HP Port Resolver;HP Port Resolver; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [2005-05-20 81920]
S3 HP Status Server;HP Status Server; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [2004-10-16 73728]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MSSQL$NR2005;MSSQL$NR2005; C:\Program Files\Microsoft SQL Server\MSSQL$NR2005\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 SQLAgent$NR2005;SQLAgent$NR2005; C:\Program Files\Microsoft SQL Server\MSSQL$NR2005\Binn\sqlagent.EXE [2002-12-17 311872]
S3 SupportSoft RemoteAssist;SupportSoft RemoteAssist; C:\Program Files\Common Files\supportsoft\bin\ssrc.exe [2007-12-11 382320]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
-----------------EOF-----------------
2. info.txt logfile of random's system information tool 1.05 2008-12-20 13:11:57
======Uninstall list======
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Apple Mobile Device Support-->MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{40EF8CEA-ACC4-4C03-824C-55AF8B8EAAE6}
CLR Script 1.62-->"C:\Program Files\CLR Script\CLRScrpt.exe" /uninstall
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
ContinuumClient-->C:\PROGRA~1\Quote.com\CONTIN~1\UNWISE.EXE C:\PROGRA~1\Quote.com\CONTIN~1\INSTALL.LOG
Directory Printer 3.72-->"C:\Program Files\Dirprint\unins000.exe"
Directory Report-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0D9B75C0-3FC9-11D5-8617-00D0B707C2B6}\setup.exe" -l0x9 -removeonly
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Dr Watson for Microsoft Windows OneCare Live v0.9.0929.18-->MsiExec.exe /I{C544F99D-39EF-4E6D-95BE-4E41C1D8C4CB}
Dragon NaturallySpeaking 8-->MsiExec.exe /I{DDDD0C4B-57F7-4A85-ACF0-DB3FC8F1DBB4}
Edelweiss A320-214 Flotte-->E:\PHILLIP 2\Games\Flight Simulator\Uninstall_edw_a320.exe
Edelweiss A330-243-->E:\PHILLIP 2\Games\Flight Simulator\Uninstall_edw_a330.exe
ESET NOD32 Antivirus-->MsiExec.exe /I{7D974ACA-4EE5-412C-8E6A-A5B57B305727}
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Great Lakes Beech 1900D-->E:\PHILLIP 2\Games\Flight Simulator\Uninstal.exe
HijackThis 2.0.2-->"C:\Documents and Settings\sje\Desktop\donwload\virus\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Officejet Pro K550 Series-->C:\Program Files\HP\Digital Imaging\{2B01846C-C137-4e40-B1B2-BFA80DF1A632}\setup\hpzscr01.exe -datfile hpwscr03.dat -forcereboot
Inno Setup version 5.1.8-->"C:\Program Files\Inno Setup 5\unins000.exe"
Intel(R) PRO Ethernet Adapter and Software-->Prounstl.exe
Java DB 10.4.1.3-->MsiExec.exe /X{998D6972-F58E-479D-9248-8F179E55AE38}
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) SE Development Kit 6 Update 10-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160100}
KDEN Denver-->E:\PHILLIP 2\Games\Flight Simulator\Uninstall KDEN.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft ActiveSync 3.8-->"C:\WINDOWS\ISUNINST.EXE" -f"C:\Program Files\Microsoft ActiveSync\DeIsL1.isu" -c"C:\Program Files\Microsoft ActiveSync\ceuninst.dll"
Microsoft Flight Simulator 2004 A Century of Flight-->"E:\PHILLIP 2\Games\Flight Simulator\UNINSTAL.EXE" /runtemp /addremove
Microsoft Identity Integration Server 2003 Resource Tool Kit-->MsiExec.exe /I{E27B1348-46D1-4D22-9EFE-C92F45174A02}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 SR-1 Small Business-->MsiExec.exe /I{00030409-78E1-11D2-B60F-006097C998E7}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF0409-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server Desktop Engine (NeatReceipts Professional)-->C:\Program Files\NeatReceipts Professional\UninstallNR2005.exe
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual FoxPro 9.0 Professional - English-->C:\Program Files\Microsoft Visual FoxPro 9\setup\Visual FoxPro 9.0 Professional - English\setup.exe /MaintMode
MightyFax-->C:\PROGRA~1\MIGHTY~1\UnMighty.EXE
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MS PowerPoint Print Multiple Presentations Software 7.0-->"C:\Program Files\MS PowerPoint Print Multiple Presentations Software\unins000.exe"
MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
NeatReceipts Professional v2.7.5-->C:\Program Files\NeatReceipts Professional\uninstallNR.exe
NetZoom-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{61872626-FF50-40FA-B299-349D479E8208}\setup.exe"
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvts.inf
Outlook Express Quick Backup-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Outlook Express Quick Backup\ST6UNST.LOG"
Pagis Viewer 2.0-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Xerox\Pagis Viewer 2.0\Uninst.isu"
Quicken 2001 New User Edition-->C:\quickenw\WINNT\Intuit\UNWISE.EXE C:\quickenw\WINNT\Intuit\INSTALL.LOG
QuickTime-->MsiExec.exe /I{E0D51394-1D45-460A-B62D-383BC4F8B335}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RME DIGICheck-->"C:\Program Files\RME\Digicheck44\Uninstall.exe" "C:\Program Files\RME\Digicheck44\install.log"
RME Hammerfall DSP (WDM)-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\system32\hdsp.inf
RME HDSP Meter Bridge-->"C:\Program Files\RME\Meterbridge20\Uninstall.exe" "C:\Program Files\RME\Meterbridge20\install.log"
Samplitude 10 Download version 10.1.0.0 (US)-->C:\Program Files\MAGIX\Samplitude_10_Download_version\unwise.exe
ScanSoft PaperPort 11-->MsiExec.exe /I{02E73E50-6513-4802-8600-B5A5BA185BE3}
Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Encoder (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Short Empire for FSX or FS2004-->MsiExec.exe /X{85CCDC7D-71DA-4671-9FF6-1ABF86439859}
Speak Clipboard-->MsiExec.exe /I{A14B5972-EEFC-48F1-A3EC-A2CD1284C670}
T-Mobile Connection Manager-->MsiExec.exe /X{DFA57DE1-DE72-4EFA-85DE-D1426A9D0996}
TOSHIBA Console-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CF0858D-1AC5-4308-9DE7-AD15288A8BDC}\Setup.exe" -uninst
Toshiba Hotkey Utility for Display Devices-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\TFNF5Wxp.inf,DefaultUninstall,5
TOSHIBA Management Console Version 3.5 (3.5.2)-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\TOSHIBA Management Console\Uninst.isu" -c"C:\Program Files\TOSHIBA\TOSHIBA Management Console\ttinst.dll"
TOSHIBA Mobile Extension3 V3.19.00-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\TME3\Uninst.isu" -c"C:\Program Files\TOSHIBA\TME3\uninstx.dll"
TOSHIBA Power Saver-->TPWRDEL.EXE
TOSHIBA Software Modem-->Tosmreg -U
Toshiba Tbiosdrv Driver-->C:\PROGRA~1\Toshiba\TOSHIB~2\UNWISE.EXE C:\PROGRA~1\Toshiba\TOSHIB~2\INSTALL.LOG
TOSHIBA Utilities-->tutildel.exe
Trader Workstation 4.0-->C:\Jts\UNWISE.EXE C:\Jts\INSTALL.LOG
TTS_Technology-->MsiExec.exe /I{AC696733-F8C5-4EAD-B165-AC8AB8C2A755}
TWC User Controls-->MsiExec.exe /I{DCC72248-D3D2-4846-8499-A400053A430E}
Tweak UI-->"C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
TWS Interoperability Components-->C:\Jts\UNWISE.EXE C:\Jts\INSTALL.LOG
Ultimate Traffic-->C:\WINDOWS\iun6002.exe "E:\PHILLIP 2\Games\Flight Simulator\UT13.ini"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Virtual Frontier (iFDG) Airbus A-319-->E:\PHILLIP 2\Games\Flight Simulator\Uninstal.exe
Virtual FRONTIER iFDG Airbus A-319-->E:\PHILLIP 2\Games\Flight Simulator\Uninstal.exe
Virtual Frontier Jet Express CRJ-700-->E:\PHILLIP 2\Games\Flight Simulator\Uninstal.exe
Windows Defender Signatures-->MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Wireless Hotkey-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7862BAD8-A379-4128-8AA1-EFD5A9603C53}\Setup.exe"
Xpander-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll<UNINSTALL_CMD>
YAMAHA AC-XG WDM-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3663DDE0-D8AE-11D3-9850-00C04F7AC096}\setup.exe" maintenance
YAMAHA XG SoftSynthesizer S-YXG50-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B713000F-FBE3-11D3-9D91-0050DA5C3DCF}\setup.exe"
=====HijackThis Backups=====
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
O24 - Desktop Component 0: (no name) - (no file)
O2 - BHO: (no name) - {09628AAA-66AD-4FA2-82E2-698185B66463} - (no file)
O4 - HKCU\..\Run: [SpywareBot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
======Security center information======
AV: ESET NOD32 Antivirus 3.0
System event log
Computer Name: SE
Event Code: 4202
Message: The system detected that network adapter \DEVICE\TCPIP_{38B3A2F4-EA85-4ED4-940B-DF85C7643357} was disconnected from the network,
and the adapter's network configuration has been released. If the network
adapter was not disconnected, this may indicate that it has malfunctioned.
Please contact your vendor for updated drivers.
Record Number: 611
Source Name: Tcpip
Time Written: 20080531143507.000000-420
Event Type: information
User:
Computer Name: SE
Event Code: 4
Message: Adapter Intel(R) PRO/100 VE Network Connection: Adapter Link Down
Record Number: 610
Source Name: E100B
Time Written: 20080531143501.000000-420
Event Type: error
User:
Computer Name: SE
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 609
Source Name: Tcpip
Time Written: 20080531092932.000000-420
Event Type: warning
User:
Computer Name: SE
Event Code: 1002
Message: The IP address lease 192.168.1.100 for the Network Card with network address 000039F85FB6 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
Record Number: 608
Source Name: Dhcp
Time Written: 20080531081924.000000-420
Event Type: error
User:
Computer Name: SE
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 000039F85FB6. The following
error occurred:
The operation was canceled by the user.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Record Number: 607
Source Name: Dhcp
Time Written: 20080531081923.000000-420
Event Type: warning
User:
Application event log
Computer Name: SE
Event Code: 1800
Message: The Windows Security Center Service has started.
Record Number: 15653
Source Name: SecurityCenter
Time Written: 20080728042931.000000-420
Event Type: information
User:
Computer Name: SE
Event Code: 1802
Message: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.
Record Number: 15652
Source Name: SecurityCenter
Time Written: 20080728042931.000000-420
Event Type: error
User:
Computer Name: SE
Event Code: 0
Message:
Record Number: 15651
Source Name: Viewpoint Manager Service
Time Written: 20080728042930.000000-420
Event Type: information
User:
Computer Name: SE
Event Code: 1001
Message: Detection of product '{DDDD0C4B-57F7-4A85-ACF0-DB3FC8F1DBB4}', feature 'NatSpeak' failed during request for component '{D2D7B4BF-6CCA-11D5-8B3F-00105A9846E9}'
Record Number: 15650
Source Name: MsiInstaller
Time Written: 20080726020521.000000-420
Event Type: warning
User: SE\sje
Computer Name: SE
Event Code: 1004
Message: Detection of product '{DDDD0C4B-57F7-4A85-ACF0-DB3FC8F1DBB4}', feature 'NatSpeak', component '{5CC2D105-DDDD-4EC4-8B74-750194E57B99}' failed. The resource 'HKEY_CURRENT_USER\Software\InstallShield\UpdateService\' does not exist.
Record Number: 15649
Source Name: MsiInstaller
Time Written: 20080726020521.000000-420
Event Type: warning
User: SE\sje
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\ImageConverter Plus;C:\Program Files\ImageConverter Plus;C:\Program Files\SizeExplorer Pro 3.8.6;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0204
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"VERSION"=3.0.5.001
"SESSIONID"=1130435106148htx605612eb04e:10732fc8acf:-43a5
"COLLECTIONID"=COL8143
"ITEMID"=dj-22741-15
"UPDATEDIR"=C:\DOCUME~1\sje\LOCALS~1\Temp\radDC882.tmp
"TOOLPATH"=/C:\Program%20Files\Hewlett-Packard\HP%20Software%20Update\install.htm
"HMSERVER"=https://wwss1proa.cce.hp.com/wuss/servlet/WUSSServlet
"SWUTVER"=1.0.18.30716
"OSVER"=winXPP
"LANG"=1033
"TIMEOUT"=0
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
-----------------EOF-----------------
3.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:10:16 PM, on 12/20/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\TPWRTRAY.EXE
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\WINDOWS\system32\TFNF5.exe
C:\WINDOWS\system32\SxgTkBar.exe
C:\WINDOWS\System32\00THotkey.exe
C:\WINDOWS\system32\hdsp32.exe
C:\WINDOWS\system32\hdspmix.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\quickenw\QAGENT.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\mrtMngr.EXE
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TOSHIBA\TME3\Tmesbs3.exe
C:\Program Files\TOSHIBA\TME3\Tmesrv3.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\sje\Desktop\donwload\virus\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page =
http://go.microsoft.com/fwlink/?LinkId=54843O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [TosHKCW.exe] C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [SxgTkBar] SxgTkBar.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPWU_MPM_Agent] C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\mpm.exe
O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV3.EXE /Logon
O4 - HKLM\..\Run: [TMESBS.EXE] C:\Program Files\TOSHIBA\TME3\TMESBS3.EXE /logon
O4 - HKLM\..\Run: [HPWUTOOLBOX] C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe "-i"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [HDSPTray1] hdsp32.exe
O4 - HKLM\..\Run: [HDSPTray2] hdspmix.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QAGENT] C:\quickenw\QAGENT.EXE
O4 - HKLM\..\Run: [T-Mobile Connection Manager] "C:\Program Files\T-Mobile\Connection Manager\TMobileCM.exe" -a
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Stock Spy Tray] "C:\Program Files\Stock Spy\Stock Spy Tray.lnk"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DropBoxUtility] "C:\Program Files\DropBox\DropBox\DropBox.exe" /s
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpywareBot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
O4 - HKUS\S-1-5-21-1850456698-4168273537-3479383672-1004\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" (User '?')
O4 - HKUS\S-1-5-21-1850456698-4168273537-3479383672-1004\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1850456698-4168273537-3479383672-1004\..\Run: [SpywareBot] C:\Program Files\SpywareBot\SpywareBot.exe -boot (User '?')
O4 - S-1-5-21-1850456698-4168273537-3479383672-1004 Startup: Check for TWS Updates.lnk = C:\Jts\WiseUpdt.exe (User '?')
O4 - S-1-5-21-1850456698-4168273537-3479383672-1004 Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe (User '?')
O4 - S-1-5-21-1850456698-4168273537-3479383672-1004 Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe (User '?')
O4 - Startup: Check for TWS Updates.lnk = C:\Jts\WiseUpdt.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: ewido anti-spyware 4.0 guard - Unknown owner - C:\Program Files\ewido anti-spyware 4.0\guard.exe (file missing)
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SpywareBot Scanning Engine (SpywareBotSrv) - Unknown owner - C:\Program Files\SpywareBot\SpywareBotSrv.srv.exe (file missing)
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: Tmesbs3 (Tmesbs) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TME3\Tmesbs3.exe
O23 - Service: Tmesrv3 (Tmesrv) - TOSHIBA - C:\Program Files\TOSHIBA\TME3\Tmesrv3.exe
O24 - Desktop Component 0: (no name) - (no file)
--
End of file - 8950 bytes
4.
Malwarebytes' Anti-Malware 1.31
Database version: 1526
Windows 5.1.2600 Service Pack 3
12/20/2008 1:01:13 PM
mbam-log-2008-12-20 (13-01-13).txt
Scan type: Full Scan (C:\|)
Objects scanned: 194402
Time elapsed: 1 hour(s), 28 minute(s), 36 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 5
Files Infected: 95
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\setup.player.2k2 (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SpywareBot (Rogue.SpywareBot) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Documents and Settings\sje\Application Data\SpywareBot (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Quarantine (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Registry Backups (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Settings (Rogue.SpywareBot) -> Quarantined and deleted successfully.
Files Infected:
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\DataBaseNew.ref (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\rs.dat (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Aug 01 - 11_05_27 AM_803.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Aug 01 - 12_05_48 PM_619.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Aug 04 - 03_48_07 AM_264.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Aug 04 - 10_50_21 AM_992.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Aug 14 - 09_40_43 AM_553.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Aug 28 - 03_00_01 AM_394.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Aug 28 - 03_00_01 AM_845.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Dec 01 - 03_00_00 AM_617.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Dec 01 - 03_00_00 AM_817.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Dec 02 - 03_00_01 AM_315.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Dec 02 - 03_00_01 AM_595.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Dec 03 - 03_00_01 AM_492.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Dec 03 - 03_00_01 AM_793.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Dec 05 - 09_44_12 PM_580.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Dec 09 - 10_10_49 AM_137.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Dec 10 - 11_53_11 AM_059.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Dec 11 - 01_46_28 PM_529.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Dec 12 - 09_37_08 AM_497.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Dec 18 - 03_00_00 AM_285.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Dec 18 - 03_00_00 AM_526.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jul 08 - 07_42_12 PM_945.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jul 25 - 11_01_10 PM_275.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jul 25 - 11_21_15 AM_746.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jul 26 - 02_05_17 AM_623.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jul 28 - 04_29_45 AM_476.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jul 28 - 11_46_37 AM_582.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jul 29 - 04_27_02 AM_391.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jul 30 - 03_00_04 AM_730.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jul 30 - 03_00_07 AM_965.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jul 30 - 03_00_10 AM_659.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jul 31 - 04_08_44 AM_274.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jun 06 - 03_00_00 AM_283.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jun 06 - 03_00_00 AM_483.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jun 08 - 10_32_07 AM_127.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jun 11 - 07_34_44 PM_238.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jun 11 - 09_05_28 PM_712.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jun 20 - 03_00_00 AM_359.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jun 20 - 03_00_00 AM_609.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jun 23 - 01_55_36 AM_277.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jun 23 - 10_25_27 AM_645.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jun 24 - 03_00_01 AM_010.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jun 24 - 03_00_01 AM_350.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Jun 29 - 07_47_24 PM_570.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Nov 03 - 07_42_11 AM_542.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Nov 15 - 10_19_43 PM_385.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Nov 15 - 10_50_32 AM_417.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Nov 16 - 05_50_35 AM_254.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Nov 16 - 10_25_53 AM_875.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Nov 22 - 03_00_00 AM_312.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Nov 22 - 03_00_00 AM_513.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Nov 27 - 06_38_08 PM_664.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 02 - 07_02_15 AM_168.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 06 - 06_23_59 PM_845.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 06 - 11_18_41 AM_185.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 07 - 11_55_38 AM_219.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 08 - 02_31_40 PM_572.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 09 - 10_49_46 AM_524.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 10 - 05_08_47 PM_283.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 10 - 10_49_26 AM_589.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 11 - 01_27_19 PM_147.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 12 - 04_52_14 PM_336.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 15 - 09_24_47 PM_263.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 20 - 09_31_56 PM_121.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 23 - 07_25_22 PM_112.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 24 - 01_54_51 PM_528.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 24 - 01_54_51 PM_959.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 25 - 01_08_14 PM_642.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 25 - 01_49_04 PM_238.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 25 - 02_06_30 PM_198.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 28 - 01_58_52 PM_835.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 28 - 08_48_31 PM_712.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 31 - 08_02_37 PM_191.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Oct 31 - 11_29_33 AM_821.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Sep 05 - 03_00_10 AM_288.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Sep 05 - 03_00_20 AM_393.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Sep 07 - 09_28_10 AM_108.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Sep 07 - 09_28_10 AM_668.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Sep 15 - 03_00_00 AM_643.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Sep 15 - 03_00_00 AM_953.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Sep 24 - 01_59_14 PM_238.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Sep 24 - 01_59_14 PM_658.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Sep 24 - 02_05_33 PM_719.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Sep 27 - 01_26_42 PM_410.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Sep 27 - 09_37_56 AM_537.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Sep 30 - 08_12_30 PM_296.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Log\2008 Sep 30 - 10_11_33 AM_047.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Settings\CustomScan.stg (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Settings\IgnoreList.stg (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Settings\ScanInfo.stg (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Settings\ScanResults.stg (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Settings\SelectedFolders.stg (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\sje\Application Data\SpywareBot\Settings\Settings.stg (Rogue.SpywareBot) -> Quarantined and deleted successfully.