Edit: The infection's getting worse, or at least the symptoms. Even firefox is getting hijacked now, explorer.exe is having problems, the icons on my desktop are all highlighted in blue for some reason, and my computer is sometimes freezing.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:41:28 PM, on 1/4/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iTunes\iTunes.exe
C:\Documents and Settings\Alex\Desktop\HiJackThis.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [prunnet] "C:\WINDOWS\system32\prunnet.exe"
O4 - HKLM\..\Run: [Hqopifetahefozuj] rundll32.exe "C:\WINDOWS\Vbejedu.dll",e
O4 - HKLM\..\Run: [Bjoyenakohodop] rundll32.exe "C:\WINDOWS\umekudeg.dll",e
O4 - HKLM\..\Run: [54be3fd5] rundll32.exe "C:\WINDOWS\system32\waqcanpp.dll",b
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [prunnet] "C:\WINDOWS\system32\prunnet.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [msiexec.exe] msiconf.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msiexec.exe] msiconf.exe (User 'Default user')
O4 - S-1-5-18 Startup: Rapid Antivirus.lnk = C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Rapid Antivirus.lnk = C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe (User 'Default user')
O20 - AppInit_DLLs: awnzzw.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
Edit: I looked in the archives for similar problems and ran Malware-Byte's antimalware and RSIT in one thread as directed to that person. The former seems to have done the trick. But in case it didn't, here are the logs from both.
Malwarebytes' Anti-Malware 1.32
Database version: 1622
Windows 5.1.2600 Service Pack 2
1/6/2009 1:15:08 AM
mbam-log-2009-01-06 (01-15-08).txt
Scan type: Full Scan (A:\|C:\|D:\|)
Objects scanned: 134051
Time elapsed: 44 minute(s), 54 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 4
Registry Keys Infected: 27
Registry Values Infected: 7
Registry Data Items Infected: 7
Folders Infected: 1
Files Infected: 42
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINDOWS\system32\opnopPJd.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\waqcanpp.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\awnzzw.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\fccbaywV.dll (Trojan.Vundo) -> Delete on reboot.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0241020e-5306-4b17-a1de-fd7420b1316f} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{0241020e-5306-4b17-a1de-fd7420b1316f} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{c153a4b7-a599-4ab6-a5d9-f647c4c33e34} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\fccbaywv (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0241020e-5306-4b17-a1de-fd7420b1316f} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{875a1348-7674-42aa-adac-b4f36a004a2d} (Adware.AdBand) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5ef40ac5-1bbe-4436-a9e3-f129c0d605d8} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d4170a6e-8ce3-444b-aca4-b3a0af12c55c} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a21-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\prunnet (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\virusremover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\virusremover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\54be3fd5 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prunnet (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prunnet (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hqopifetahefozuj (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bjoyenakohodop (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Framework Windows (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\opnoppjd -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\opnoppjd -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\userinit.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\userinit.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
C:\Program Files\Rapid Antivirus (Rogue.RapidAntivirus) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\system32\opnopPJd.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\dJPponpo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dJPponpo.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\waqcanpp.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ppnacqaw.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awnzzw.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\fccbaywV.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\prunnet.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msiconf.exe (Trojan.akeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Alex\Local Settings\Temp\winsinstall.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Alex\Local Settings\Temp\winvsnet.tmp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Alex\Local Settings\Temp\prun.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Alex\Local Settings\Temp\seneka6600.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Alex\Local Settings\Temporary Internet Files\Content.IE5\C12R4H6J\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgqbdgoe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nysgwufq.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\senekaqinaxwer.dll (Trojan.Seneka) -> Delete on reboot.
C:\WINDOWS\Temp\s_4610_fHx8fHx8fDEyNDM1MDQ1NjZ8_.dbx (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Program Files\Rapid Antivirus\Buy.url (Rogue.RapidAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Rapid Antivirus\Help.url (Rogue.RapidAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Rapid Antivirus\HowToBuy.txt (Rogue.RapidAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Rapid Antivirus\ID.dat (Rogue.RapidAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Rapid Antivirus\License.txt (Rogue.RapidAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Rapid Antivirus\Uninstall.exe (Rogue.RapidAntivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\Vbejedu.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\umekudeg.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\senekapiqvnsfe.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\senekarprricfv.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\senekadf.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\seneka.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\senekalog.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\seneka.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\senekamolfsswu.sys (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\BM578d0c49.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\warning.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ahtn.htm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\frmwrk32.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Documents and Settings\All Users\Desktop\Best BDSM P0rn.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Desktop\Gay Fetish Sex.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ntdll64.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\WINDOWS\Temp\mousehook.dll (Trojan.FakeAlert) -> Delete on reboot.
Logfile of random's system information tool 1.05 (written by random/random)
Run by Alex at 2009-01-06 01:23:17
Microsoft Windows XP Professional Service Pack 2
System drive C: has 105 GB (69%) free of 153 GB
Total RAM: 511 MB (32% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:23:28 AM, on 1/6/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Alex\Desktop\RSIT.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Documents and Settings\Alex\Desktop\Alex.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [msiexec.exe] msiconf.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msiexec.exe] msiconf.exe (User 'Default user')
O4 - S-1-5-18 Startup: Rapid Antivirus.lnk = C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Rapid Antivirus.lnk = C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe (User 'Default user')
O20 - AppInit_DLLs: awnzzw.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
--
End of file - 3808 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WinPatrol"=C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [2008-01-24 316728]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [2008-05-15 54576]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Aim6"=C:\Program Files\AIM6\aim6.exe [2008-03-25 50528]
"Veoh"=C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2008-08-28 3660848]
""= []
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2008-05-15 95536]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2008-11-14 2356088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
C:\Program Files\AIM6\aim6.exe [2008-03-25 50528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
C:\Program Files\BitTorrent_DNA\dna.exe [2008-04-14 288576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfeeUpdaterUI]
C:\Program Files\McAfee\Common Framework\UdaterUI.exe [2006-11-17 136768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShStatEXE]
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2006-11-30 112216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-04-29 185896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2008-08-28 3660848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Alex^Start Menu^Programs^Startup^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Alex^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
C:\PROGRA~1\LimeWire\LimeWire.exe [2008-09-18 147456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [2008-01-11 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2007-05-10 738968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-11 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Program Neighborhood Agent.lnk]
C:\WINDOWS\Installer\{B2AE44CB-2AAB-4C08-A54B-D264BD604DA8}\Icon80951CEC.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe [2007-05-29 12390]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="awnzzw.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoSetActiveDesktop"=
"NoActiveDesktopChanges"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Disabled:Veoh Client"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\Tudou\·ÉËÙTudou\TudouVa.exe"="C:\Program Files\Tudou\·ÉËÙTudou\TudouVa.exe:*:Enabled:???"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"
======List of files/folders created in the last 1 months======
2009-01-06 01:23:17 ----D---- C:\rsit
2009-01-06 01:13:17 ----A---- C:\WINDOWS\system32\ntdll64.exe
2009-01-06 00:41:39 ----A---- C:\WINDOWS\system32\pcload.exe
2009-01-06 00:35:50 ----SH---- C:\WINDOWS\system32\qfuwgsyn.ini
2009-01-05 22:53:31 ----D---- C:\Documents and Settings\Alex\Application Data\Malwarebytes
2009-01-05 22:53:12 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-05 22:53:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-02 00:20:41 ----A---- C:\WINDOWS\system32\k9261108.exe
2009-01-01 17:33:10 ----SH---- C:\WINDOWS\system32\mqwhndhg.ini
2009-01-01 17:32:32 ----A---- C:\WINDOWS\system32\5f9dfbab-.txt
2008-12-27 23:37:42 ----D---- C:\Python30
2008-12-23 22:08:26 ----D---- C:\Program Files\iPod
2008-12-23 22:08:11 ----D---- C:\Program Files\iTunes
2008-12-23 22:08:11 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-23 22:04:46 ----D---- C:\Program Files\QuickTime
2008-12-23 21:58:35 ----D---- C:\Program Files\Apple Software Update
2008-12-23 21:58:16 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-12-23 21:57:32 ----D---- C:\Program Files\Common Files\Apple
2008-12-23 21:57:31 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-12-23 19:36:25 ----D---- C:\Program Files\OLYMPUS
2008-12-23 19:35:31 ----D---- C:\Program Files\MSXML 4.0
======List of files/folders modified in the last 1 months======
2009-01-06 01:19:07 ----D---- C:\Program Files\Mozilla Firefox
2009-01-06 01:18:19 ----D---- C:\WINDOWS\Temp
2009-01-06 01:16:27 ----D---- C:\WINDOWS\system32\drivers
2009-01-06 01:16:27 ----D---- C:\WINDOWS\system32
2009-01-06 01:16:27 ----D---- C:\WINDOWS
2009-01-06 01:16:26 ----RD---- C:\Program Files
2009-01-06 01:16:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-06 00:42:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-06 00:42:26 ----A---- C:\WINDOWS\system32\userinit.exe
2009-01-02 01:24:23 ----D---- C:\fixwareout
2009-01-02 00:49:38 ----D---- C:\WINDOWS\Prefetch
2009-01-02 00:07:01 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-01 17:04:01 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-01 17:00:10 ----SD---- C:\WINDOWS\Tasks
2008-12-28 18:33:58 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-28 18:33:58 ----SD---- C:\Documents and Settings\Alex\Application Data\Microsoft
2008-12-27 23:38:10 ----SHD---- C:\WINDOWS\Installer
2008-12-27 23:38:09 ----D---- C:\WINDOWS\WinSxS
2008-12-25 12:57:09 ----D---- C:\Program Files\BitComet
2008-12-24 19:27:01 ----D---- C:\Downloads
2008-12-23 22:08:53 ----HD---- C:\WINDOWS\inf
2008-12-23 22:07:06 ----D---- C:\Program Files\Bonjour
2008-12-23 21:57:32 ----D---- C:\Program Files\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
R1 mfetdik;McAfee Inc.; C:\WINDOWS\system32\drivers\mfetdik.sys [2006-11-30 52136]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-25 12032]
R3 ac97intc;Intel(r) 82801 Audio Driver Install Service (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
R3 BCMModem;BCM V.90 56K Modem; C:\WINDOWS\System32\DRIVERS\BCMDM.sys [2001-08-17 871388]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2001-08-17 117760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2002-09-25 9600]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2002-09-25 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 seneka;seneka; C:\WINDOWS\system32\drivers\senekamolfsswu.sys []
S3 mfeapfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeapfk.sys [2006-11-30 64360]
S3 mfeavfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk.sys [2006-11-30 72264]
S3 mfebopk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfebopk.sys [2006-11-30 34152]
S3 mfehidk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfehidk.sys [2006-11-30 168776]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-07 611664]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2006-11-17 104000]
R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe [2006-11-30 54872]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-18 322120]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-05-24 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-12-28 654848]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
S4 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-01-06 01:23:32
======Uninstall list======
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
·ÉËÙÍÁ¶¹ 1.11-->C:\Program Files\Tudou\·ÉËÙTudou\uninst.exe
7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{8BC84ECC-EA87-49C0-93C0-2B5DF62745CD}
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Bridge CS3-->MsiExec.exe /I{68CF6DD2-8BA3-4A70-81D8-7CC5F24C9BA2}
Adobe Bridge Start Meeting-->MsiExec.exe /I{7F3A2319-79CF-4701-95FB-034E99281808}
Adobe Camera Raw 4.0-->MsiExec.exe /I{183B7569-90FB-4C56-9761-0EEB002CAB83}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{20B83B31-09C4-4F0E-9774-EF8A12A0A527}
Adobe Dreamweaver CS3-->C:\Program Files\Common Files\Adobe\Installers\435a6af7459cb02a9c1138113a26e93\Setup.exe
Adobe Dreamweaver CS3-->MsiExec.exe /I{F01D5ED5-D53A-4468-B428-149DC2CB3110}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{4DF98D0B-637E-42B4-B9D6-EB7693D2FBF8}
Adobe Extension Manager CS3-->MsiExec.exe /I{2A539CD9-0F75-4875-9A32-E06DD93C4114}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Help Viewer CS3-->MsiExec.exe /I{733D84D6-AAFD-4368-A1D0-F2734F6B9082}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop 7.0-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu"
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Setup-->MsiExec.exe /I{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{D1C59F81-66FD-4E8E-B9F7-F4B2442D5222}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{41C3C974-EC5E-494C-AFE6-E31D92E2E6CB}
AIM 6-->C:\Program Files\AIM6\uninst.exe
Aim Plugin for QQ Games-->C:\Program Files\Tencent\QQ Games\Plugin\Uninstall.EXE
AndesOLI-->C:\AndesOLI\Uninst.exe
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AVS Video Converter 6-->"C:\Program Files\AVS4YOU\AVSVideoConverter6\unins000.exe"
AVS4YOU Software Navigator 1.2-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Citrix Endpoint Analysis Client-->MsiExec.exe /I{1C582795-778E-4B5D-AE85-518450431F28}
Citrix Presentation Server Client-->MsiExec.exe /I{B2AE44CB-2AAB-4C08-A54B-D264BD604DA8}
Click Bank Monitor 1.0.0-->"C:\Program Files\Affiliates Den\Click Bank Monitor\unins000.exe"
Cliprex DVD Player Professional-->"C:\Program Files\Cliprex DVD Player Professional\uninstall.exe"
Combined Community Codec Pack 2008-01-24-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EphPod-->C:\PROGRA~1\EphPod\UNWISE.EXE C:\PROGRA~1\EphPod\INSTALL.LOG
GnuWin32: UnRar version 3.4.3-->"C:\Program Files\GnuWin32\uninstall\unins000.exe"
GraphCalc v4.0.1-->"C:\Program Files\GraphCalc\unins000.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\Alex\Desktop\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Kaspersky Online Scanner-->C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
K-Lite Codec Pack 3.9.5 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee VirusScan Enterprise-->MsiExec.exe /I{35C03C04-3F1F-42C2-A989-A757EE691F65}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office XP Professional-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Nvu 1.0-->"C:\Program Files\Nvu\unins000.exe"
OLYMPUS Master 2-->MsiExec.exe /X{0815D55A-5EFF-4E1B-8C04-7035E914D90D}
Python 3.0-->MsiExec.exe /I{E0E56E21-55DE-4F77-A109-1BAA72348743}
QQ Games-->C:\Program Files\Tencent\QQ Games\Uninstall.EXE
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Rhapsody Player Engine-->MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Videora iPod Converter 2.19-->C:\Program Files\Red Kawa\Video Converter\uninstaller.exe
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Website Submitter 1.4-->"C:\Program Files\Submit Suite\Website Submitter\unins000.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
WinPatrol 2007-->C:\PROGRA~1\BILLPS~1\WINPAT~1\Setup.exe /remove /q0
XSite Pro-->C:\WINDOWS\XSite Pro Uninstaller.exe
=====HijackThis Backups=====
O20 - Winlogon Notify: fccbaywV - C:\WINDOWS\SYSTEM32\fccbaywV.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O4 - HKCU\..\Run: [prunnet] "C:\WINDOWS\system32\prunnet.exe"
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O4 - Startup: Æô¶¯·ÉËÙÍÁ¶¹.lnk = ?
O20 - Winlogon Notify: fccbaywV - C:\WINDOWS\SYSTEM32\fccbaywV.dll
O20 - Winlogon Notify: fccbaywV - C:\WINDOWS\SYSTEM32\fccbaywV.dll
O20 - AppInit_DLLs: izitvd.dll
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9415/tudouva.pac
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9415/tudouva.pac
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
======Security center information======
AV: McAfee VirusScan Enterprise (disabled)
System event log
Computer Name: ALEXANDER
Event Code: 6005
Message: The Event log service was started.
Record Number: 14557
Source Name: EventLog
Time Written: 20081017133647.000000-300
Event Type: information
User:
Computer Name: ALEXANDER
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Uniprocessor Free.
Record Number: 14556
Source Name: EventLog
Time Written: 20081017133647.000000-300
Event Type: information
User:
Computer Name: ALEXANDER
Event Code: 6006
Message: The Event log service was stopped.
Record Number: 14555
Source Name: EventLog
Time Written: 20081017013600.000000-300
Event Type: information
User:
Computer Name: ALEXANDER
Event Code: 10010
Message: The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.
Record Number: 14554
Source Name: DCOM
Time Written: 20081017013557.000000-300
Event Type: error
User: NT AUTHORITY\SYSTEM
Computer Name: ALEXANDER
Event Code: 59
Message: Generate Activation Context failed for C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest.
Reference error message: The operation completed successfully.
.
Record Number: 14553
Source Name: SideBySide
Time Written: 20081016202602.000000-300
Event Type: error
User:
Application event log
Computer Name: ALEXANDER
Event Code: 101
Message: wuauclt (1684) The database engine stopped.
Record Number: 80151
Source Name: ESENT
Time Written: 20081217032217.000000-300
Event Type: information
User:
Computer Name: ALEXANDER
Event Code: 103
Message: wuaueng.dll (1684) SUS20ClientDataStore: The database engine stopped the instance (0).
Record Number: 80150
Source Name: ESENT
Time Written: 20081217032217.000000-300
Event Type: information
User:
Computer Name: ALEXANDER
Event Code: 102
Message: wuaueng.dll (1684) SUS20ClientDataStore: The database engine started a new instance (0).
Record Number: 80149
Source Name: ESENT
Time Written: 20081217032217.000000-300
Event Type: information
User:
Computer Name: ALEXANDER
Event Code: 100
Message: wuauclt (1684) The database engine 5.01.2600.2180 started.
Record Number: 80148
Source Name: ESENT
Time Written: 20081217032217.000000-300
Event Type: information
User:
Computer Name: ALEXANDER
Event Code: 101
Message: wuauclt (1232) The database engine stopped.
Record Number: 80147
Source Name: ESENT
Time Written: 20081217032216.000000-300
Event Type: information
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 1 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=0102
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"VSEDEFLOGDIR"=C:\Documents and Settings\All Users\Application Data\McAfee\DesktopProtection
"DEFLOGDIR"=C:\Documents and Settings\All Users\Application Data\McAfee\DesktopProtection
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
-----------------EOF-----------------
--
End of file - 4387 bytes