Here is the requested info. Thank you so much for your assistance in this matter.
Squishd1
Logfile of random's system information tool 1.05 (written by random/random)
Run by Squish at 2009-02-25 16:13:43
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 24 GB (64%) free of 38 GB
Total RAM: 512 MB (14% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:14:17 PM, on 2/25/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\System32\SCardSvr.exe
C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\msdtc.exe
C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
C:\windows\System32\svchost.exe
C:\Program Files\ThreatFire\TFService.exe
C:\windows\System32\ups.exe
C:\windows\System32\vssvc.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
C:\windows\Explorer.EXE
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
C:\Program Files\McAfee\McAfee Firewall\CPDCLNT.EXE
C:\windows\System32\alg.exe
C:\Program Files\McAfee\McAfee VirusScan\alogserv.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Registry Mighty\RegistryMighty.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\system32\cidaemon.exe
C:\Program Files\Webroot\WebrootSecurity\SSU.EXE
C:\Documents and Settings\Squish\Desktop\RSIT.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\Squish.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://us.rd.yahoo.com/customize/ie/def ... .yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.com/customize/ie/def ... earch.htmlR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Cher's Fun Spots
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {0ED403E8-470A-4a8a-85A4-D7688CFE39A3} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {A6DC3F58-65A5-4183-9BBA-4A2C67781F0A} - C:\windows\system32\cards32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Alogserv] "C:\Program Files\McAfee\McAfee VirusScan\alogserv.exe"
O4 - HKLM\..\Run: [ThreatFire] "C:\Program Files\ThreatFire\TFTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RegistryMighty.exe] "C:\Program Files\Registry Mighty\RegistryMighty.exe"
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe /startintray
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /startmonitor
O4 - HKCU\..\Run: [ctfmon.exe] "C:\windows\system32\ctfmon.exe"
O4 - HKCU\..\Run: [AdwareAlert] "C:\Program Files\AdwareAlert\AdwareAlert.exe" -boot
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Jewel%20Quest%20Mysteries%20-%20Curse%20of%20the%20Emerald%20Tear/Images/stg_drm.ocx
O16 - DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} (SkillGam Control) -
http://www.worldwinner.com/games/v47/sk ... illgam.cabO16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) -
http://catalog.update.microsoft.com/v7/ ... 5555890817O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} (Blockwerx Control) -
http://www.worldwinner.com/games/v49/bl ... ckwerx.cabO16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) -
http://h20270.www2.hp.com/ediags/gmn2/i ... ection.cabO16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) -
http://www.worldwinner.com/games/shared/wwlaunch.cabO16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} (Cubis Control) -
http://www.worldwinner.com/games/v57/cubis/cubis.cabO16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} (SwapIt Control) -
http://www.worldwinner.com/games/v67/swapit/swapit.cabO16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Jewel%20Quest%20Mysteries%20-%20Curse%20of%20the%20Emerald%20Tear/Images/armhelper.ocx
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) -
http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cabO23 - Service: AVSync Manager (AvSynMgr) - Networks Associates Technologies, Inc. - C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Firewall - Networks Associates, Inc. - C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (
www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 9344 bytes
======Scheduled tasks folder======
C:\windows\tasks\AdwareAlert Scheduled Scan.job
C:\windows\tasks\ErrorRepairTool Scan.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-746137067-1957994488-1004.job
C:\windows\tasks\wrSpySweeper_LA7151F66540946208ACB2282DEFE4FF5.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-11-20 911600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ED403E8-470A-4a8a-85A4-D7688CFE39A3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6DC3F58-65A5-4183-9BBA-4A2C67781F0A}]
C:\windows\system32\cards32.dll [2009-02-16 26528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-19 251504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-11-26 657904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-01-19 522224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-10 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-11-20 160496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-11-20 911600]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-19 251504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Alogserv"=C:\Program Files\McAfee\McAfee VirusScan\alogserv.exe [2002-01-04 36881]
"ThreatFire"=C:\Program Files\ThreatFire\TFTray.exe [2009-02-02 263440]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"YSearchProtection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2008-10-07 111856]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-02-28 282624]
"RegistryMighty.exe"=C:\Program Files\Registry Mighty\RegistryMighty.exe [2008-09-23 3194368]
"SpySweeper"=C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2009-02-14 6308728]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-04-30 68856]
"McAfee.InstantUpdate.Monitor"=C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe [2002-02-10 102468]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-13 15360]
"AdwareAlert"=C:\Program Files\AdwareAlert\AdwareAlert.exe [2009-02-13 9097216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gamevance]
C:\Program Files\Gamevance\gamevance32.exe [2009-01-08 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\cher\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-22 133104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfee Guardian]
C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe [2001-12-18 142336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-02-28 282624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search Protection]
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2008-10-07 111856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-04-30 68856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^cher^Start Menu^Programs^Startup^Forget Me Not Reminders.lnk]
[]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"NoDispCPL"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSetFolders"=0
"NoRun"=0
"NoFind"=0
"NoClose"=0
"NoCommonGroups"=0
"NoDrives"=0
"NoDesktop"=0
"NoTrayContextMenu"=0
"NoViewContextMenu"=0
"NoFileSharing"=0
"NoPrintSharing"=0
"NoWindowsUpdate"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Farstone\VirtualDrive\MGR.exe"="C:\Program Files\Farstone\VirtualDrive\MGR.exe:*:Enabled:VirtualDrive MGR"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\GameHouse\Collapse\Collapse.exe"="C:\Program Files\GameHouse\Collapse\Collapse.exe:*:Disabled:Super Collapse!"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cbe5d90-ab80-11dd-a0bf-00022ad78760}]
shell\AutoRun\command - D:\LaunchU3.exe -a
======List of files/folders created in the last 1 months======
2009-02-25 16:13:43 ----D---- C:\rsit
2009-02-25 15:56:48 ----A---- C:\windows\isRS-000.tmp
2009-02-25 15:56:42 ----A---- C:\windows\system32\capicom.dll
2009-02-25 15:55:36 ----D---- C:\Program Files\MSSOAP
2009-02-25 15:54:25 ----A---- C:\windows\WRSetup.dll
2009-02-25 15:54:24 ----D---- C:\Documents and Settings\All Users\Application Data\Webroot
2009-02-25 06:02:02 ----D---- C:\My Games
2009-02-25 06:00:57 ----D---- C:\Documents and Settings\All Users\Application Data\AlawarGameBox
2009-02-25 06:00:39 ----D---- C:\Documents and Settings\All Users\Application Data\AlawarWrapper
2009-02-25 06:00:02 ----D---- C:\Program Files\Alawar
2009-02-25 02:39:30 ----D---- C:\Compaq
2009-02-25 00:16:47 ----D---- C:\Program Files\Combined Community Codec Pack
2009-02-24 17:32:39 ----N---- C:\windows\system32\spmsg.dll
2009-02-24 17:32:35 ----HDC---- C:\windows\$NtUninstallKB967715$
2009-02-23 21:23:57 ----D---- C:\Documents and Settings\All Users\Application Data\WildTangent
2009-02-23 21:03:38 ----D---- C:\Documents and Settings\Squish\Application Data\Apple Computer
2009-02-23 18:19:20 ----D---- C:\Documents and Settings\Squish\Application Data\Mozilla
2009-02-23 18:18:32 ----D---- C:\Documents and Settings\Squish\Application Data\LimeWire
2009-02-23 18:16:48 ----D---- C:\Program Files\LimeWire
2009-02-23 18:02:30 ----D---- C:\Program Files\serialz2k updates
2009-02-23 13:36:47 ----D---- C:\560cdf307e9034c0e91561cd06a73c
2009-02-23 11:58:26 ----D---- C:\GameHouse Games
2009-02-22 13:27:30 ----D---- C:\Documents and Settings\Squish\Application Data\ErrorRepairTool
2009-02-21 12:18:37 ----D---- C:\Program Files\ErrorRepairTool
2009-02-21 12:17:53 ----D---- C:\Program Files\Downloaded Installers
2009-02-21 12:04:31 ----D---- C:\Program Files\Registry Mighty
2009-02-20 12:57:38 ----A---- C:\DVDPATH.TXT
2009-02-17 18:46:41 ----D---- C:\Documents and Settings\Squish\Application Data\GameBlend
2009-02-16 22:55:14 ----D---- C:\Documents and Settings\All Users\Application Data\GameBlend
2009-02-16 10:46:27 ----D---- C:\Program Files\BFG
2009-02-16 07:44:14 ----A---- C:\Program Files\Setup_build6_1003313.exevirusdoctor.exe
2009-02-16 07:24:00 ----D---- C:\Program Files\XoftSpySE
2009-02-16 06:24:55 ----D---- C:\Documents and Settings\Squish\Application Data\funkitron
2009-02-16 06:17:22 ----D---- C:\Documents and Settings\Squish\Application Data\AdwareAlert
2009-02-16 06:15:58 ----D---- C:\Program Files\AdwareAlert
2009-02-16 06:00:24 ----A---- C:\windows\system32\cards32.dll
2009-02-16 05:49:47 ----D---- C:\Program Files\s2k.7.1.plus
2009-02-15 20:44:15 ----A---- C:\windows\system32\BASSMOD.dll
2009-02-14 14:38:40 ----A---- C:\windows\system32\javaws.exe
2009-02-14 14:38:40 ----A---- C:\windows\system32\javaw.exe
2009-02-14 14:38:40 ----A---- C:\windows\system32\java.exe
2009-02-14 13:35:45 ----D---- C:\Program Files\Jewel Quest
2009-02-14 13:34:17 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-02-13 17:09:18 ----A---- C:\windows\system32\wrLZMA.dll
2009-02-13 17:09:10 ----A---- C:\windows\system32\SsiEfr.exe
2009-02-12 18:44:18 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-02-12 06:23:34 ----D---- C:\Documents and Settings\All Users\Application Data\EA
2009-02-11 20:55:00 ----A---- C:\windows\patchw32.dll
2009-02-11 20:54:58 ----D---- C:\windows\system32\system
2009-02-11 20:33:56 ----HDC---- C:\windows\$NtUninstallKB960715$
2009-02-04 16:09:48 ----D---- C:\Documents and Settings\All Users\Application Data\iWin Games
2009-02-04 12:28:23 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-02-04 09:45:14 ----D---- C:\Documents and Settings\All Users\Application Data\Google
======List of files/folders modified in the last 1 months======
2009-02-25 16:13:46 ----D---- C:\windows\Prefetch
2009-02-25 16:11:42 ----D---- C:\windows\Temp
2009-02-25 16:02:09 ----SD---- C:\windows\Tasks
2009-02-25 16:01:12 ----D---- C:\windows\system32\drivers
2009-02-25 16:00:20 ----D---- C:\WINDOWS
2009-02-25 15:59:38 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-02-25 15:59:28 ----D---- C:\windows\Registration
2009-02-25 15:59:14 ----D---- C:\Program Files\ThreatFire
2009-02-25 15:58:12 ----A---- C:\windows\SchedLgU.Txt
2009-02-25 15:56:42 ----SHD---- C:\windows\system32
2009-02-25 15:55:45 ----SHD---- C:\windows\Installer
2009-02-25 15:55:45 ----D---- C:\windows\WinSxS
2009-02-25 15:55:36 ----RD---- C:\Program Files
2009-02-25 15:55:08 ----HD---- C:\windows\inf
2009-02-25 15:54:24 ----D---- C:\Program Files\Webroot
2009-02-25 15:32:14 ----RD---- C:\windows\Favorites
2009-02-25 14:10:18 ----D---- C:\Program Files\GameHouse
2009-02-25 14:09:10 ----D---- C:\windows\system32\CatRoot2
2009-02-25 02:39:56 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-25 02:07:15 ----D---- C:\windows\Minidump
2009-02-25 01:58:15 ----SD---- C:\windows\Downloaded Program Files
2009-02-25 00:35:27 ----A---- C:\systemscandata.txt
2009-02-24 17:32:48 ----RSHDC---- C:\windows\system32\dllcache
2009-02-24 17:30:24 ----D---- C:\windows\system32\CatRoot
2009-02-24 17:28:48 ----HD---- C:\windows\$hf_mig$
2009-02-23 21:35:06 ----A---- C:\windows\win.ini
2009-02-23 20:19:05 ----D---- C:\Documents and Settings\Squish\Application Data\U3
2009-02-23 13:37:17 ----D---- C:\windows\system32\config
2009-02-23 13:36:57 ----D---- C:\windows\system32\wbem
2009-02-23 12:33:08 ----A---- C:\windows\ntbtlog.txt
2009-02-23 12:20:32 ----D---- C:\Documents and Settings
2009-02-23 11:57:56 ----D---- C:\Program Files\RealArcade
2009-02-21 15:25:30 ----D---- C:\windows\Help
2009-02-21 14:56:48 ----RD---- C:\My Music
2009-02-21 14:00:25 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-02-21 13:32:08 ----A---- C:\windows\imsins.BAK
2009-02-21 13:32:02 ----A---- C:\windows\system32\PerfStringBackup.INI
2009-02-20 21:50:02 ----D---- C:\Documents and Settings\Squish\Application Data\Corel
2009-02-15 21:07:09 ----D---- C:\Program Files\Trend Micro
2009-02-15 21:03:21 ----D---- C:\Program Files\PopCap Games
2009-02-15 20:59:23 ----D---- C:\Program Files\Twistingo& Penguin Puzzle
2009-02-14 20:56:31 ----D---- C:\Documents and Settings\Squish\Application Data\Adobe
2009-02-14 14:38:32 ----D---- C:\Program Files\Java
2009-02-14 00:38:45 ----D---- C:\Program Files\Serials 2000
2009-02-14 00:36:00 ----A---- C:\windows\Wininit.ini
2009-02-12 16:10:17 ----D---- C:\Program Files\Hidden Expedition - Everest
2009-02-12 12:23:03 ----D---- C:\windows\network diagnostic
2009-02-12 03:42:05 ----D---- C:\windows\pss
2009-02-12 03:36:41 ----SHD---- C:\System Volume Information
2009-02-12 03:36:41 ----D---- C:\windows\system32\Restore
2009-02-12 01:02:37 ----D---- C:\Program Files\Gamevance
2009-02-12 01:00:52 ----SHD---- C:\Program Files\outlook
2009-02-11 20:37:04 ----D---- C:\Program Files\Internet Explorer
2009-02-04 16:10:32 ----D---- C:\Program Files\Cosmi
2009-02-04 15:41:57 ----D---- C:\Documents and Settings\Squish\Application Data\SolSuite
2009-02-03 20:06:16 ----RSD---- C:\windows\Fonts
2009-02-03 20:01:30 ----D---- C:\SIERRA
2009-02-03 19:40:51 ----D---- C:\Program Files\Common Files\Roxio Shared
2009-02-03 19:40:12 ----D---- C:\Program Files\Roxio
2009-02-03 15:21:12 ----A---- C:\windows\system32\MRT.exe
2009-02-03 11:18:06 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-01-30 17:30:42 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdPPM;AMD HwPState Processor Driver; C:\windows\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 ATMhelpr;ATMhelpr; C:\windows\system32\drivers\ATMhelpr.sys [1997-06-17 4064]
R1 cdawdm;CDAWDM; C:\windows\System32\DRIVERS\CDAWDM.sys [2002-01-24 46735]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\windows\System32\drivers\ws2ifsl.sys [2003-07-16 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\windows\System32\DRIVERS\AegisP.sys [2008-03-18 17801]
R3 banshee;banshee; C:\windows\System32\DRIVERS\banshee.sys [2001-08-17 36128]
R3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\windows\system32\drivers\es1371mp.sys [2001-08-17 40704]
R3 fcdabus;fcdabus; C:\windows\System32\DRIVERS\fcdabus.sys [2008-02-28 10899]
R3 fvdscsi;fvdscsi; C:\windows\System32\DRIVERS\fvdscsi.sys [2008-02-28 60008]
R3 HidUsb;Microsoft HID Class Driver; C:\windows\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 McAfeePF;McAfee Firewall Network Filter Miniport; C:\windows\System32\DRIVERS\fw220.sys [2001-12-12 29696]
R3 mouhid;Mouse HID Driver; C:\windows\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\windows\system32\DRIVERS\Rtnicxp.sys [2008-12-02 118656]
R3 TfNetMon;TfNetMon; \??\C:\WINDOWS\System32\drivers\TfNetMon.sys []
R3 usbhub;Microsoft USB Standard Hub Driver; C:\windows\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\windows\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\windows\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Keyboard HID Driver; C:\windows\System32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S1 OMCI;OMCI; C:\windows\system32\drivers\OMCI.sys []
S1 wceusbsh;Windows CE USB Serial Host Driver; C:\windows\System32\DRIVERS\wceusbsh.sys [2008-04-13 31744]
S3 AR5523;NETGEAR WG111T USB2.0 Wireless Card Service; C:\windows\system32\drivers\AR5523.sys []
S3 ctljystk;Creative SBLive! Gameport; C:\windows\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\System32\DNINDIS5.SYS []
S3 emu10k;Creative SB Live! (WDM); C:\windows\system32\drivers\emu10k1m.sys [2001-08-17 283904]
S3 emu10k1;Creative Interface Manager Driver (WDM); C:\windows\system32\drivers\ctlfacem.sys [2001-08-17 6912]
S3 genmcmn;Genius NewScroll Mouse Driver; C:\windows\System32\DRIVERS\gmfiltr.sys [2001-09-21 6784]
S3 KMW_KBD;Kensington Input Devices Class filter driver; C:\windows\System32\DRIVERS\KMW_KBD.sys [2003-05-27 5248]
S3 NaiFiltr;NaiFiltr; C:\windows\System32\DRIVERS\NaiFiltr.sys [2001-08-17 23296]
S3 Pcouffin;Low level access layer for CD devices; C:\windows\system32\drivers\Pcouffin.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\windows\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 sermouse;Serial Mouse Driver; C:\windows\System32\DRIVERS\sermouse.sys [2001-08-17 17664]
S3 sfman;Creative SoundFont Manager Driver (WDM); C:\windows\system32\drivers\sfmanm.sys [2001-08-17 36480]
S3 smwdm;smwdm; C:\windows\system32\drivers\smwdm.sys [2001-11-09 465224]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\windows\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;USB Scanner Driver; C:\windows\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\windows\system32\drivers\ac97via.sys [2002-08-28 84480]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AvSynMgr;AVSync Manager; C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe [2002-01-04 172049]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-26 168432]
R2 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-10 152984]
R2 McAfee Firewall;McAfee Firewall; C:\Program Files\McAfee\McAfee Firewall\CPD.EXE [2002-08-19 221184]
R2 ThreatFire;ThreatFire; C:\Program Files\ThreatFire\TFService.exe [2009-02-02 70928]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine; C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe [2009-02-13 4048240]
R2 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe [2009-02-25 1180976]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-10-06 33752]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-13 14336]
S4 McShield;McShield; C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe [2002-01-04 225375]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-02-25 16:14:58
======Uninstall list======
-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\windows\system32\Macromed\Flash\uninstall_plugin.exe
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
5 Line Slots-->C:\PROGRA~1\GAMEHO~1\Slots\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\Slots\INSTALL.LOG
Adobe Acrobat Reader 3.01-->C:\WINDOWS\uninst.exe -fC:\Acrobat3\Reader\DeIsL4.isu
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
Adobe PhotoDeluxe Home Edition 3.1-->C:\WINDOWS\UNINST.EXE -f"C:\Program Files\PhotoDeluxe HE 3.1\DeIsL4.isu" -c"C:\Program Files\PhotoDeluxe HE 3.1\Uninst.dll"
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Type Manager 4.0-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Adobe Type Manager\DeIsL2.isu" -c"C:\Program Files\Adobe Type Manager\UNINST.DLL"
Adventure Inlay - Safari Edition-->C:\PROGRA~1\GAMEHO~1\ADVENT~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\ADVENT~1\INSTALL.LOG
AdwareAlert-->MsiExec.exe /X{FDDDA858-FAFE-4472-9273-989F63F4AC30}
Alawar Game Box-->C:\Program Files\Alawar\AlawarGameBox\Uninstall.exe
Aloha Solitaire-->C:\PROGRA~1\GAMEHO~1\ALOHAS~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\ALOHAS~1\INSTALL.LOG
AquaBall-->C:\Program Files\Alawar\Aquaball\Uninstall.exe
Bejeweled 2-->C:\PROGRA~1\GAMEHO~1\BEJEWE~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\BEJEWE~1\INSTALL.LOG
Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe
BlotterGeist v1.5-->"C:\Program Files\GameYard.com\BlotterGeist\unins000.exe"
Chuzzle Deluxe-->C:\PROGRA~1\GAMEHO~1\CHUZZL~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\CHUZZL~1\INSTALL.LOG
Combined Community Codec Pack 2008-01-24-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
ErrorRepairTool-->MsiExec.exe /X{5CFC48CA-AD9E-4F22-8B58-84628B78636D}
Eusing Free Registry Cleaner-->C:\PROGRA~1\EUSING~1\UNWISE.EXE C:\PROGRA~1\EUSING~1\INSTALL.LOG
FarStone Image Reader-->C:\Program Files\Farstone\VCDReader\Uninstall.exe
Gamevance-->C:\Program Files\Gamevance\gvun.exe
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
Incadia-->C:\PROGRA~1\GAMEHO~1\Incadia\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\Incadia\INSTALL.LOG
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Jewel Quest (remove only)-->"C:\Program Files\iWin.com Games\Jewel Quest\Uninstall.exe"
LimeWire 5.0.11-->"C:\Program Files\LimeWire\uninstall.exe"
McAfee Firewall-->MsiExec.exe /I{9E0FB790-5971-41F3-A1C3-1CF9E153FF2A}
McAfee VirusScan-->MsiExec.exe /I{87AEFD84-BC0D-11D4-B885-00508B022A51}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Web Publishing Wizard 1.52-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
Mozilla Firefox (2.0)-->C:\Program Files\Mozilla Firefox\uninstall\uninst.exe
MSXML 4.0 SP2 and SOAP Toolkit 3.0-->MsiExec.exe /I{32343DB6-9A52-40C9-87E4-5E7C79791C87}
Peggle Nights-->C:\PROGRA~1\GAMEHO~1\PEGGLE~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\PEGGLE~1\INSTALL.LOG
Penguin Puzzle-->C:\PROGRA~1\eGames\PENGUI~1\UNWISE.EXE C:\PROGRA~1\eGames\PENGUI~1\INSTALL.LOG
QuickTime-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1033
RealPlayer Basic-->C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Registry Mighty v6.1-->"C:\Program Files\Registry Mighty\unins000.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\windows\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 8 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP8$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\windows\$NtUninstallKB960715$\spuninst\spuninst.exe"
Sierra Utilities-->C:\Program Files\Sierra On-Line\sutil32.exe uninstall
Slingo Quest (remove only)-->"C:\Program Files\Funkitron\Slingo Quest\Uninstall.exe"
Spy Sweeper Core-->MsiExec.exe /I{3F5B6210-0903-4DC6-8034-8F488AA3A782}
Spy Sweeper-->"C:\Program Files\Webroot\WebrootSecurity\unins000.exe" /Log="C:\DOCUME~1\Squish\LOCALS~1\Temp\Uninstall.txt"
Super Collapse!-->C:\PROGRA~1\GAMEHO~1\Collapse\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\Collapse\INSTALL.LOG
Super TextTwist-->C:\PROGRA~1\GAMEHO~1\TEXTTW~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\TEXTTW~1\INSTALL.LOG
ThreatFire-->"C:\Program Files\ThreatFire\unins000.exe"
TipTop Deluxe 1.1-->C:\Program Files\PopCap Games\TipTop Deluxe\PopUninstall.exe C:\Program Files\PopCap Games\TipTop Deluxe\Install.log
Twistingo-->C:\PROGRA~1\eGames\TWISTI~1\UNWISE.EXE C:\PROGRA~1\eGames\TWISTI~1\INSTALL.LOG
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\windows\$NtUninstallKB967715$\spuninst\spuninst.exe"
VirtualDrive-->MsiExec.exe /I{D5BB0907-4BBB-46A3-AA68-0173D111058D}
Wheel of Fortune 2 (remove only)-->"C:\Program Files\Sony Online Entertainment\Wheel of Fortune 2\Uninstall Wheel of Fortune 2.exe"
Window Washer 5-->C:\WINDOWS\Unwash5.exe
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
WordJong To Go-->C:\PROGRA~1\GAMEHO~1\WORDJO~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\WORDJO~1\INSTALL.LOG
WordPerfect Office 11-->MsiExec.exe /I{54F90B55-BEB3-4F0D-8802-228822FA5921}
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Search Protection-->C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE
Yahoo! Software Update-->C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
=====HijackThis Backups=====
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
http://ak.exe.imgfarm.com/images/nocach ... .0.1.0.cabO23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
System event log
Computer Name: INC-CK9D33CUSUB
Event Code: 7023
Message: The IPSEC Services service terminated with the following error:
The attempted operation is not supported for the type of object referenced.
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090212062930.000000-480
Event Type: error
User:
Computer Name: INC-CK9D33CUSUB
Event Code: 98
Message: RSM was stopped.
Record Number: 4
Source Name: Removable Storage Service
Time Written: 20090212062926.000000-480
Event Type: information
User:
Computer Name: INC-CK9D33CUSUB
Event Code: 4
Message: Driver detected an internal error in its data structures for .
Record Number: 3
Source Name: fvdscsi
Time Written: 20090212062915.000000-480
Event Type: error
User:
Computer Name: INC-CK9D33CUSUB
Event Code: 6005
Message: The Event log service was started.
Record Number: 2
Source Name: EventLog
Time Written: 20090212062901.000000-480
Event Type: information
User:
Computer Name: INC-CK9D33CUSUB
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.
Record Number: 1
Source Name: EventLog
Time Written: 20090212062901.000000-480
Event Type: information
User:
Application event log
Computer Name: INC-CK9D33CUSUB
Event Code: 0
Message:
Record Number: 1333
Source Name: IDriverT
Time Written: 20081125122310.000000-480
Event Type: information
User:
Computer Name: INC-CK9D33CUSUB
Event Code: 4137
Message: CI has started for catalog c:\system volume information\catalog.wci.
Record Number: 1332
Source Name: Ci
Time Written: 20081125122042.000000-480
Event Type: information
User:
Computer Name: INC-CK9D33CUSUB
Event Code: 1800
Message: The Windows Security Center Service has started.
Record Number: 1331
Source Name: SecurityCenter
Time Written: 20081125121311.000000-480
Event Type: information
User:
Computer Name: INC-CK9D33CUSUB
Event Code: 2444
Message: MS DTC started with the following settings:
Security Configuration (OFF = 0 and ON = 1):
Network Administration of Transactions = 0,
Network Clients = 0,
Inbound Distributed Transactions using Native MSDTC Protocol = 0,
Outbound Distributed Transactions using Native MSDTC Protocol = 0,
Transaction Internet Protocol (TIP) = 0,
XA Transactions = 0
Record Number: 1330
Source Name: MSDTC
Time Written: 20081125121309.000000-480
Event Type: information
User:
Computer Name: INC-CK9D33CUSUB
Event Code: 0
Message:
Record Number: 1329
Source Name: IDriverT
Time Written: 20081125121301.000000-480
Event Type: information
User:
Security event log
Computer Name: INC-CK9D33CUSUB
Event Code: 576
Message: Special privileges assigned to new logon:
User Name: NETWORK SERVICE
Domain: NT AUTHORITY
Logon ID: (0x0,0x3E4)
Privileges: SeAuditPrivilege
SeAssignPrimaryTokenPrivilege
SeChangeNotifyPrivilege
Record Number: 17866
Source Name: Security
Time Written: 20090222133119.000000-480
Event Type: audit success
User: NT AUTHORITY\NETWORK SERVICE
Computer Name: INC-CK9D33CUSUB
Event Code: 528
Message: Successful Logon:
User Name: NETWORK SERVICE
Domain: NT AUTHORITY
Logon ID: (0x0,0x3E4)
Logon Type: 5
Logon Process: Advapi
Authentication Package: Negotiate
Workstation Name:
Logon GUID: -
Record Number: 17865
Source Name: Security
Time Written: 20090222133119.000000-480
Event Type: audit success
User: NT AUTHORITY\NETWORK SERVICE
Computer Name: INC-CK9D33CUSUB
Event Code: 576
Message: Special privileges assigned to new logon:
User Name: LOCAL SERVICE
Domain: NT AUTHORITY
Logon ID: (0x0,0x3E5)
Privileges: SeAuditPrivilege
SeAssignPrimaryTokenPrivilege
SeChangeNotifyPrivilege
Record Number: 17864
Source Name: Security
Time Written: 20090222133119.000000-480
Event Type: audit success
User: NT AUTHORITY\LOCAL SERVICE
Computer Name: INC-CK9D33CUSUB
Event Code: 528
Message: Successful Logon:
User Name: LOCAL SERVICE
Domain: NT AUTHORITY
Logon ID: (0x0,0x3E5)
Logon Type: 5
Logon Process: Advapi
Authentication Package: Negotiate
Workstation Name:
Logon GUID: -
Record Number: 17863
Source Name: Security
Time Written: 20090222133119.000000-480
Event Type: audit success
User: NT AUTHORITY\LOCAL SERVICE
Computer Name: INC-CK9D33CUSUB
Event Code: 576
Message: Special privileges assigned to new logon:
User Name: NETWORK SERVICE
Domain: NT AUTHORITY
Logon ID: (0x0,0x3E4)
Privileges: SeAuditPrivilege
SeAssignPrimaryTokenPrivilege
SeChangeNotifyPrivilege
Record Number: 17862
Source Name: Security
Time Written: 20090222132216.000000-480
Event Type: audit success
User: NT AUTHORITY\NETWORK SERVICE
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\Ulead Systems\MPEG
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 3 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0300
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
"FP_NO_HOST_CHECK"=NO
-----------------EOF-----------------