Thanks for the response and taking time to help.
Here are the logs you requested:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Cliff Leduc at 2009-09-21 14:24:37
Microsoft Windows XP Professional Service Pack 2
System drive C: has 31 GB (82%) free of 38 GB
Total RAM: 510 MB (29% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:24:49 PM, on 9/21/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Cliff Leduc\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Cliff Leduc.exe
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_02\bin\npjpi141_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_02\bin\npjpi141_02.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/resourc ... oscan8.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftup ... 2962625656O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
--
End of file - 3278 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\WGASetup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-07-24 1090816]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-09-01 2007832]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\braviax]
C:\WINDOWS\system32\braviax.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-09-01 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Canon\Color Network ScanGear\SgTool.exe"="C:\Program Files\Canon\Color Network ScanGear\SgTool.exe:*:Enabled:SGTOOL"
"C:\Program Files\Microsoft Office\Office12\MSTORE.EXE"="C:\Program Files\Microsoft Office\Office12\MSTORE.EXE:*:Enabled:MSTORE"
"C:\Program Files\activePDF\PrimoPDF\PrimoPDF.exe"="C:\Program Files\activePDF\PrimoPDF\PrimoPDF.exe:*:Enabled:PrimoPDF"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e56856a-045b-11de-a609-000d561f75be}]
shell\AutoRun\command - E:\ukgki.cmd
shell\explore\command - E:\ukgki.cmd
shell\open\command - E:\ukgki.cmd
======List of files/folders created in the last 1 months======
2009-09-21 14:24:37 ----D---- C:\rsit
2009-09-19 03:02:24 ----D---- C:\WINDOWS\system32\KB905474
2009-09-19 03:01:23 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-09-19 03:01:11 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2009-09-19 03:00:14 ----D---- C:\WINDOWS\LastGood
2009-09-18 10:40:16 ----D---- C:\Program Files\Panasonic
2009-09-18 10:40:16 ----A---- C:\WINDOWS\system32\SDDEVMGR.dll
2009-09-18 03:10:19 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2009-09-18 03:10:10 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$
2009-09-18 03:10:01 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
2009-09-18 03:09:52 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
2009-09-18 03:09:42 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2009-09-18 03:09:33 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$
2009-09-18 03:09:24 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2009-09-18 03:09:09 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2009-09-18 03:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2009-09-18 03:08:51 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2009-09-18 03:08:42 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2009-09-18 03:08:33 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$
2009-09-18 03:08:24 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2009-09-18 03:08:16 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2009-09-18 03:08:08 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$
2009-09-18 03:07:58 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$
2009-09-18 03:07:50 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2009-09-18 03:07:42 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$
2009-09-18 03:07:32 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2009-09-18 03:07:23 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2009-09-18 03:07:15 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$
2009-09-18 03:07:07 ----HDC---- C:\WINDOWS\$NtUninstallKB936357$
2009-09-18 03:06:58 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2009-09-18 03:06:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$
2009-09-18 03:06:43 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2009-09-18 03:06:35 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$
2009-09-18 03:06:09 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2009-09-18 03:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
2009-09-18 03:05:51 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$
2009-09-18 03:05:42 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2009-09-18 03:05:35 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
2009-09-18 03:05:22 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2009-09-18 03:05:08 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2009-09-18 03:05:00 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$
2009-09-18 03:04:52 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$
2009-09-18 03:04:42 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2009-09-18 03:04:35 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2009-09-18 03:04:27 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-09-18 03:04:00 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2009-09-18 03:03:53 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
2009-09-18 03:03:45 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2009-09-18 03:03:37 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2009-09-18 03:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
2009-09-18 03:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$
2009-09-18 03:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
2009-09-18 03:03:02 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2009-09-18 03:02:54 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2009-09-18 03:02:45 ----HDC---- C:\WINDOWS\$NtUninstallKB938127$
2009-09-18 03:02:37 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$
2009-09-18 03:02:29 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
2009-09-18 03:02:22 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
2009-09-18 03:02:14 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
2009-09-18 03:02:08 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$
2009-09-18 03:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
2009-09-18 03:01:41 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2009-09-18 03:01:33 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2009-09-18 03:01:25 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2009-09-18 03:01:17 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$
2009-09-18 03:01:08 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$
2009-09-18 03:01:01 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2009-09-18 03:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2009-09-18 03:00:47 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$
2009-09-18 03:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2009-09-18 03:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$
2009-09-17 11:31:42 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-09-17 11:30:31 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2009-09-16 16:10:17 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-09-16 16:10:08 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-09-16 16:10:00 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-09-16 16:09:41 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
2009-09-16 16:09:21 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-09-16 16:09:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-09-16 16:09:07 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-09-16 16:08:56 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-09-16 16:03:01 ----D---- C:\WINDOWS\system32\XPSViewer
2009-09-16 16:02:57 ----D---- C:\Program Files\MSBuild
2009-09-16 16:02:48 ----D---- C:\Program Files\Reference Assemblies
2009-09-16 16:02:19 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-09-16 16:02:19 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-09-16 16:02:19 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-09-16 16:02:18 ----D---- C:\3b3e1e1becf8866078a369e9
2009-09-16 15:58:41 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-09-16 15:58:36 ----D---- C:\Program Files\MSXML 6.0
2009-09-16 15:57:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-09-16 15:56:52 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-09-16 15:56:46 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-09-16 15:56:39 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-16 15:56:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-09-16 15:56:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-09-16 15:43:11 ----A---- C:\WINDOWS\system32\MRT.exe
2009-09-16 15:38:59 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-09-16 15:38:57 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-09-15 06:09:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2009-09-15 06:09:19 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-09-15 06:09:08 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-09-15 06:09:00 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2009-09-15 06:08:26 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-09-15 06:08:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-09-15 06:08:01 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-09-15 06:07:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-09-15 06:07:34 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-09-15 06:07:19 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-09-15 06:07:06 ----D---- C:\WINDOWS\ServicePackFiles
2009-09-15 06:07:04 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2009-09-15 06:06:52 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-09-15 06:06:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-09-15 06:06:29 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-09-15 06:06:12 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2009-09-15 06:05:51 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-09-15 06:05:27 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-09-14 16:09:57 ----D---- C:\WINDOWS\BDOSCAN8
2009-09-14 14:13:10 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-09-14 13:22:14 ----D---- C:\Documents and Settings\Cliff Leduc\Application Data\Malwarebytes
2009-09-14 12:26:21 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-09-14 12:22:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-09-14 10:35:11 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-09-14 10:35:11 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-09-11 14:32:27 ----A---- C:\WINDOWS\osade.exe
2009-09-11 14:32:27 ----A---- C:\WINDOWS\mofipal.com
2009-09-11 14:32:27 ----A---- C:\Documents and Settings\Cliff Leduc\Application Data\wyzi.bat
2009-09-11 14:23:40 ----SHD---- C:\WINDOWS\CSC
2009-09-11 12:57:11 ----D---- C:\Program Files\Trend Micro
2009-09-08 13:58:19 ----D---- C:\Documents and Settings\Cliff Leduc\Application Data\MSNInstaller
======List of files/folders modified in the last 1 months======
2009-09-21 14:05:39 ----D---- C:\WINDOWS\Prefetch
2009-09-21 12:55:59 ----D---- C:\WINDOWS\Temp
2009-09-19 12:47:58 ----HD---- C:\$AVG8.VAULT$
2009-09-19 12:47:58 ----D---- C:\WINDOWS\system32
2009-09-19 03:03:27 ----D---- C:\WINDOWS\Microsoft.NET
2009-09-19 03:02:25 ----SD---- C:\WINDOWS\Tasks
2009-09-19 03:02:13 ----D---- C:\WINDOWS\system32\CatRoot
2009-09-19 03:01:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-09-19 03:01:32 ----HD---- C:\WINDOWS\inf
2009-09-19 03:01:31 ----D---- C:\WINDOWS
2009-09-19 03:01:13 ----D---- C:\Program Files\Windows Media Player
2009-09-19 03:00:33 ----SHD---- C:\WINDOWS\Installer
2009-09-18 10:40:16 ----RD---- C:\Program Files
2009-09-18 10:40:16 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-18 10:39:56 ----D---- C:\Program Files\Internet Explorer
2009-09-18 10:39:51 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-18 09:50:35 ----D---- C:\WINDOWS\Debug
2009-09-18 03:18:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-09-18 03:16:11 ----D---- C:\WINDOWS\msagent
2009-09-18 03:15:40 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-09-18 03:09:03 ----D---- C:\WINDOWS\system32\drivers
2009-09-18 03:08:00 ----D---- C:\WINDOWS\WinSxS
2009-09-18 03:07:14 ----HD---- C:\WINDOWS\$hf_mig$
2009-09-18 03:07:00 ----D---- C:\Program Files\Messenger
2009-09-18 03:05:53 ----D---- C:\Program Files\Outlook Express
2009-09-18 03:05:53 ----D---- C:\Program Files\Common Files\System
2009-09-18 03:05:26 ----D---- C:\WINDOWS\system32\Com
2009-09-17 11:36:02 ----D---- C:\Program Files\Online Services
2009-09-16 16:53:37 ----RSD---- C:\WINDOWS\assembly
2009-09-16 16:30:29 ----D---- C:\WINDOWS\system32\wbem
2009-09-16 16:02:55 ----D---- C:\WINDOWS\system32\en-US
2009-09-16 16:02:53 ----RSD---- C:\WINDOWS\Fonts
2009-09-16 16:00:06 ----D---- C:\WINDOWS\system32\mui
2009-09-16 15:56:22 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-09-16 15:34:12 ----D---- C:\Program Files\Windows Desktop Search
2009-09-16 15:34:11 ----D---- C:\WINDOWS\system32\Setup
2009-09-16 15:34:11 ----D---- C:\WINDOWS\AppPatch
2009-09-14 16:10:00 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-09-14 14:58:20 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-09-14 14:10:34 ----D---- C:\WINDOWS\SoftwareDistribution
2009-09-13 12:31:25 ----D---- C:\WINDOWS\Drivers
2009-09-11 14:32:26 ----D---- C:\Program Files\Common Files
2009-09-08 13:58:20 ----D---- C:\Program Files\MSN
2009-09-08 13:57:02 ----D---- C:\WINDOWS\twain_32
2009-09-01 09:32:21 ----A---- C:\WINDOWS\system32\avgrsstx.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-09-01 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-09-01 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-07-23 108552]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 E1000;Intel(R) PRO/1000 Adapter Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2002-11-12 99840]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-02-10 681469]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-02-28 545024]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-04 73472]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-09-01 297752]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-09-21 14:24:51
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
AVG Free 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Color Network ScanGear Ver.2.43-->MsiExec.exe /X{FFDC1DCA-4D85-4835-8313-B656319F046F}
Command WorkStation 4 .1.0.52-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{60A73620-3618-11D2-AD1A-006008A6ABE2}\setup.exe" remove
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Intel(R) Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572
Intel(R) PRO Ethernet Adapter and Software-->Prounstl.exe
Japanese Fonts Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5760-0000-900000000003}
Java 2 Runtime Environment, SE v1.4.1_02-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFCE5837-FC21-11D6-9D24-00010240CE95}\setup.exe" Anytext
Java Web Start-->"C:\Program Files\Java Web Start\uninst-javaws.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Standard 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall STANDARDR /dll OSETUP.DLL
Microsoft Office Standard 2007-->MsiExec.exe /X{91120000-0012-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
SDFormatter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A347920-4AFC-11D5-9FB0-800649886934}\setup.exe"
Security Update for Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Security Update for Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
Security Update for Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Security Update for Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Security Update for Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Security Update for Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Security Update for Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Security Update for Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971032)-->"C:\WINDOWS\$NtUninstallKB971032$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0012-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Outlook 2007 Junk Email Filter (kb973514)-->msiexec /package {91120000-0012-0000-0000-0000000FF1CE} /uninstall {03B11C77-336F-43B4-9B43-79890BA84504}
Update for Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Update for Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Update for Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Update for Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Update for Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Update for Windows XP (KB925720)-->"C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
Update for Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Update for Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Update for Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Update for Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
=====HijackThis Backups=====
O20 - AppInit_DLLs: cru629.dat [2009-09-14]
======Hosts File======
127.0.0.1
www.007guard.com127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
www.008k.com127.0.0.1 008k.com
127.0.0.1
www.00hq.com127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
www.032439.com127.0.0.1 032439.com
======Security center information======
AV: AVG Anti-Virus Free
======System event log======
Computer Name: ADMIN2
Event Code: 3019
Message: The redirector failed to determine the connection type.
Record Number: 1946
Source Name: MRxSmb
Time Written: 20090703123727.000000-420
Event Type: warning
User:
Computer Name: ADMIN2
Event Code: 3019
Message: The redirector failed to determine the connection type.
Record Number: 1945
Source Name: MRxSmb
Time Written: 20090703123725.000000-420
Event Type: warning
User:
Computer Name: ADMIN2
Event Code: 3019
Message: The redirector failed to determine the connection type.
Record Number: 1944
Source Name: MRxSmb
Time Written: 20090703123723.000000-420
Event Type: warning
User:
Computer Name: ADMIN2
Event Code: 3019
Message: The redirector failed to determine the connection type.
Record Number: 1943
Source Name: MRxSmb
Time Written: 20090703123720.000000-420
Event Type: warning
User:
Computer Name: ADMIN2
Event Code: 20
Message: Printer Driver Canon iR2200-3300 PCL6 for Windows NT x86 Version-3 was added or updated. Files:- Cnp60M_DFFA7.DLL, Cnp60MUI_DFFA7.DLL, IR2200XU.XPD, Cnp60U_DFFA7.CHM, IR2200XU.UPD, CnP6FFA7.DAT, Cnp60409_DFFA7.DLL, cnxp0log.DLL, AUSSDRV.DLL, CnxD0230.dat, CnxDias2.DLL, CNLK.PRF, CPC10S.DLL, CPC10D.EXE, CPC10Q.EXE, CPC10E.DLL, CPC10V.EXE, CPC1US.DLL, CPC1US.CHM, cnxpcf32.DLL, cnxpcp32.DLL, CnPXCM32.DLL, UCS32P.DLL, cnxptn32.DLL, iR2200XU_D417B.upd.
Record Number: 1942
Source Name: Print
Time Written: 20090703122839.000000-420
Event Type: warning
User: NT AUTHORITY\SYSTEM
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\PROGRA~1\COMMON~1\EFI;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
StartupList report, 9/21/2009, 2:12:04 PM
StartupList version: 1.52.2
Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
==================================================
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Adobe Reader Speed Launcher = "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
AVG8_TRAY = C:\PROGRA~1\AVG\AVG8\avgtray.exe
Malwarebytes Anti-Malware (reboot) = "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
[OptionalComponents]
=
--------------------------------------------------
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\logon.scr
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Task Scheduler jobs:
WGASetup.job
--------------------------------------------------
Enumerating Download Program Files:
[BDSCANONLINE Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\oscan82.ocx
CODEBASE =
http://download.bitdefender.com/resourc ... oscan8.cab[MUWebControl Class]
InProcServer32 = C:\WINDOWS\system32\muweb.dll
CODEBASE =
http://update.microsoft.com/microsoftup ... 2962625656[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx
CODEBASE =
http://download.macromedia.com/pub/shoc ... wflash.cab--------------------------------------------------
Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*
Windows NT checkdisk command:
BootExecute = autocheck autochk *
Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\Documents and Settings\Cliff Leduc\Desktop\ricoh tools\BasicSupportTool_RICOH20080908\RsInfo.exe||C:\Documents and Settings\Cliff Leduc\Desktop\ricoh tools\BasicSupportTool_RICOH20080908\RsiUtil.dll||C:\Documents and Settings\Cliff Leduc\Desktop\ricoh tools\MailSupportTool_RICOH20080908\RsInfo.exe||C:\Documents and Settings\Cliff Leduc\Desktop\ricoh tools\MailSupportTool_RICOH20080908\RsiUtil.dll||C:\DOCUME~1\CLIFFL~1\LOCALS~1\TEMPOR~1\Content.IE5\index.dat||C:\DOCUME~1\CLIFFL~1\Cookies\index.dat||C:\DOCUME~1\CLIFFL~1\LOCALS~1\History\History.IE5\index.dat||C:\DOCUME~1\CLIFFL~1\LOCALS~1\History\History.IE5\MSHIST~4\index.dat
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll
--------------------------------------------------
End of report, 5,296 bytes
Report generated in 0.125 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only