Here are the logs
Thank you for your fast help!
Dale
Malwarebytes' Anti-Malware 1.33
Database version: 1659
Windows 5.1.2600 Service Pack 3
1/16/2009 7:53:44 PM
mbam-log-2009-01-16 (19-53-44).txt
Scan type: Quick Scan
Objects scanned: 55670
Time elapsed: 3 minute(s), 39 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 5
Registry Keys Infected: 35
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 28
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINDOWS\system32\btskexqq.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\khfFYQhI.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\ljJaaYsq.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\cojbyyei.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\xxfkuv.dll (Trojan.Vundo.H) -> Delete on reboot.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25fbf99b-fe7f-4c11-bb9e-3f18a3088739} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25fbf99b-fe7f-4c11-bb9e-3f18a3088739} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3c5feee7-d3d4-4c5d-89ee-6006c867fe55} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{3c5feee7-d3d4-4c5d-89ee-6006c867fe55} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\khffyqhi (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3c5feee7-d3d4-4c5d-89ee-6006c867fe55} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25fbf99b-fe7f-4c11-bb9e-3f18a3088739} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cpbrkpie.coupon6ctrl.1 (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9522b3fb-7a2b-4646-8af6-36e7f593073c} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522b3fb-7a2b-4646-8af6-36e7f593073c} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a85a5e6a-de2c-4f4e-99dc-f469df5a0eec} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{87255c51-cd7d-4506-b9ad-97606daf53f3} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e780f0b-bcd6-40cb-b2db-7af47ab4d4a4} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a138be8b-f051-4802-9a3f-a750a6d862d4} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\khjcqgrx (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\khjcqgrx (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\khjcqgrx (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ovccfsuf (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ovccfsuf (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ovccfsuf (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\prunnet (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\seneka (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\seneka (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\seneka (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\3011f916 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prunnet (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prunnet (Trojan.Downloader) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\xxfkuv.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ljJaaYsq.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ljJaaYsq.dllbox (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\c:\windows\system32\ljjaaysq.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\qsYaaJjl.ini (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\qsYaaJjl.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\btskexqq.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\qqxekstb.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vfhudwra.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\arwduhfv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\khfFYQhI.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\cojbyyei.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\prunnet.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\CouponPrinter.ocx (Adware.Coupons) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cbXPjHAs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vsxurb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qfcjkipx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awtutstT.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\pubealxu.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Drivers\nbpadkvw.sys (Rootkit.Agent) -> Delete on reboot.
C:\Documents and Settings\Bridget\Local Settings\Temp\seneka297.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\senekavnobdcnk.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\senekadf.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\seneka.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\senekalog.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\seneka.sys (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\drivers\senekavetxqlkf.sys (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\mlJYpNeF.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
info.txt logfile of random's system information tool 1.05 2009-01-16 20:19:15
======Uninstall list======
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3ivx MPEG-4 5.0.3 (remove only)-->"C:\Program Files\3ivx\3ivx MPEG-4 5.0.3\uninstaller.exe"
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft PhotoImpression 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}\SETUP.EXE" -l0x9
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Browser Address Error Redirector-->MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}
Canon PIXMA iP5000-->C:\WINDOWS\system32\CNMCP6d.exe "-PRINTERNAMECanon PIXMA iP5000" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP5000 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP5000 Installer\Inst2\cnmi0409.dll"
Coupon Printer for Windows-->"C:\Program Files\Coupons\uninstall.exe" "/U:C:\Program Files\Coupons\Uninstall\uninstall.xml"
CutePDF Form Filler 3.5-->MsiExec.exe /I{7A98645C-F749-4A4A-9A3D-F3E725ECC6EA}
Dell Network Assistant-->MsiExec.exe /I{0240BDFB-2995-4A3F-8C96-18D41282B716}
Dell Support Center (Support Software)-->MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
Dell Touchpad-->C:\Program Files\DellTPad\Uninstap.exe ADDREMOVE
Dell Wireless WLAN Card-->"C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\Dell Wireless WLAN Card"
DrawPlus 3.0-->C:\WINDOWS\UNINST.EXE -f"C:\PROGRA~1\BRODER~1\DrawPlus\DeIsL1.isu"
EPSON Attach To Email-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\setup.exe" -l0x9 -UnInstall
EPSON Event Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48F22622-1CC2-4A83-9C1E-644DD96F832D}\Setup.exe" -l0x9 -u
EPSON File Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x9 UNINST
EPSON Perf 3490 3590 Guide-->C:\Program Files\epson\guide\perf_3490_3590_e\uninstall.exe
EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x9 -u
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
Fidelity Active Trader Pro®-->MsiExec.exe /X{2E3C75A5-34D1-4B34-B76F-07FD4560582A}
FlipShare-->MsiExec.exe /X{7732DA71-2FB6-5C99-D0D9-58A2DB360895}
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Documents and Settings\Pamela\Desktop\HijackThis.exe" /uninstall
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
IKEA Home Planner-->MsiExec.exe /I{A987FEC8-5616-49BD-BCA6-ACFFFE7403FE}
Intel® Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java(tm) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(tm) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(tm) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Web Publishing Wizard 1.52-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
muvee Plugin 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82CA0A0C-A3EC-4167-B694-909205B2EDEC}\setup.exe" -l0x9
OpenOffice.org 2.4-->MsiExec.exe /I{F87A8E11-02A4-4875-A3A5-5961081B0E4E}
Photo Organizer-->C:\WINDOWS\UNINST.EXE -f"C:\PROGRA~1\BRODER~1\PHOTOO~1.8\DeIsL1.isu"
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -l0x9 -cluninstall
Presto! BizCard 4.1 Eng-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\NewSoft\BizCard 4.1 Eng\Uninst.isu" -c"C:\WINDOWS\StiRegstEng.dll"
QuickSet-->C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe -runfromtemp -l0x0009 APPDRVNT4 -removeonly
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Roxio Activation Module-->MsiExec.exe /I{07159635-9DFE-4105-BFC0-2817DB540C68}
Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41C6-8752-958A45325C82}
Roxio Creator BDAV Plugin-->MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}
Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}
Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4C52-84D5-77E344289F87}
Roxio Creator DE-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ED8-B104-03393876DFDF}
Roxio Drag-to-Disc-->MsiExec.exe /I{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SearchAssist-->C:\DELL\SearchAssist\UninstSA.bat
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\INSTALL.LOG
Sonic CinePlayer Decoder Pack-->MsiExec.exe /I{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}
SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe"
The Print Shop 22-->MsiExec.exe /I{F06802C4-C45A-4B56-B05A-4C8F3E963431}
The Print Shop Photo Pro-->C:\WINDOWS\UNINST.EXE -f"C:\PROGRA~1\BRODER~1\THEPRI~2\DeIsL1.isu" -c"C:\PROGRA~1\BRODER~1\THEPRI~2\psfinst2.dll"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Mail-->MsiExec.exe /I{184E7118-0295-43C4-B72C-1D54AA75AAF7}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
======Security center information======
AV: AVG Anti-Virus Free
System event log
Computer Name: PAM
Event Code: 8033
Message: The browser has forced an election on network \Device\NetBT_Tcpip_{DB51D5DC-DDE0-4190-AAA4-3911103A02A9} because a master browser was stopped.
Record Number: 28221
Source Name: BROWSER
Time Written: 20081219150711.000000-360
Event Type: information
User:
Computer Name: PAM
Event Code: 7036
Message: The Windows Image Acquisition (WIA) service entered the running state.
Record Number: 28220
Source Name: Service Control Manager
Time Written: 20081219130543.000000-360
Event Type: information
User:
Computer Name: PAM
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 001FE13D15E7. The following
error occurred:
The operation was canceled by the user.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Record Number: 28219
Source Name: Dhcp
Time Written: 20081219130523.000000-360
Event Type: warning
User:
Computer Name: PAM
Event Code: 4201
Message: The system detected that network adapter Dell...WLAN Mini-Card - Packet Scheduler Miniport was connected to the network,
and has initiated normal operation over the network adapter.
Record Number: 28218
Source Name: Tcpip
Time Written: 20081219130522.000000-360
Event Type: information
User:
Computer Name: PAM
Event Code: 8033
Message: The browser has forced an election on network \Device\NetBT_Tcpip_{DB51D5DC-DDE0-4190-AAA4-3911103A02A9} because a master browser was stopped.
Record Number: 28217
Source Name: BROWSER
Time Written: 20081219130520.000000-360
Event Type: information
User:
Application event log
Computer Name: PAM
Event Code: 101
Message: wlmail (2808) The database engine stopped.
Record Number: 19631
Source Name: ESENT
Time Written: 20081215111420.000000-360
Event Type: information
User:
Computer Name: PAM
Event Code: 103
Message: wlmail (2808) WindowsLiveMail0: The database engine stopped the instance (0).
Record Number: 19630
Source Name: ESENT
Time Written: 20081215111420.000000-360
Event Type: information
User:
Computer Name: PAM
Event Code: 102
Message: wlmail (2808) WindowsLiveMail0: The database engine started a new instance (0).
Record Number: 19629
Source Name: ESENT
Time Written: 20081215110222.000000-360
Event Type: information
User:
Computer Name: PAM
Event Code: 100
Message: wlmail (2808) The database engine 5.01.2600.5512 started.
Record Number: 19628
Source Name: ESENT
Time Written: 20081215110222.000000-360
Event Type: information
User:
Computer Name: PAM
Event Code: 101
Message: wlmail (828) The database engine stopped.
Record Number: 19627
Source Name: ESENT
Time Written: 20081215105917.000000-360
Event Type: information
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
-----------------EOF-----------------
Logfile of random's system information tool 1.05 (written by random/random)
Run by Pamela at 2009-01-16 20:19:07
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 130 GB (87%) free of 149 GB
Total RAM: 2038 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:19:14 PM, on 1/16/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Network Assistant\ezi_hnm2.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Documents and Settings\Pamela\Desktop\RSIT.exe
C:\Documents and Settings\Pamela\Desktop\Pamela.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=3080531
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=3080531
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Dell Network Assistant.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll xxfkuv.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
--
End of file - 7621 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\cdkiibcj.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-06-06 2050816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-06-06 2050816]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2008-02-21 159744]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-02-28 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-02-28 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-28 137752]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY.exe [2007-12-11 2183168]
"Dell QuickSet"=C:\Program Files\Dell\QuickSet\quickset.exe [2008-02-22 1245184]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-02-21 16855552]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-02-21 69632]
"dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2008-03-11 16384]
"PDVDDXSrv"=C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2008-02-26 128296]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-06-06 1177368]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"EEventManager"=C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe [2005-04-08 102400]
"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
""= []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-09-11 218032]
"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Dell Network Assistant.lnk - C:\WINDOWS\Installer\{0240BDFB-2995-4A3F-8C96-18D41282B716}\Icon0240BDFB3.exe
C:\Documents and Settings\Pamela\Start Menu\Programs\Startup
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll xxfkuv.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-28 208896]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\ljJaaYsq
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX"
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"="C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Dell Network Assistant\ezi_hnm2.exe"="C:\Program Files\Dell Network Assistant\ezi_hnm2.exe:*:Enabled:Dell Network Assistant"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX"
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"="C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d50df291-d1c0-11dd-ae8b-001c235372e7}]
shell\AutoRun\command - E:\Setup_FlipShare.exe
shell\Setup FlipShare\command - E:\Setup_FlipShare.exe
======List of files/folders created in the last 1 months======
2009-01-16 19:55:38 ----D---- C:\rsit
2009-01-16 19:46:52 ----D---- C:\Documents and Settings\Pamela\Application Data\Malwarebytes
2009-01-16 19:46:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-16 19:46:46 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-16 18:56:59 ----A---- C:\WINDOWS\system32\MSSTDFMT.DLL
2009-01-16 18:56:58 ----D---- C:\Program Files\SpywareBlaster
2009-01-15 17:21:50 ----A---- C:\WINDOWS\system32\apakrh.dll
2009-01-15 17:21:48 ----A---- C:\WINDOWS\system32\dbienmku.dll
2009-01-14 17:07:03 ----SH---- C:\WINDOWS\system32\ewdtoaye.ini
2009-01-14 17:04:26 ----A---- C:\WINDOWS\system32\3b323d68-.txt
2008-12-26 11:58:55 ----D---- C:\Program Files\Pure Digital Technologies
2008-12-26 11:58:55 ----D---- C:\Documents and Settings\All Users\Application Data\Pure Digital Technologies
2008-12-26 11:51:52 ----D---- C:\Program Files\3ivx
2008-12-26 11:51:37 ----D---- C:\Program Files\muvee Technologies
2008-12-26 11:51:37 ----D---- C:\Program Files\Common Files\muvee Technologies
======List of files/folders modified in the last 1 months======
2009-01-16 20:19:13 ----D---- C:\WINDOWS\Temp
2009-01-16 20:14:03 ----D---- C:\WINDOWS\Prefetch
2009-01-16 20:12:47 ----D---- C:\WINDOWS\system32
2009-01-16 20:12:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-16 20:11:13 ----D---- C:\Program Files\Mozilla Firefox
2009-01-16 20:09:32 ----D---- C:\Documents and Settings\Pamela\Application Data\OpenOffice.org2
2009-01-16 20:09:17 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-01-16 20:09:02 ----D---- C:\WINDOWS
2009-01-16 20:07:52 ----D---- C:\WINDOWS\system32\drivers
2009-01-16 20:07:51 ----RD---- C:\Program Files
2009-01-16 20:07:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-16 19:35:11 ----RSD---- C:\WINDOWS\Fonts
2009-01-16 15:58:19 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-14 17:05:57 ----SD---- C:\WINDOWS\Tasks
2009-01-12 15:53:18 ----A---- C:\WINDOWS\win.ini
2009-01-01 11:22:08 ----D---- C:\Program Files\Outlook Express
2008-12-26 11:59:01 ----SHD---- C:\WINDOWS\Installer
2008-12-26 11:51:49 ----A---- C:\AUTOEXEC.BAT
2008-12-26 11:51:37 ----D---- C:\Program Files\Common Files
2008-12-26 11:51:36 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-26 11:51:32 ----D---- C:\WINDOWS\WinSxS
2008-12-26 11:13:43 ----HD---- C:\WINDOWS\inf
2008-12-18 23:27:57 ----RSHD---- C:\WINDOWS\system32\dllcache
2008-12-18 23:27:46 ----HD---- C:\WINDOWS\$hf_mig$
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-10-07 35840]
R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-06-06 96520]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-06-06 26184]
R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2007-07-23 30064]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-06-06 75272]
R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\Drivers\DLABMFSM.SYS [2007-07-23 37360]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\Drivers\DLABOIOM.SYS [2007-07-23 32848]
R2 DLADResM;DLADResM; C:\WINDOWS\System32\Drivers\DLADResM.SYS [2007-07-23 9104]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\Drivers\DLAIFS_M.SYS [2007-07-23 108752]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\Drivers\DLAOPIOM.SYS [2007-07-23 27216]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\Drivers\DLAPoolM.SYS [2007-07-23 16304]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\Drivers\DLAUDF_M.SYS [2007-07-23 98448]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\Drivers\DLAUDFAM.SYS [2007-07-23 93552]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2007-07-23 52000]
R2 Packet;Auto Internet Protocol; C:\WINDOWS\system32\DRIVERS\packet.sys [2006-12-18 12672]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2008-02-21 155136]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2007-12-11 1123328]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-28 5776928]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-02-21 4625408]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 O2MDRDR;O2MDRDR; C:\WINDOWS\system32\DRIVERS\o2media.sys [2008-02-21 48472]
R3 O2SDRDR;O2SDRDR; C:\WINDOWS\system32\DRIVERS\o2sd.sys [2008-02-21 43480]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-02-21 105856]
R3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-13 5504]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-06-06 902424]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-06-06 282904]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 FlipShare Service;FlipShare Service; C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe [2008-11-13 439616]
R2 hnmsvc;Advanced Networking Service; C:\Program Files\Dell Network Assistant\hnm_svc.exe [2007-05-25 112176]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-08-13 201968]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2007-12-11 24064]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-07-11 69632]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
-----------------EOF-----------------
