There was no Vundofix.txt. Here are the Panda Scan and Comboscan logs.
I have attached the earlier KAV log as it is very large.
Thanks
Incident Status Location
Adware:adware/ncase Not disinfected c:\windows\system32\saieau.dat
Adware:adware/tvmedia Not disinfected C:\Documents and Settings\Owner\Application Data\tvmcwrd.dll
Adware:adware/ieplugin Not disinfected c:\windows\kwv2.dat
Potentially unwanted tool:application/winfixer2005 Not disinfected c:\program files\common files\WinSoftware
Potentially unwanted tool:application/myway Not disinfected hkey_local_machine\software\MySearch
Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\system32\process.exe
ComboScan v20070212.14 run by Owner on 2007-02-22 at 06:30:52
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Successfully created restore point.
Performed disk cleanup.
-- HijackThis log (run as Owner.com) --------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 6:31:05 AM, on 2/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\WALGRE~1\WALGRE~1\data\Xtras\mssysmgr.exe
C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
J:\comboscan.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\~xnqjalv.tmp\Owner.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [KASP] "C:\Program Files\Kaspersky Lab\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\OESpamTest.exe"
O4 - HKLM\..\Run: [NI.UWFX5] "C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\E147QLU5\WinFixer2005ScannerInstall[1].exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [lzexpand] C:\WINDOWS\System32\lzexpand.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\WALGRE~1\WALGRE~1\data\Xtras\mssysmgr.exe
O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin\core.hp.main\SendTo.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: RaptisoftGameLoader -
http://www.miniclip.com/hamsterball/...gameloader.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall-beta.trendmicro.com...ll/xscan60.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) -
http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by114fd.bay114.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -
http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsu...?1123545483765
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsof...?1171739620734
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) -
http://www.kodakgallery.com/download...1/axofupld.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/Ms...Downloader.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
-- HijackThis Fixed Entries (C:\Program Files\backups\) -------------------------
backup-20070221-125622-587 O4 - HKLM\..\Run: [tcjyh] C:\WINDOWS\tcjyh.exe
backup-20070221-125622-617 O20 - Winlogon Notify: jkklk - C:\WINDOWS\system32\jkklk.dll (file missing)
backup-20070221-125622-619 O4 - HKLM\..\Run: [NI.UWFX5] "C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\E147QLU5\WinFixer2005ScannerInstall[1].exe"
backup-20070221-125622-683 O4 - HKLM\..\Run: [gfvfpc] C:\WINDOWS\System32\gfvfpc.exe
backup-20070221-125622-754 O16 - DPF: {ED2E4BB5-60EA-4624-9DE2-998E441C699B} (OpenSiteInstall.opensite_install) -
http://www.zuvio.com/OpenSiteInstall.CAB
backup-20070221-125622-766 O2 - BHO: SDWin32 Class - {5DC7D247-7BF8-4804-BDD9-EC3A103695B6} - (no file)
backup-20070221-125622-797 O4 - HKLM\..\Run: [psoj39W] sbeodemx.exe
backup-20070221-125622-886 O4 - HKCU\..\Run: [YB7tRVa4V] rshcntra.exe
backup-20070221-125622-982 O4 - HKLM\..\Run: [zhgwvpjasouz] C:\WINDOWS\System32\zbkyybvo.exe
backup-20070221-131821-426 O4 - HKLM\..\Run: [NI.UWFX5] "C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\E147QLU5\WinFixer2005ScannerInstall[1].exe"
-- File Associations ------------------------------------------------------------
.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ----------------------
3 Afc (PPdus ASPI Shell) - system32\drivers\Afc.sys
3 AgereSoftModem (Agere Systems Soft Modem) - System32\DRIVERS\AGRSM.sys
3 ALCXSENS (Service for WDM 3D Audio Driver) - system32\drivers\ALCXSENS.SYS
3 ALCXWDM (Service for Realtek AC97 Audio (WDM)) - system32\drivers\ALCXWDM.SYS
1 AVG Anti-Spyware Driver - \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
1 Avg7Core (AVG7 Kernel) - \SystemRoot\System32\Drivers\avg7core.sys
1 Avg7RsW (AVG7 Wrap Driver) - \SystemRoot\System32\Drivers\avg7rsw.sys
1 Avg7RsXP (AVG7 Rezident Driver) - \SystemRoot\System32\Drivers\avg7rsxp.sys
1 AvgAsCln (AVG Anti-Spyware Clean Driver) - System32\DRIVERS\AvgAsCln.sys
1 AvgClean (AVG7 Clean Driver) - \SystemRoot\System32\Drivers\avgclean.sys
3 AWINDIS5 (AWINDIS5 Protocol Driver) - \??\C:\WINDOWS\System32\AWINDIS5.SYS
3 CCDECODE (Closed Caption Decoder) - System32\DRIVERS\CCDECODE.sys
3 DNINDIS5 (DNINDIS5 NDIS Protocol Driver) - \??\C:\WINDOWS\System32\DNINDIS5.SYS
0 fasttx2k - System32\DRIVERS\fasttx2k.sys
3 GEARAspiWDM (GEAR CDRom Filter) - SYSTEM32\DRIVERS\GEARAspiWDM.sys
3 HidUsb (Microsoft HID Class Driver) - system32\DRIVERS\hidusb.sys
3 ialm - System32\DRIVERS\ialmnt5.sys
3 ids00026 - \??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys
3 ids0004C - \??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0004C.sys
3 ids0005c - \??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0005c.sys
3 ids00118 - \??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00118.sys
3 ids0014f - \??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0014f.sys
3 ids0015d - \??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0015d.sys
1 intelppm (Intel Processor Driver) - System32\DRIVERS\intelppm.sys
0 Klick - System32\drivers\klick.sys
1 Klif - System32\drivers\klif.sys
0 Klin - System32\drivers\klin.sys
1 Klmc - System32\drivers\klmc.sys
3 mouhid (Mouse HID Driver) - System32\DRIVERS\mouhid.sys
3 MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter) - system32\drivers\MSTEE.sys
3 NABTSFEC (NABTS/FEC VBI Codec) - system32\DRIVERS\NABTSFEC.sys
3 NdisIP (Microsoft TV/Video Connection) - system32\DRIVERS\NdisIP.sys
3 NETGEAR NETGEAR_MA101_USB_Adapter(R) (NETGEAR NETGEAR_MA101_USB_Adapter(R) Service for NETGEAR MA101 USB Adapter) - System32\DRIVERS\ma1012kr.sys
3 NETGEAR_WG311T_SERVICE (NETGEAR WG311T Wireless Adapter Service) - System32\DRIVERS\wg311tn5.sys
3 nv - System32\DRIVERS\nv4_mini.sys
4 PCIIde - \SystemRoot\System32\DRIVERS\pciide.sys
3 Ps2 - System32\DRIVERS\PS2.sys
3 QCDonner (Logitech QuickCam Express) - System32\DRIVERS\OVCD.sys
3 rtl8139 (Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver) - System32\DRIVERS\R8139n51.SYS
3 SiS315 - System32\DRIVERS\sisgrp.sys
0 SISAGP (SiS AGP Filter) - System32\DRIVERS\SISAGPX.sys
1 SiSkp - System32\DRIVERS\srvkp.sys
3 SLIP (BDA Slip De-Framer) - system32\DRIVERS\SLIP.sys
3 streamip (BDA IPSink) - system32\DRIVERS\StreamIP.sys
3 TSP - \??\C:\WINDOWS\system32\drivers\klif.sys
3 usbaudio (USB Audio Driver (WDM)) - system32\drivers\usbaudio.sys
3 usbccgp (Microsoft USB Generic Parent Driver) - System32\DRIVERS\usbccgp.sys
3 usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - System32\DRIVERS\usbehci.sys
3 usbohci (Microsoft USB Open Host Controller Miniport Driver) - System32\DRIVERS\usbohci.sys
3 usbprint (Microsoft USB PRINTER Class) - System32\DRIVERS\usbprint.sys
3 usbscan (USB Scanner Driver) - System32\DRIVERS\usbscan.sys
3 USBSTOR (USB Mass Storage Driver) - System32\DRIVERS\USBSTOR.SYS
0 viaagp1 (VIA AGP Filter) - System32\DRIVERS\viaagp1.sys
3 viagfx - System32\DRIVERS\vtmini.sys
4 ViaIde - \SystemRoot\System32\DRIVERS\viaide.sys
1 WS2IFSL (Windows Socket 2.0 Non-IFS Service Provider Support Environment) - \SystemRoot\System32\drivers\ws2ifsl.sys
3 WSTCODEC (World Standard Teletext Codec) - system32\DRIVERS\WSTCODEC.SYS
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
2 AVG Anti-Spyware Guard - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
2 Avg7Alrt (AVG7 Alert Manager Server) - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
2 Avg7UpdSvc (AVG7 Update Service) - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
3 Fax - %systemroot%\system32\fxssvc.exe
3 IDriverT (InstallDriver Table Manager) - "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
3 iPod Service - "C:\Program Files\iPod\bin\iPodService.exe"
2 MDM (Machine Debug Manager) - "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
3 ose (Office Source Engine) - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
2 UMWdf (Windows User Mode Driver Framework) - C:\WINDOWS\System32\wdfmgr.exe
-- Scheduled Tasks --------------------------------------------------------------
2007-01-31 22:39:05 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job<APPLES~1.JOB>
-- Files created between 2007-01-22 and 2007-02-22 ------------------------------
2007-02-21 15:05:38 0 d-------- C:\WINDOWS\LastGood
2007-02-21 12:56:22 0 d-------- C:\Program Files\backups
2007-02-21 12:35:39 0 d-------- C:\VundoFix Backups<VUNDOF~1>
2007-02-21 12:31:03 3968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys<Unsigned: GRISOFT, s.r.o.>
2007-02-21 07:38:04 0 d-------- C:\Program Files\Lavasoft
2007-02-19 15:46:39 40960 --a------ C:\WINDOWS\system32\swsc.exe<Unsigned: n/a>
2007-02-19 15:46:39 90112 --a------ C:\WINDOWS\system32\RegDACL.exe<Unsigned: Frank Heyne Software>
2007-02-19 15:46:39 4096 --a------ C:\WINDOWS\system32\reboot.exe<Unsigned: n/a>
2007-02-19 15:46:39 53248 --a------ C:\WINDOWS\system32\process.exe<Unsigned: http://www.beyondlogic.org>
2007-02-19 15:46:39 38400 --a------ C:\WINDOWS\system32\moveex.exe<Unsigned: n/a>
2007-02-19 15:46:39 8234 --a------ C:\clean.bat
2007-02-19 14:08:11 0 d-------- C:\WINDOWS\system32\Kaspersky Lab<KASPER~1>
2007-02-19 14:08:03 0 d-------- C:\Documents and Settings\Administrator.KIRSTEN\Application Data\AVG7
2007-02-19 14:07:15 0 d---s---- C:\Documents and Settings\Administrator.KIRSTEN\UserData
2007-02-19 09:33:26 3720 --a------ C:\WINDOWS\system32\tmp.reg
2007-02-17 17:39:40 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard<WISEIN~1>
2007-02-17 16:11:54 0 d-------- C:\Documents and Settings\Owner\Application Data\AVG7
2007-02-17 16:11:19 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2007-02-17 16:11:12 18432 --a------ C:\WINDOWS\system32\drivers\avgmfx86.sys<Unsigned: GRISOFT, s.r.o.>
2007-02-17 16:11:12 3968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys<Unsigned: GRISOFT, s.r.o.>
2007-02-17 16:11:11 27776 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys<Unsigned: GRISOFT, s.r.o.>
2007-02-17 16:11:11 4224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys<Unsigned: GRISOFT, s.r.o.>
2007-02-17 16:10:57 839936 --a------ C:\WINDOWS\system32\drivers\avg7core.sys<Unsigned: GRISOFT, s.r.o.>
2007-02-17 16:10:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-02-17 13:26:15 0 d-------- C:\WINDOWS\system32\ActiveScan<ACTIVE~1>
-- Find3M Report ----------------------------------------------------------------
2007-02-21 16:04:49 0 d-------- C:\Program Files\Windows NT<WINDOW~1>
2007-02-21 16:02:29 0 d-------- C:\Program Files\Succeed
2007-02-21 16:02:28 0 d-------- C:\Program Files\SpyFerret<SPYFER~1>
2007-02-21 16:02:27 0 d-------- C:\Program Files\Roll1
2007-02-21 16:02:24 0 d-------- C:\Program Files\RitzPix E-Z Print & Share<RITZPI~1>
2007-02-21 16:01:34 0 d-------- C:\Program Files\QuickTime<QUICKT~1>
2007-02-21 16:00:27 0 d-------- C:\Program Files\Quicken
2007-02-21 16:00:26 0 d-------- C:\Program Files\PC-Doctor for Windows<PC-DOC~1>
2007-02-21 15:58:34 0 d-------- C:\Program Files\Online Services<ONLINE~1>
2007-02-21 15:58:09 0 d-------- C:\Program Files\MSN Encarta Plus<MSNENC~1>
2007-02-21 15:58:04 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-02-21 15:58:00 0 d-------- C:\Program Files\Microsoft Works<MICROS~3>
2007-02-21 15:57:59 0 d-------- C:\Program Files\Microsoft Plus! Digital Media Edition<MICROS~2>
2007-02-21 15:52:30 0 d-------- C:\Program Files\Microsoft ActiveSync<MICROS~4>
2007-02-21 15:52:29 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-02-21 15:52:29 0 d-------- C:\Program Files\LimeWire
2007-02-21 15:52:19 0 d-------- C:\Program Files\iTunes
2007-02-21 15:51:47 0 d-------- C:\Program Files\IntelliMover Data Transfer Demo<INTELL~1>
2007-02-21 15:51:14 0 d-------- C:\Program Files\hp deskjet 3320 series<HPDESK~1>
2007-02-21 15:48:52 0 d-------- C:\Program Files\Google
2007-02-21 15:48:51 0 d-------- C:\Program Files\EazyPaper<EAZYPA~1>
2007-02-21 15:48:51 0 d-------- C:\Program Files\Easy Internet signup<EASYIN~1>
2007-02-21 15:48:48 0 d-------- C:\Program Files\Compaq Instant Support<COMPAQ~2>
2007-02-21 15:47:03 0 d-------- C:\Program Files\Common Files\AOL
2007-02-21 15:45:39 0 d-------- C:\Program Files\Apple Software Update<APPLES~1>
2007-02-21 15:45:35 0 d-------- C:\Program Files\AOD
2007-02-21 15:45:34 0 d-------- C:\Program Files\AIM6
2007-02-21 15:44:13 0 d-------- C:\Program Files\AIM
2007-02-21 15:17:44 0 d-------- C:\Documents and Settings\Owner\Application Data\SpamTest
2007-02-21 15:17:43 0 d-------- C:\Documents and Settings\Owner\Application Data\SpamBlockerUtility_Icons<SPAMBL~3>
2007-02-21 15:17:26 0 d-------- C:\Documents and Settings\Owner\Application Data\ourTunes
2007-02-21 15:17:26 0 d-------- C:\Documents and Settings\Owner\Application Data\MSNInstaller<MSNINS~1>
2007-02-21 15:14:57 0 d-------- C:\Documents and Settings\Owner\Application Data\AdobeUM
2007-02-21 15:14:57 0 d-------- C:\Documents and Settings\Owner\Application Data\AdobeAUM
2007-02-21 14:57:16 0 d-------- C:\Program Files\Common Files\WinSoftware<WINSOF~1>
2007-02-21 12:30:55 0 d-------- C:\Program Files\Grisoft
2007-02-21 07:56:30 7680 --a------ C:\WINDOWS\system32\drivers\RKL6.tmp.sys<RKL6TM~1.SYS><Unsigned: Lavasoft AB>
2007-02-21 07:38:23 0 d-------- C:\Documents and Settings\Owner\Application Data\Lavasoft
2007-02-20 11:03:59 7510 --a------ C:\Program Files\reboothijackthis.log<REBOOT~1.LOG>
2007-02-20 11:01:26 7510 --a------ C:\Program Files\hijackthis.log<HIJACK~1.LOG>
2007-02-19 13:53:33 218112 --a------ C:\Program Files\foofoo.exe
2007-02-19 13:45:13 0 d-------- C:\Program Files\NETGEAR
2007-02-19 13:45:13 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-01-14 16:49:01 0 d-------- C:\Program Files\iPod
2007-01-13 17:55:33 0 d-------- C:\Documents and Settings\Owner\Application Data\Viewpoint<VIEWPO~1>
2007-01-02 16:19:33 0 d-------- C:\Program Files\CASIO
2007-01-02 16:17:19 0 d-------- C:\Documents and Settings\Owner\Application Data\Macromedia<MACROM~1>
2007-01-02 16:14:49 0 d-------- C:\Program Files\AOL
2007-01-02 16:14:32 0 d-------- C:\Program Files\Common Files\Adobe
2007-01-02 16:05:13 0 d-------- C:\Documents and Settings\Owner\Application Data\acccore
2007-01-02 16:01:30 0 d-------- C:\Program Files\Common Files\Nullsoft
2006-12-25 18:08:08 0 d-------- C:\Program Files\KODAK
2006-12-25 18:04:01 0 d-------- C:\Documents and Settings\Owner\Application Data\ArcSoft
-- Registry Dump ----------------------------------------------------------------
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"lzexpand"="C:\\WINDOWS\\System32\\lzexpand.exe"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
"PhotoShow Deluxe Media Manager"="C:\\PROGRA~1\\WALGRE~1\\WALGRE~1\\data\\Xtras\\mssysmgr.exe"
"Aim6"=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"hpsysdrv"="c:\\windows\\system\\hpsysdrv.exe"
"HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
"KBD"="C:\\HP\\KBD\\KBD.EXE"
"Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE"
"VTTimer"="VTTimer.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"PS2"="C:\\WINDOWS\\system32\\ps2.exe"
"AlcxMonitor"="ALCXMNTR.EXE"
"HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb07.exe"
"KASP"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Security Suite\\Kaspersky Anti-Spam Personal\\OESpamTest.exe\""
"NI.UWFX5"="\"C:\\Documents and Settings\\Owner\\Local Settings\\Temporary Internet Files\\Content.IE5\\E147QLU5\\WinFixer2005ScannerInstall[1].exe\""
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AOLHostManager"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\AOL\\1125787346\\ee\\AOLHostManager.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MsnMsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D]
Shell\AutoRun\command D:\Info.exe folder.htt 480 480
-- End of ComboScan: finished at 2007-02-22 at 06:32:08 -------------------------
ComboScan v20070212.14 run by Owner on 2007-02-22 at 06:30:52
Supplementary logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information -----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel(R) Celeron(R) CPU 2.53GHz
Percentage of Memory in Use: 69%
Physical Memory (total/avail): 247.48 MiB / 75.11 MiB
Pagefile Memory (total/avail): 606.19 MiB / 338.84 MiB
Virtual Memory (total/avail): 2047.88 MiB / 2003.5 MiB
C: is Fixed (NTFS) - 33.18 GiB total, 19.8 GiB free.
D: is Fixed (FAT32) - 4.07 GiB total, 0.83 GiB free.
E: is CDROM (No Media)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (FAT)
-- Security Center --------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
AntivirusOverride is set.
AV: AVG 7.5.441 v7.5.441 (GRISOFT)
Disabled
-- Environment Variables --------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLASSPATH=.;C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=KIRSTEN
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\KIRSTEN
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program Files\PC-Doctor for Windows\services;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 3, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0303
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
USERDOMAIN=KIRSTEN
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINDOWS
-- User Profiles ----------------------------------------------------------------
Owner
(admin)
Administrator.KIRSTEN
(admin)
-- Add/Remove Programs ----------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39DA87A1-0B26-4562-A70C-2A6147366E47}\Setup.exe"
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F765BD0-B900-4EDE-A90B-61C8A9E95C42}\Setup.exe"
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD59025-5B73-4E12-B789-0028C5A573C2}\Setup.exe"
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware SE Personal --> MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}
Adobe Reader 6.0.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
Adobe® Photoshop® Album Starter Edition 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
Agere Systems PCI Soft Modem --> agrsmdel
AIM 6.0 --> C:\Program Files\AIM6\uninst.exe
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
Apple Software Update --> MsiExec.exe /I{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
CleanUp! --> C:\Program Files\CleanUp!\uninstall.exe
Compaq Connections --> C:\WINDOWS\BWUnin-6.2.3.66L.exe -AppId 1940576
Compaq Instant Support --> C:\PROGRA~1\COMPAQ~2\UNWISE.EXE C:\PROGRA~1\COMPAQ~2\INSTALL.LOG
Compaq Organize --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0122362-6333-4DE4-93F6-A5A2F3CC101A}\Setup.exe" UNINSTALL
HijackThis 1.99.1 --> C:\DOCUME~1\Owner\LOCALS~1\Temp\~ghxqkvc.tmp\HijackThis.exe /uninstall
hp deskjet 3320 series (Remove only) --> C:\Program Files\hp deskjet 3320 series\hpfiui.exe -c -vdivid=HPF -vpnum=95 -vinstport=USB001 -vproduct=3320 -huninstall
Intel(R) Extreme Graphics Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
IntelliMover Data Transfer Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14589F05-C658-4594-9429-D437BA688686}\Setup.exe" -l0x9
iPod for Windows 2006-01-10 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3D047C15-C859-45F7-81CE-F2681778069B} /l1033
iPod mini 1.0 for Windows User Guide --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{25F3BD52-7D3E-4265-A36C-70F09854D720} /l1033
iPod mini Software Updater 1.0 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{1596D886-C831-4192-AFC6-8A8027CC895F} /l1033
iTunes --> MsiExec.exe /I{446DBFFA-4088-48E3-8932-74316BA4CAE4}
Kaplan's Succeed in School --> C:\PROGRA~1\Succeed\UNINST.EXE C:\PROGRA~1\Succeed\Install.log "Uninstall Succeed in School"
Kaspersky Online Scanner --> C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
KBD --> C:\HP\KBD\KBD.EXE uninstalled
Lavasoft VX2 Cleaner --> C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\INSTALL.LOG
Macromedia Flash Player 8 --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\swflash.inf,DefaultUninstall,5
Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Ofoto Easy Upload ActiveX Control --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\Downloaded Program Files\axofupld.inf, Uninstall
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
PC-Doctor for Windows --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F7CCFA3-D926-4882-B2A5-A0217ED25597}\Setup.exe"
QuickTime --> MsiExec.exe /I{50D8FFDD-90CD-4859-841F-AA1961C7767A}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RTC Client API v1.2 --> MsiExec.exe /X{44CDBD1B-89FB-4E02-8319-2A4C550F664A}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Walgreens PhotoShow Express --> "C:\Program Files\Walgreens\Walgreens PhotoShow\data\Xtras\Uninstall.exe"
-- End of ComboScan: finished at 2007-02-22 at 06:32:08 -------------------------