FreeFixer v0.58 log
http://www.freefixer.com/
Operating system: Windows XP Service Pack 3
Log dated 2010-09-24 17:48
Suspicious file names
C:\WINDOWS\system32\hh.exe
Browser Helper Objects (3 whitelisted)
{9A23B8A4-C6C9-4A68-8FA6-5F905DC8FF80}, PopKiller Class, C:\Program Files\SysShield Tools\Internet Eraser\pkext.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7}, Google Toolbar Helper, C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}, Google Toolbar Notifier BHO, C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
{D2C5E510-BE6D-42CC-9F61-E4F939078474}, Lexmark Printable Web, C:\Program Files\Lexmark Printable Web\bho.dll
Internet Explorer toolbars (3 whitelisted)
HKLM..\Toolbar{EE9DD090-902D-4623-9360-FB7D8666202B} - AbsoluteShield - C:\Program Files\SysShield Tools\Internet Eraser\AbsoluteBar.dll
HKLM..\Toolbar{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
HKCU..\Toolbar\ShellBrowser{C4069E3A-68F1-403E-B40E-20066696354B} - - (no file specified)
HKCU..\Toolbar\WebBrowser{043C5167-00BB-4324-AF7E-62013FAEDACF} - - (no file specified)
Basic Internet Explorer settings
HKCU..\Main, Start Page = http://www.yahoo.com/
HKCU..\Desktop\General, Wallpaper = C:\Documents and Settings\Big Daddy D\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
Registry Startups (21 whitelisted)
HKLM..\Run, hpWirelessAssistant = C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
HKLM..\Run, QPService = “C:\Program Files\HP\QuickPlay\QPService.exe”
HKLM..\Run, HP Software Update = C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
HKLM..\Run, QlbCtrl = C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
HKLM..\Run, RecGuard = C:\Windows\SMINST\RecGuard.exe
HKLM..\Run, Reminder = C:\Windows\CREATOR\Remind_XP.exe
HKLM..\Run, BlackBerryAutoUpdate = C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
HKLM..\Run, Google Quick Search Box = “C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe” /autorun
HKLM..\Run, Monitor = “C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe”
HKLM..\Run, FPCCSMiddleware = C:\Program Files\Fisher-Price\Computer Cool School\FPCCSMiddleware.exe
HKLM..\Run, PAC7302_Monitor = C:\WINDOWS\PixArt\PAC7302\Monitor.exe
HKLM..\Run, QuickTime Task = “C:\Program Files\QuickTime\qttask.exe” -atboottime
HKCU..\Run, swg = “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
HKCU..\Run, Google Update = “C:\Documents and Settings\Big Daddy D\Local Settings\Application Data\Google\Update\GoogleUpdate.exe” /c
Autostart shortcuts
AbsoluteShield Internet Eraser.lnk, , C:\Program Files\SysShield Tools\Internet Eraser\cseraser.exe
HOSTS file
ÿþ127.0.0.1 localhost
Processes (41 whitelisted)
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\Fisher-Price\Computer Cool School\FPCCSMiddleware.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SysShield Tools\Internet Eraser\cseraser.exe
C:\Documents and Settings\Big Daddy D\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Big Daddy D\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\FreeFixer\freefixer.exe
Services (45 whitelisted)
gupdate, Google Update Service (gupdate), c:\program files\google\update\googleupdate.exe
hpqwmiex, hpqwmiex, c:\program files\hewlett-packard\shared\hpqwmiex.exe
IS360service, IS360service, c:\program files\iobit\iobit security 360\is360srv.exe
LeapFrog Connect Device Service, LeapFrog Connect Device Service, c:\program files\leapfrog\leapfrog connect\commandservice.exe
LightScribeService, LightScribeService Direct Disc Labeling Service, c:\program files\common files\lightscribe\lssrvc.exe
RoxLiveShare9, LiveShare P2P Server 9, c:\program files\common files\roxio shared\9.0\sharedcom\roxliveshare9.exe (file is missing)
Svchost.exe Modules (231 whitelisted)
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll
Explorer.exe Modules (144 whitelisted)
C:\Program Files\ArcSoft\Software Suite\PhotoImpression 5\share\pihook.dll
C:\Program Files\IObit\IObit Security 360\IS360Ext.dll
Windows XP Firewall authorized apps (14 whitelisted)
C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe
C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe
C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe
C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe
C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\Program Files\SopCast\adv\SopAdver.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
Recently created/modified files (20 whitelisted)
6 minutes, c:\Program Files\FreeFixer\Uninstall.exe
6 minutes, c:\Documents and Settings\Big Daddy D\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00002a
6 minutes, c:\Documents and Settings\Big Daddy D\My Documents\Downloads\freefixersetup.exe
1 hour, c:\Documents and Settings\Big Daddy D\Local Settings\Temp~nsu.tmp\Au_.exe
2 hours, c:\Program Files\Alwil Software\Avast5\defs\10092401\algo.dll
2 hours, c:\Documents and Settings\Big Daddy D\My Documents\Downloads\ccsetup235.exe
3 hours, c:\System Volume Information_restore{02AB5DEF-1097-4711-A644-97E93C8F5D09}\RP84\A0010853.scr
3 hours, c:\System Volume Information_restore{02AB5DEF-1097-4711-A644-97E93C8F5D09}\RP84\A0010830.dll
3 hours, c:\System Volume Information_restore{02AB5DEF-1097-4711-A644-97E93C8F5D09}\RP84\A0010831.exe
3 hours, c:\System Volume Information_restore{02AB5DEF-1097-4711-A644-97E93C8F5D09}\RP84\A0010857.exe
The following errors occurred during the scan:
Problems opening folder ‘c:\ea24008552d46abe14b535\update’ to enumerate files. FindFirstFile failed. System error message: Access is denied. Error code: 5.
End of FreeFixer log