RSIT Log.txt
***************************************************
Logfile of random's system information tool 1.06 (written by random/random)
Run by ibm at 2009-11-02 00:07:38
Microsoft Windows XP Professional Service Pack 3
System drive C: has 28 GB (37%) free of 76 GB
Total RAM: 998 MB (11% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:07:48 AM, on 11/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Drivers\trcboot.exe
C:\Program Files\IBM\Personal Communications\PCS_AGNT.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IBM\Mobility Client\artdhcp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\IBM\tivoli\dcd\client\ISSI\cds\CDSWinSrv.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\C4ebreg\c4ebreg.exe
c:\sdwork\issimsvc.exe
C:\notes\ntmulti.exe
C:\Program Files\AT&T Network Client\NetCfgSv.EXE
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\WINDOWS\System32\TPHDEXLG.exe
C:\Program Files\IBM\tivoli\dcd\client\ISSI\_jvm\jre\bin\java.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\system32\Drivers\ldlcserv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IBM\Personal Communications\tpam.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\TpShocks.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Java\jre1.5.0_13\bin\jusched.exe
C:\Program Files\C4ebreg\isamtray.exe
C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.common_1.3.14\pmonmh.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
C:\Program Files\Cisco Systems\VPN Client\ipseclog.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\IrfanView\i_view32.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Administrator\Desktop\Virus Removal\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\ibm.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://w3-01.ibm.com/tools/wam/assetcenter
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.186.3.249:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_13\bin\ssv.dll
O4 - HKLM\..\Run: [stgclean] c:\sdwork\w32main2.exe /cleanup
O4 - HKLM\..\Run: [Tpam.exe] "C:\Program Files\IBM\Personal Communications\tpam.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_13\bin\jusched.exe"
O4 - HKLM\..\Run: [C4EBReg] "C:\Program Files\C4ebreg\c4ebreg.exe" /q
O4 - HKLM\..\Run: [Isamtray] "C:\Program Files\C4ebreg\isamtray.exe"
O4 - HKLM\..\Run: [pmonmh] C:\Program Files\IBM\My Help\workspace\..\plugins\com.ibm.myhelp.common_1.3.14/pmonmh.exe
O4 - HKLM\..\Run: [ISSI Service] "c:\sdwork\issimsvc.exe"
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [NetSP - restore settings on power failure] "C:\Program Files\AT&T Network Client\NetSP.exe" -show
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Lotus QuickStart.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_13\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_13\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O14 - IERESET.INF: START_PAGE_URL=http://w3.ibm.com
O16 - DPF: {00191E43-49C2-48E2-A548-8F702D75622A} -
https://conference.oracle.com/imtapp/res/jar/cnsload.cab
O16 - DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} (F-Secure Online Scanner Launcher) -
http://download.sp.f-secure.com/ols/f-secu.../fslauncher.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) -
https://mail.alticor.com/iNotes6W.cab
O16 - DPF: {5F30F398-64B6-4D5B-AF59-164FB61F56A6} (One Force Compplanner) -
https://comp.ap.workscape.com/oneforce/comp...nner/master.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/...b?1251729873062
O16 - DPF: {9519B2A2-6592-4E41-8290-D0298459270C} (LNWebAssist Class) -
http://w3.ibm.com/bluepages/scripts/lnwebassist.cab
O16 - DPF: {B2FC031D-8C74-46AE-8042-BCF4FC03C1EF} (Loader Class v4) -
http://usnxv07:9080/qcbin/Spider91.cab
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) -
http://support.f-secure.com/enu/home/onlin.../fshc/fscax.cab
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (Java2 Runtime Environment 1.5.0) - http://
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{95FC66D0-774B-45BA-A343-2AA2B9692882}: Domain = in.ibm.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = na.intranet.msd
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = na.intranet.msd
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = na.intranet.msd
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AppnNode - IBM Corporation - C:\WINDOWS\system32\Drivers\appnnode.exe
O23 - Service: IBM Mobility Client DHCP Control (artdhcp) - Unknown owner - C:\Program Files\IBM\Mobility Client\artdhcp.exe
O23 - Service: Mobility Client (ArtourService) - Unknown owner - C:\Program Files\IBM\Mobility Client\artsvc.exe
O23 - Service: IBM Mobility Client Start Utility (artstartsvc) - Unknown owner - C:\Program Files\IBM\Mobility Client\artstartsvc.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: IBM DCD Standard Client (DCDClient-ISSI) (DCDClient-ISSI) - Unknown owner - C:\Program Files\IBM\tivoli\dcd\client\ISSI\cds\CDSWinSrv.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IBM Standard Asset Manager Service (ISAMSvc) - IBM Corp. - C:\Program Files\C4ebreg\c4ebreg.exe
O23 - Service: ISSI (ISSIMon) - IBM Corp. - c:\sdwork\issimsvc.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
O23 - Service: IBM Enterprise Extender (ldlcserv) - IBM Corporation - C:\WINDOWS\system32\Drivers\ldlcserv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\notes\ntmulti.exe
O23 - Service: My Help (MyHelp) - Unknown owner - C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\MyHelpService.exe (file missing)
O23 - Service: Network Configuration Service (NetCfgSvr) - AT&T - C:\Program Files\AT&T Network Client\NetCfgSv.EXE
O23 - Service: OracleDevSuiteHomeClientCache - Unknown owner - C:\DevSuiteHome\BIN\ONRSD.EXE
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: IBM Trace Facility (TrcBoot) - IBM Corporation - C:\WINDOWS\system32\Drivers\trcboot.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/msohtml1/01/clip_image002.gif
--
End of file - 15160 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\WGASetup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_13\bin\ssv.dll [2007-09-26 439792]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"stgclean"=c:\sdwork\w32main2.exe [2009-07-07 298496]
"Tpam.exe"=C:\Program Files\IBM\Personal Communications\tpam.exe [2005-09-06 28672]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-07-20 52896]
"vptray"=C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe [2006-09-28 125168]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-01 131072]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-01 155648]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-01 131072]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-12-01 1015808]
"TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2007-03-30 181808]
"PWRMGRTR"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-17 815104]
"TPFNF7"=C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe [2007-12-01 58416]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2007-12-01 66176]
"TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe [2007-01-09 868352]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_13\bin\jusched.exe [2007-09-26 75256]
"C4EBReg"=C:\Program Files\C4ebreg\c4ebreg.exe [2009-06-11 433392]
"Isamtray"=C:\Program Files\C4ebreg\isamtray.exe [2009-06-11 281840]
"pmonmh"=C:\Program Files\IBM\My Help\workspace\..\plugins\com.ibm.myhelp.common_1.3.14/pmonmh.exe [2008-04-08 184371]
"ISSI Service"=c:\sdwork\issimsvc.exe [2009-06-01 242928]
"ACWLIcon"=C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [2007-05-17 126976]
"ACTray"=C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [2007-05-17 413696]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"googletalk"=C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-02 3739648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-12 39792]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NetSP - restore settings on power failure"=C:\Program Files\AT&T Network Client\NetSP.exe [2007-01-13 24576]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Lotus QuickStart.lnk - C:\lotus\wordpro\ltsstart.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ACNotify]
C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll [2007-05-17 32768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\atmgrtok]
C:\Program Files\IBM\Personal Communications\atmgrtok.dll [2005-09-06 53248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-12-01 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2006-09-28 43760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pcsinst]
C:\WINDOWS\system32\pcsinst.dll [2005-09-07 49152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpfnf2]
C:\Program Files\Lenovo\HOTKEY\notifyf2.dll [2007-12-01 34344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey]
C:\Program Files\Lenovo\HOTKEY\tphklock.dll [2007-12-01 28672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ACGina
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDevMgrUpdate"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8ea01daa-bc9e-11de-90b3-001cbf2cd61a}]
shell\AutoRun\command - E:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6418c62-b9b6-11de-90a9-001cbf2cd61a}]
shell\AutoRun\command - E:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7fb7934-bf0e-11de-90b6-001cbf2cd61a}]
shell\AutoRun\command - E:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7fb7935-bf0e-11de-90b6-001cbf2cd61a}]
shell\AutoRun\command - E:\AutoRun.exe
======File associations======
.bat - edit - %SystemRoot%\System32\NOTEPAD.EXE %1"
.ini - open - %SystemRoot%\System32\NOTEPAD.EXE %1"
.scr - config -
======List of files/folders created in the last 3 months======
2009-11-02 00:07:38 ----D---- C:\rsit
2009-11-01 18:41:05 ----D---- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2009-11-01 18:40:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-01 18:40:55 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-24 01:46:12 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - Modem #3.txt
2009-10-23 12:27:54 ----D---- C:\Documents and Settings\Administrator\Application Data\Zoomin
2009-10-23 12:27:37 ----D---- C:\Program Files\ZoomIn Uploader
2009-10-20 21:50:08 ----D---- C:\Documents and Settings\Administrator\Application Data\vlc
2009-10-20 21:48:15 ----D---- C:\Program Files\VideoLAN
2009-10-19 19:49:50 ----SHD---- C:\RECYCLER
2009-10-19 16:34:53 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - Modem #2.txt
2009-10-18 23:32:21 ----D---- C:\WINDOWS\00CD55D6EE5A457098758A306628C032.TMP
2009-10-16 17:39:16 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-16 17:36:33 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-16 17:36:10 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-16 17:35:53 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-16 17:35:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-16 17:31:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-16 17:29:26 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-16 17:28:56 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-16 17:28:29 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-16 04:45:31 ----D---- C:\Program Files\Trend Micro
2009-10-16 04:44:40 ----D---- C:\HJT
2009-10-16 03:57:48 ----A---- C:\ComboFix.txt
2009-10-15 23:52:43 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - Modem.txt
2009-10-15 22:45:36 ----D---- C:\Program Files\Huawei Access Manager
2009-10-08 01:22:48 ----A---- C:\WINDOWS\WORDPAD.INI
2009-09-15 20:17:23 ----D---- C:\Documents and Settings\Administrator\Application Data\Cogniview
2009-09-15 20:14:01 ----D---- C:\Documents and Settings\All Users\Application Data\Cogniview
2009-09-15 20:13:27 ----D---- C:\Program Files\CogniView
2009-09-10 07:38:58 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-10 07:38:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-09-10 07:37:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-09-07 16:36:17 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-09-07 15:52:36 ----A---- C:\WINDOWS\system32\artutils.dll
2009-09-07 15:52:36 ----A---- C:\WINDOWS\system32\artapij.dll
2009-09-07 15:52:36 ----A---- C:\WINDOWS\system32\artapi.dll
2009-09-06 02:51:03 ----D---- C:\4b7f60ca570dab19858565f6
2009-09-06 02:50:41 ----D---- C:\0ff12f432a77fd45605cc69701f10d86
2009-09-06 01:09:53 ----D---- C:\feacdd91744c12a7be332994b8b6fa
2009-09-06 00:56:14 ----D---- C:\789d85cc91ce39a35b
2009-09-06 00:56:08 ----D---- C:\3a770f3db31281cd2611a6
2009-09-03 04:16:55 ----D---- C:\WINDOWS\system32\KB905474
2009-09-03 04:16:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-09-03 04:14:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-09-03 04:14:43 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-09-02 04:21:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-09-02 04:21:36 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-09-02 04:21:30 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-09-02 04:21:25 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-09-02 04:21:19 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-09-02 04:21:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-09-02 04:21:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-09-02 04:21:02 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-09-02 04:20:57 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-09-02 04:20:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-09-02 04:20:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-09-02 04:20:06 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-09-02 04:20:02 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-09-02 04:19:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-09-02 04:19:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-09-02 04:19:44 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-09-02 04:19:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-09-02 04:19:33 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-09-02 04:19:27 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-09-02 04:19:17 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-09-02 04:18:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-09-02 04:18:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-09-02 04:18:22 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-09-02 04:18:05 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-09-02 04:17:45 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-09-02 04:17:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-09-02 04:17:15 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-09-02 04:17:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-09-02 04:16:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-09-02 04:16:02 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-09-02 04:15:49 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-09-02 04:15:31 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-09-01 20:39:35 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2009-09-01 20:00:13 ----D---- C:\WINDOWS\ie7updates
2009-09-01 19:58:45 ----D---- C:\WINDOWS\WBEM
2009-09-01 19:57:28 ----HDC---- C:\WINDOWS\ie7
2009-09-01 19:57:02 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-09-01 19:51:40 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-09-01 19:18:44 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-09-01 19:17:28 ----D---- C:\WINDOWS\Prefetch
2009-09-01 18:28:06 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-09-01 18:26:48 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2009-09-01 18:25:30 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-09-01 18:24:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-09-01 18:23:02 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-09-01 18:21:41 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-09-01 18:20:24 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-09-01 18:18:59 ----HDC---- C:\WINDOWS\$NtUninstallKB950582$
2009-09-01 18:17:46 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-09-01 18:10:13 ----D---- C:\WINDOWS\system32\scripting
2009-09-01 18:10:12 ----D---- C:\WINDOWS\system32\en
2009-09-01 18:10:12 ----D---- C:\WINDOWS\l2schemas
2009-09-01 18:10:11 ----D---- C:\WINDOWS\system32\bits
2009-09-01 18:06:51 ----D---- C:\WINDOWS\ServicePackFiles
2009-09-01 18:02:53 ----D---- C:\WINDOWS\network diagnostic
2009-09-01 17:56:40 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-08-31 20:15:23 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-08-24 20:16:36 ----D---- C:\Documents and Settings\Administrator\Application Data\IrfanView
2009-08-12 15:39:24 ----A---- C:\12_AUG.txt
2009-08-09 03:30:40 ----D---- C:\How to troubleshoot TCP-IP connectivity with Windows XP_files
2009-08-06 09:13:27 ----D---- C:\Documents and Settings\All Users\Application Data\F-Secure
2009-08-05 14:55:02 ----A---- C:\Network.txt
2009-08-03 14:57:52 ----D---- C:\Program Files\Common Files\Deterministic Networks
2009-08-03 13:58:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-08-03 13:57:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961371_0$
======List of files/folders modified in the last 3 months======
2009-11-01 23:05:22 ----D---- C:\WINDOWS\Temp
2009-11-01 20:46:23 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-01 18:56:57 ----D---- C:\sdwork
2009-11-01 18:55:45 ----D---- C:\Program Files\C4ebreg
2009-11-01 18:55:31 ----A---- C:\TPHKLOCK.TXT
2009-11-01 18:54:30 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-01 18:40:57 ----D---- C:\WINDOWS\system32\drivers
2009-11-01 18:40:55 ----D---- C:\Program Files
2009-10-31 16:36:39 ----SHD---- C:\WINDOWS\CSC
2009-10-31 16:36:37 ----D---- C:\WINDOWS\Minidump
2009-10-31 16:36:37 ----D---- C:\WINDOWS
2009-10-31 09:29:33 ----D---- C:\notes
2009-10-30 15:05:36 ----D---- C:\Program Files\WST
2009-10-30 15:01:47 ----D---- C:\swd
2009-10-30 00:20:46 ----D---- C:\Kaushik
2009-10-26 10:02:02 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-10-24 01:51:46 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-10-23 12:10:18 ----SHD---- C:\WINDOWS\Installer
2009-10-22 18:12:49 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-10-22 18:11:50 ----D---- C:\WINDOWS\system32
2009-10-21 09:19:39 ----HD---- C:\WINDOWS\inf
2009-10-21 09:19:39 ----D---- C:\WINDOWS\Help
2009-10-20 21:19:40 ----D---- C:\Documents and Settings\Administrator\Application Data\Apple Computer
2009-10-19 16:29:43 ----D---- C:\WINDOWS\system32\NtmsData
2009-10-19 15:56:28 ----RASH---- C:\boot.ini
2009-10-19 15:56:28 ----A---- C:\WINDOWS\win.ini
2009-10-19 15:56:28 ----A---- C:\WINDOWS\system.ini
2009-10-18 11:53:54 ----D---- C:\Program Files\Internet Explorer
2009-10-16 20:23:21 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-16 20:15:39 ----RSD---- C:\WINDOWS\assembly
2009-10-16 17:49:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-16 17:49:06 ----D---- C:\WINDOWS\WinSxS
2009-10-16 17:36:44 ----A---- C:\WINDOWS\imsins.BAK
2009-10-16 17:33:46 ----D---- C:\WINDOWS\system32\en-us
2009-10-16 17:29:10 ----HD---- C:\WINDOWS\$hf_mig$
2009-10-16 03:58:06 ----D---- C:\Qoobox
2009-10-16 03:54:17 ----D---- C:\WINDOWS\ERDNT
2009-10-16 03:39:17 ----D---- C:\WINDOWS\AppPatch
2009-10-16 03:39:10 ----D---- C:\Program Files\Common Files
2009-10-11 08:10:09 ----A---- C:\WINDOWS\PEV.exe
2009-10-03 17:53:14 ----D---- C:\Program Files\IBM Ayudame
2009-10-02 23:31:57 ----A---- C:\WINDOWS\system32\MRT.exe
2009-09-15 20:16:49 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-09-15 20:13:58 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-15 13:22:20 ----A---- C:\WINDOWS\OEWABLog.txt
2009-09-14 20:46:12 ----A---- C:\WINDOWS\ModemLog_ThinkPad Modem.txt
2009-09-11 19:48:39 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-09-08 07:01:46 ----D---- C:\Program Files\AT&T Network Client
2009-09-07 16:36:51 ----D---- C:\WINDOWS\system32\CatRoot
2009-09-07 15:40:11 ----A---- C:\WINDOWS\ntbtlog.txt
2009-09-06 12:46:24 ----D---- C:\WINDOWS\system32\XPSViewer
2009-09-06 12:46:09 ----RSD---- C:\WINDOWS\Fonts
2009-09-05 02:33:36 ----A---- C:\WINDOWS\system32\msasn1.dll
2009-09-03 04:16:55 ----SD---- C:\WINDOWS\Tasks
2009-09-02 04:22:37 ----D---- C:\WINDOWS\system32\wbem
2009-09-02 04:21:32 ----D---- C:\Program Files\Messenger
2009-09-02 04:19:00 ----D---- C:\Program Files\Outlook Express
2009-09-01 19:58:50 ----D---- C:\WINDOWS\system32\config
2009-09-01 19:58:36 ----D---- C:\WINDOWS\Media
2009-09-01 19:18:32 ----A---- C:\WINDOWS\setuplog.txt
2009-09-01 19:16:35 ----D---- C:\WINDOWS\system32\Setup
2009-09-01 19:16:35 ----D---- C:\WINDOWS\ime
2009-09-01 19:15:39 ----D---- C:\WINDOWS\security
2009-09-01 18:11:13 ----D---- C:\Program Files\Windows Media Player
2009-09-01 18:10:37 ----D---- C:\WINDOWS\system32\inetsrv
2009-09-01 18:10:14 ----D---- C:\WINDOWS\system32\usmt
2009-09-01 18:10:11 ----D---- C:\WINDOWS\PeerNet
2009-09-01 18:10:11 ----D---- C:\Program Files\Movie Maker
2009-09-01 18:06:34 ----D---- C:\WINDOWS\system32\Restore
2009-09-01 18:06:34 ----D---- C:\WINDOWS\system32\npp
2009-09-01 18:06:33 ----D---- C:\WINDOWS\mui
2009-09-01 18:06:31 ----D---- C:\WINDOWS\msagent
2009-09-01 18:06:29 ----D---- C:\WINDOWS\srchasst
2009-09-01 18:06:18 ----D---- C:\Program Files\NetMeeting
2009-09-01 18:06:17 ----D---- C:\WINDOWS\system32\Com
2009-09-01 18:06:10 ----D---- C:\Program Files\Windows NT
2009-09-01 18:06:03 ----D---- C:\Program Files\Common Files\System
2009-09-01 18:05:19 ----D---- C:\WINDOWS\system32\oobe
2009-09-01 18:05:17 ----D---- C:\WINDOWS\system
2009-09-01 18:01:06 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-09-01 17:56:34 ----D---- C:\WINDOWS\ehome
2009-09-01 17:25:12 ----D---- C:\WINDOWS\Debug
2009-08-31 16:12:53 ----D---- C:\Program Files\Google
2009-08-29 13:06:27 ----A---- C:\WINDOWS\system32\wininet.dll
2009-08-29 13:06:27 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-08-29 13:06:27 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-08-29 13:06:26 ----N---- C:\WINDOWS\system32\mstime.dll
2009-08-29 13:06:26 ----N---- C:\WINDOWS\system32\msrating.dll
2009-08-29 13:06:26 ----A---- C:\WINDOWS\system32\url.dll
2009-08-29 13:06:26 ----A---- C:\WINDOWS\system32\pngfilt.dll
2009-08-29 13:06:26 ----A---- C:\WINDOWS\system32\occache.dll
2009-08-29 13:06:26 ----A---- C:\WINDOWS\system32\mshtmled.dll
2009-08-29 13:06:26 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-08-29 13:06:25 ----N---- C:\WINDOWS\system32\jsproxy.dll
2009-08-29 13:06:25 ----N---- C:\WINDOWS\system32\iernonce.dll
2009-08-29 13:06:25 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-08-29 13:06:25 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-08-29 13:06:25 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-08-29 13:06:25 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-08-29 13:06:24 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2009-08-29 13:06:24 ----N---- C:\WINDOWS\system32\ieaksie.dll
2009-08-29 13:06:24 ----N---- C:\WINDOWS\system32\ieakeng.dll
2009-08-29 13:06:24 ----N---- C:\WINDOWS\system32\extmgr.dll
2009-08-29 13:06:24 ----A---- C:\WINDOWS\system32\ieencode.dll
2009-08-29 13:06:24 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2009-08-29 13:06:24 ----A---- C:\WINDOWS\system32\icardie.dll
2009-08-29 13:06:24 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-08-29 13:06:24 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-08-29 13:06:24 ----A---- C:\WINDOWS\system32\corpol.dll
2009-08-29 13:06:24 ----A---- C:\WINDOWS\system32\advpack.dll
2009-08-28 15:58:59 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2009-08-28 15:58:59 ----A---- C:\WINDOWS\system32\ieudinit.exe
2009-08-27 10:48:41 ----N---- C:\WINDOWS\system32\ieakui.dll
2009-08-26 13:30:21 ----A---- C:\WINDOWS\system32\strmdll.dll
2009-08-13 20:46:05 ----A---- C:\WINDOWS\system32\jscript.dll
2009-08-09 02:07:24 ----D---- C:\temp
2009-08-06 22:36:10 ----D---- C:\Program Files\WorldCommunityGrid
2009-08-06 19:24:18 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-08-06 19:24:18 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-08-06 19:24:18 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-08-06 19:24:10 ----A---- C:\WINDOWS\system32\wups2.dll
2009-08-06 19:24:10 ----A---- C:\WINDOWS\system32\wups.dll
2009-08-06 19:24:06 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-08-06 19:24:04 ----A---- C:\WINDOWS\system32\cdm.dll
2009-08-06 19:24:00 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-08-06 19:23:54 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-08-06 19:23:46 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-08-05 14:31:48 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-08-04 20:43:08 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-08-04 19:50:09 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ANC;ANC; C:\WINDOWS\System32\drivers\ANC.SYS [2005-11-08 11520]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 IBMTPCHK;IBMTPCHK; \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 SAVRT;SAVRT; \??\C:\Program Files\Symantec Client Security\Symantec AntiVirus\savrt.sys []
R1 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec Client Security\Symantec AntiVirus\Savrtpel.sys []
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2006-08-07 195776]
R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys [2007-12-01 17778]
R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwrif.sys [2007-12-01 4442]
R1 TSMAPIP;TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2007-12-01 12848]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.4.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-12-01 21393]
R2 agnwifi;AT&T Wi-Fi Support Driver; C:\WINDOWS\system32\DRIVERS\agnwifi.sys [2004-04-29 19328]
R2 AppnApi;AppnApi; C:\WINDOWS\System32\drivers\appnapi.sys [2005-09-06 120192]
R2 artioctl;artioctl; \??\C:\WINDOWS\system32\drivers\artioctl.sys []
R2 EGATHDRV;IBM Access Support; \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS []
R2 IBM_LLC2;IBM Personal Communications LLC2 Driver; C:\WINDOWS\system32\DRIVERS\llc2.sys [2005-09-06 101408]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2007-12-01 12672]
R2 NsTrcNT;NsTrcNT; C:\WINDOWS\System32\drivers\nstrcnt.sys [2005-09-06 12028]
R2 pdlnctdl;Twinax CUT Adapter; C:\WINDOWS\System32\drivers\pdlnctdl.sys [2005-09-06 12288]
R2 pdlndldl;IBM Enterprise Extender (HPR/IP); C:\WINDOWS\System32\drivers\pdlndldl.sys [2005-09-06 59392]
R2 PMEM;PMEM; \??\C:\WINDOWS\system32\drivers\PMEMNT.SYS []
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-03-29 12416]
R2 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-12-01 306176]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-12-01 94848]
R3 agnfilt;AGN Filter Interface; C:\WINDOWS\system32\DRIVERS\agnfilt.sys [2006-05-19 180864]
R3 Anydlc;Anydlc; C:\WINDOWS\System32\drivers\anydlc.sys [2005-09-06 38236]
R3 Appn;Appn; C:\WINDOWS\System32\drivers\appn.sys [2005-09-06 1286560]
R3 AppnBase;AppnBase; C:\WINDOWS\System32\drivers\AppnBase.sys [2005-09-06 195872]
R3 atmeltpm;atmeltpm; C:\WINDOWS\system32\DRIVERS\atmeltpm.sys [2007-12-01 15872]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2004-11-03 146888]
R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-12-01 252312]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-12-01 988800]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-12-01 209664]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-12-01 5700096]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2007-12-01 21040]
R3 KLOGNT;KLOGNT; C:\WINDOWS\System32\drivers\klognt.sys [2005-09-06 24588]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20091101.004\naveng.sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20091101.004\navex15.sys []
R3 NETw4x32;Intel® Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-04-30 2206976]
R3 pdlnacom;PDLC Adapter -- COM; C:\WINDOWS\System32\drivers\pdlnacom.sys [2005-09-06 75200]
R3 pdlnafac;PDLC Adapter Factory; C:\WINDOWS\System32\drivers\pdlnafac.sys [2005-09-06 36048]
R3 pdlnatcm;Twinax Adapter Common; C:\WINDOWS\System32\drivers\pdlnatcm.sys [2005-09-06 20480]
R3 pdlnatdl;Twinax Adapter; C:\WINDOWS\System32\drivers\pdlnatdl.sys [2005-09-06 18432]
R3 pdlncbas;PDLC CxM Classes; C:\WINDOWS\System32\drivers\pdlncbas.sys [2005-09-06 6784]
R3 pdlncfwk;PDLC Connection Manager; C:\WINDOWS\System32\drivers\pdlncfwk.sys [2005-09-06 160288]
R3 pdlndint;PDLC DLC Classes; C:\WINDOWS\System32\drivers\pdlndint.sys [2005-09-06 12800]
R3 pdlndlpb;PDLC LAPB; C:\WINDOWS\System32\drivers\pdlndlpb.sys [2005-09-06 70144]
R3 pdlndoem;PDLC OEM Interface; C:\WINDOWS\System32\drivers\pdlndoem.sys [2005-09-06 18944]
R3 pdlndqll;PDLC QLLC; C:\WINDOWS\System32\drivers\pdlndqll.sys [2005-09-06 53248]
R3 pdlndsdl;PDLC SDLC; C:\WINDOWS\System32\drivers\pdlndsdl.sys [2005-09-06 67072]
R3 pdlndtdl;Twinax DLC; C:\WINDOWS\System32\drivers\pdlndtdl.sys [2005-09-06 51712]
R3 pdlnebas;PDLC Environment; C:\WINDOWS\System32\drivers\pdlnebas.sys [2005-09-06 8608]
R3 pdlnecfg;PDLC Configuration; C:\WINDOWS\System32\drivers\pdlnecfg.sys [2005-09-06 50336]
R3 pdlnemap;PDLC Mapper; C:\WINDOWS\System32\drivers\pdlnemap.sys [2005-09-06 67184]
R3 pdlnemsg;PDLC Message Driver; C:\WINDOWS\System32\drivers\pdlnemsg.sys [2005-09-06 12768]
R3 pdlnepkt;PDLC Buffer Manager; C:\WINDOWS\System32\drivers\pdlnepkt.sys [2005-09-06 19984]
R3 pdlnshay;PDLC Hayes At signalling; C:\WINDOWS\System32\drivers\pdlnshay.sys [2005-09-06 59504]
R3 pdlnslea;PDLC SDLC Leased; C:\WINDOWS\System32\drivers\pdlnslea.sys [2005-09-06 22384]
R3 pdlnsv25;PDLC V25bis signalling; C:\WINDOWS\System32\drivers\pdlnsv25.sys [2005-09-06 54416]
R3 pdlnsx25;PDLC X.25; C:\WINDOWS\System32\drivers\pdlnsx25.sys [2005-09-06 58432]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2006-08-07 12992]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2006-08-07 110784]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2006-08-07 31936]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\SCFIDS~1\20091023.006\symidsco.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2006-08-07 28352]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2006-08-07 24768]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-11-17 181176]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2005-11-30 474184]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-12-01 730112]
S1 dsload;dsload; C:\WINDOWS\System32\drivers\dsload.sys [2006-01-30 10910]
S1 SBRE;SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys []
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 artour;IBM Mobility Interface for Windows; C:\WINDOWS\system32\DRIVERS\artndint.sys [2005-06-23 7760]
S3 avpnnic;AGN Virtual Network Adapter; C:\WINDOWS\system32\DRIVERS\avpnnic.sys [2003-04-04 13952]
S3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2004-05-06 114688]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2005-05-17 5315]
S3 dsgrab_01c8d0fcced6f8b0;dsgrab_01c8d0fcced6f8b0; C:\WINDOWS\system32\dsgrab_01c8d0fcced6f8b0.dll [2006-01-30 32318]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-07-24 101376]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 wcndis;Mobility Client Virtual Miniport; C:\WINDOWS\system32\DRIVERS\wcndis.sys [2006-01-30 8704]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 artdhcp;IBM Mobility Client DHCP Control; C:\Program Files\IBM\Mobility Client\artdhcp.exe [2005-06-23 15872]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2006-07-20 192160]
R2 ccProxy;Symantec Network Proxy; C:\Program Files\Common Files\Symantec Shared\ccProxy.exe [2006-07-20 202400]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2006-07-20 169632]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2005-08-12 1504256]
R2 DCDClient-ISSI;IBM DCD Standard Client (DCDClient-ISSI); C:\Program Files\IBM\tivoli\dcd\client\ISSI\cds\CDSWinSrv.exe [2008-07-08 53248]
R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe [2006-09-28 31472]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-04-16 647168]
R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2007-12-01 36400]
R2 ISAMSvc;IBM Standard Asset Manager Service; C:\Program Files\C4ebreg\c4ebreg.exe [2009-06-11 433392]
R2 ISSIMon;ISSI; c:\sdwork\issimsvc.exe [2009-06-01 242928]
R2 ISSVC;IS Service; C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe [2006-09-27 87728]
R2 ldlcserv;IBM Enterprise Extender; C:\WINDOWS\system32\Drivers\ldlcserv.exe [2005-09-06 28672]
R2 Multi-user Cleanup Service;Multi-user Cleanup Service; C:\notes\ntmulti.exe [2005-08-15 53248]
R2 NetCfgSvr;Network Configuration Service; C:\Program Files\AT&T Network Client\NetCfgSv.EXE [2007-01-13 323584]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-04-16 327680]
R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-04-16 983040]
R2 SavRoam;SAVRoam; c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe [2006-09-28 116464]
R2 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2006-08-07 214720]
R2 SPBBCSvc;Symantec SPBBCSvc; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe [2006-04-11 1160848]
R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe [2006-09-28 1813232]
R2 SymSecurePort;Symantec SecurePort; C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe [2006-09-27 173744]
R2 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\WINDOWS\System32\TPHDEXLG.exe [2007-03-02 37680]
R2 TpKmpSVC;IBM KCU Service; C:\WINDOWS\system32\TpKmpSVC.exe [2006-06-30 32768]
R2 TrcBoot;IBM Trace Facility; C:\WINDOWS\system32\Drivers\trcboot.exe [2005-09-06 28672]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S2 artstartsvc;IBM Mobility Client Start Utility; C:\Program Files\IBM\Mobility Client\artstartsvc.exe []
S3 AppnNode;AppnNode; C:\WINDOWS\system32\Drivers\appnnode.exe [2005-09-06 32768]
S3 ArtourService;Mobility Client; C:\Program Files\IBM\Mobility Client\artsvc.exe [2005-06-23 53248]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-08-25 2528960]
S3 MyHelp;My Help; C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\MyHelpService.exe []
S3 OracleDevSuiteHomeClientCache;OracleDevSuiteHomeClientCache; C:\DevSuiteHome\BIN\ONRSD.EXE [2004-03-24 426300]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 AcPrfMgrSvc;Ac Profile Manager Service; C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [2007-05-17 65536]
S4 AcSvc;Access Connections Main Service; C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [2007-05-17 184320]
S4 ISAMsmt;ISAM SMT Service; C:\Program Files\C4ebreg\isamsmt.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
************************************************
RSIT info.txt
************************************************
info.txt logfile of random's system information tool 1.06 2009-11-02 00:07:52
======Uninstall list======
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D8C43A92-5517-49A6-BBD6-69A30A1A0525}\Setup.exe" -l0x9 AnyText -uninst -fIBMARTCL.isu -cC:\PROGRA~1\IBM\MOBILI~1\ARTINST.DLL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Access IBM-->MsiExec.exe /X{EC6AF20D-4376-4070-BEE4-D3A0DFF7E140}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player 11.5-->C:\WINDOWS\system32\Adobe\uninstaller.exe
AFP Workbench for Windows-->MsiExec.exe /X{53A93780-6073-4207-A729-A99A30AFDE40}
AIM 3.0-->C:\Method\OM30\AIM30\Menu\Support\UNWISE.EXE C:\Method\OM30\AIM30\Menu\Support\INSTALL.LOG
Alcohol and Tobacco Segment Fundamentals-->MsiExec.exe /X{30515E59-2E7D-7425-3666-6D4423222529}
Apparel segment fundamentals-->MsiExec.exe /X{DD2A7FA4-89C1-FFBD-12DC-8330B01EFB5B}
Apple Mobile Device Support-->MsiExec.exe /I{8355F970-601D-442D-A79B-1D7DB4F24CAD}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AT&T Network Client-->MsiExec.exe /I{2E21CBDA-1EDF-4C18-A561-DB53D683229F}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Cisco Systems VPN Client 4.7.00.0533-->MsiExec.exe /X{00CD55D6-EE5A-4570-9875-8A306628C032}
Citrix Presentation Server Client - Web Only-->MsiExec.exe /X{23E8D2D6-F7C8-4A35-816C-6C914EE0A601}
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
DataLoad-->"C:\Program Files\DataLoad\uninstall.exe"
Food and Beverage Segment Fundamentals-->MsiExec.exe /X{655E2136-7658-685D-7838-36655F492121}
Formatter Plus V1.4-->C:\PROGRA~1\QUESTS~1\TOAD\Help\UNWISE.EXE C:\PROGRA~1\QUESTS~1\TOAD\Help\INSTALL.LOG
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Talk (remove only)-->"C:\Program Files\Google\Google Talk\uninstall.exe"
GPL Ghostscript 8.63-->C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\gs8.63\uninstal.txt"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HighMAT Extension to Microsoft Windows XP CD Writing Wizard-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Household and personal products-->MsiExec.exe /X{F0148A57-57B9-FD4B-3E12-E0BB8E41DBBD}
Huawei Access Manager-->C:\Program Files\Huawei Access Manager\uninst.exe
IBM 32-bit Runtime Environment for Java 2, v5.0-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4F3AFB85-B972-4621-AEB6-6C22317E145B} /l1033
IBM Ayudame-->C:\WINDOWS\ai63f5.exe Patient
IBM Dynamic Content Delivery (DCDClient-ISSI)-->C:\Program Files\IBM\tivoli\dcd\client\ISSI\_uninst\uninstaller.exe
IBM Infoprint Select-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA36483F-5D79-4EFD-ACA7-161EE2474E17}\Setup.exe" -l0x9
IBM ISMA Peer-To-Peer-->rundll32.exe syssetup.dll,SetupInfObjectInstallAction DefaultUninstall 132 C:\WINDOWS\inf\p2pgui.inf
IBM Lotus Sametime Connect 7.5.1-->MsiExec.exe /X{8C8ADD9C-1F30-4B1A-927E-B72CC4AADB91}
IBM Mobility Client-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D8C43A92-5517-49A6-BBD6-69A30A1A0525}\Setup.exe" -l0x9 AnyText
IBM My Help-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DFF415AC-3883-4338-9365-DDCB74A0CFBA}\setup.exe" -l0x9 -removeonly
IBM Personal Communications-->MsiExec.exe /I{37C22E24-B794-4265-A38E-711BBF1C637A}
IBM Printer Software Uninstall-->C:\Program Files\IBM\Install\Uninstall.exe
IBM Rational Portfolio Manager-->MsiExec.exe /I{7D514F8E-AFF5-49B0-8C86-C7F74A49DCFF}
IBM Tivoli Storage Manager Client-->MsiExec.exe /I{7F87DF1C-6B8F-49F4-8EEF-7600128D99AE}
iKnow Image Crop 1.6.3 Free Edition-->MsiExec.exe /I{54E7C786-9DFC-437F-B79F-3EE6CECBEDCE}
ILC-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA96F3A1-F350-11D3-B354-002035C150E4}\setup.exe" -l0x9 -removeonly
Intel® Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Intel® PRO Network Connections Drivers-->Prounstl.exe
Intel® PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
iTunes-->MsiExec.exe /I{5D601655-6D54-4384-B52C-17EC5385FBBD}
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 13-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150130}
Ken Ward's Makeup 0.901-->"C:\Program Files\Ken Ward's Makeup\unins000.exe"
LiveUpdate 3.1 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Lotus Notes 7.0-->MsiExec.exe /I{628789DC-75F8-4302-A268-27EF628E6906}
Lotus SmartSuite - English-->MsiExec.exe /I{536D6172-7453-7569-7465-392E38300409}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework 1.0-->"C:\WINDOWS\$NtUninstallWdf01000$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{90840409-6000-11D3-8CFE-0150048383C9}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF0409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Visio Professional 2003-->MsiExec.exe /I{90510409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Visio Viewer 2003 (English)-->MsiExec.exe /I{90520409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Word Viewer 2003-->MsiExec.exe /I{90850409-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Standard-->MsiExec.exe /I{90120409-6000-11D3-8CFE-0050048383C9}
Microsoft Windows Journal Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Multi_PMO_RPM V1.12-->"C:\Program Files\IBM\Multi PMO RPM Installer\unins000.exe"
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
My Help - Workstation Setup Wizard-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7D968F83-A23F-40F7-937C-A3B5A0C44048}\setup.exe" -l0x9 -removeonly
On Screen Display-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall.XP 132 C:\Program Files\Lenovo\HOTKEY\tphk_tp.inf
Oracle JInitiator 1.3.1.29-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAFECAFE-0013-0001-0129-ABCDEFABCDEF}\Setup.exe" -l0x9 -uninst
Oracle Web Conferencing Console-->"C:\Program Files\Common Files\Oracle\RTC Client\3.0.1.421\en\cnsrun.exe" --dll:cnssetup.dll --entry:5 --cmd:/u
PDFill PDF Editor with FREE PDF Writer and Tools-->MsiExec.exe /I{262C7F33-8251-432E-88C1-E9F42A53F8F0}
PL/SQL Developer-->aaRemove "PL/SQL Developer [80687277]"
Presentation Director-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65706020-7B6F-41F2-8047-FC69579E386A}\setup.exe" -l0x9 -AddRemove
Quest Software TOAD Professional Edition 7.6-->C:\PROGRA~1\QUESTS~1\TOAD\UNINST~1.EXE
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
RPM Clients Manager V1.7-->"C:\Program Files\IBM\RPM Manager\unins000.exe"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950582)-->"C:\WINDOWS\$NtUninstallKB950582$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Snapshot Viewer-->C:\Program Files\Snapshot Viewer\Setup\Setup.exe /T snap90.stf
Symantec Client Security-->MsiExec.exe /I{0698CECB-9072-47B1-AEA1-94CA350989B8}
ThinkPad FullScreen Magnifier-->RunDll32 setupapi.dll,InstallHinfSection DefaultUninstall.NT 132 C:\Program Files\Lenovo\Zoom\TpScrex.inf
ThinkPad Keyboard Customizer Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2111B23F-7FDA-4A41-8309-E5A1663CA296}\setup.exe" -l0x9 anything
ThinkPad Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588\UIU32m.exe -U -ITkp0588k.inf
ThinkPad Power Management Driver-->RunDll32.exe tpinspm.dll,Uninstall
ThinkPad Power Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}\setup.exe" -l0x9 -AddRemove
ThinkPad UltraNav Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
ThinkPad UltraNav Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17CBC505-D1AE-459D-B445-3D2000A85842}\setup.exe" -l0x9 UNINSTALL
ThinkVantage Access Connections-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7EB114D8-207F-45AE-BABD-1669715F2630}\Setup.exe" -l0x9 anything
ThinkVantage Active Protection System-->MsiExec.exe /X{46A84694-59EC-48F0-964C-7E76E9F8A2ED}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Western Australian Time Zone Update-->MsiExec.exe /X{902929E5-77E8-444E-B760-1B54FDBCEC0C}
Wholesale segment overview-->MsiExec.exe /X{8CCC1DE4-22A2-8B29-DDE6-387B7EE79BC8}
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Workstation Security Tool 2.4-->"C:\Program Files\wst\unins000.exe"
World Community Grid Agent-->MsiExec.exe /X{3CEA3FEC-1AF5-4818-89D5-406F627E7337}
ZoomIn Uploader 1.0.8-->"C:\Program Files\ZoomIn Uploader\unins000.exe"
======Security center information======
AV: Symantec AntiVirus Corporate Edition
FW: Symantec Client Firewall
======System event log======
Computer Name: kaushil1
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 001C251AE489. The following
error occurred:
The semaphore timeout period has expired.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Record Number: 58117
Source Name: Dhcp
Time Written: 20090803093803.000000+330
Event Type: warning
User:
Computer Name: kaushil1
Event Code: 27
Message: Intel® 82566MM Gigabit Network Connection
Link has been disconnected.
Record Number: 58106
Source Name: e1express
Time Written: 20090803093055.000000+330
Event Type: warning
User:
Computer Name: kaushil1
Event Code: 7009
Message: Timeout (30000 milliseconds) waiting for the PEVSystemStart service to connect.
Record Number: 58105
Source Name: Service Control Manager
Time Written: 20090803093017.000000+330
Event Type: error
User:
Computer Name: kaushil1
Event Code: 7009
Message: Timeout (30000 milliseconds) waiting for the PEVSystemStart service to connect.
Record Number: 58104
Source Name: Service Control Manager
Time Written: 20090803093016.000000+330
Event Type: error
User:
Computer Name: kaushil1
Event Code: 1002
Message: The IP address lease 192.168.1.2 for the Network Card with network address 001C251AE489 has been
denied by the DHCP server 9.182.150.59 (The DHCP Server sent a DHCPNACK message).
Record Number: 58091
Source Name: Dhcp
Time Written: 20090803085859.000000+330
Event Type: error
User:
=====Application event log=====
Computer Name: kaushil1
Event Code: 1517
Message: Windows saved user kaushil1\ibm registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.
This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Record Number: 15269
Source Name: Userenv
Time Written: 20090214052543.000000+330
Event Type: warning
User: NT AUTHORITY\SYSTEM
Computer Name: kaushil1
Event Code: 5003
Message: TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: The system cannot find the file specified.
Record Number: 15259
Source Name: TrueVector Service
Time Written: 20090214031650.000000+330
Event Type: error
User:
Computer Name: kaushil1
Event Code: 5003
Message: TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: The system cannot find the file specified.
Record Number: 15238
Source Name: TrueVector Service
Time Written: 20090213141643.000000+330
Event Type: error
User:
Computer Name: kaushil1
Event Code: 1517
Message: Windows saved user kaushil1\ibm registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.
This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Record Number: 15223
Source Name: Userenv
Time Written: 20090213124311.000000+330
Event Type: warning
User: NT AUTHORITY\SYSTEM
Computer Name: kaushil1
Event Code: 5003
Message: TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: The system cannot find the file specified.
Record Number: 15208
Source Name: TrueVector Service
Time Written: 20090213032313.000000+330
Event Type: error
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\OraWFHome\bin;C:\OraWFHome\jre\1.4.2\bin\client;C:\OraWFHome\jre\1.4.2\bin;C:\DevSuiteHome\jdk\jre\bin\classic;C:\DevSuiteHome\jdk\jre\bin;C:\DevSuiteHome\jdk\jre\bin\client;C:\DevSuiteHome\jlib;C:\DevSuiteHome\bin;C:\DevSuiteHome\jre\1.1.8\bin;C:\Program Files\IBM\Infoprint Select;C:\Notes;C:\Program Files\XLView;C:\lotus\compnent;C:\Utilities;C:\Program Files\IBM\Personal Communications;C:\Program Files\IBM\Trace Facility;C:\Program Files\Intel\Wireless\Bin;C:\Program Files\ThinkPad\ConnectUtilities;C:\WINDOWS\Downloaded Program Files;C:\Program Files\QuickTime\QTSystem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PD_SOCKET"=6874
"PDBASE"=C:\Program Files\IBM\Infoprint Select
"PDHOST"=
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=0f0d
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"tvdebugflags"=0x260
"tvlogsessioncount"=5000
"windir"=%SystemRoot%
"PCOMM_Root"=C:\Program Files\IBM\Personal Communications\
"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_13\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.5.0_13\lib\ext\QTJava.zip
-----------------EOF-----------------
*****************************************************
ESET OnlineScan Log File
*****************************************************
C:\Documents and Settings\Administrator\Desktop\Go Live\MHv1.3.exe Win32/Packed.Autoit.Gen application deleted - quarantined
C:\Kaushik\R-12 From Oracle\11i_userguide full\Oracle_apps_help\desktop.ini Win32/VB.NEI worm cleaned by deleting - quarantined
C:\Kaushik\R-12 From Oracle\Release 12 Training\Course Notes\ExampleBatch_f12x9pre.xls probably unknown POLY.MACRO virus cleaned - quarantined
C:\Kaushik\R-12 From Oracle\Release 12 Training\Course Notes\Course Notes\ExampleBatch_f12x9pre.xls probably unknown POLY.MACRO virus cleaned - quarantined
******************************************************
Help
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.
This topic is locked
Back to top
Welcome to the 
or 
on your desktop.
and wait for the scan to finish.
and save the logfile to your desktop.
button.
to download the ESET Smart Installer. Save it to your desktop.
icon on your desktop.
button.
, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
button.
