Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help! Amvo.exe Infection And Other Malware


  • This topic is locked This topic is locked
5 replies to this topic

#1 Tengal

Tengal

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:05:03 PM

Posted 09 May 2008 - 05:54 AM

Hi everyone,

I need help. My computer is infected by this amvo.exe thing... I tried looking in the net on how to get rid of it, tried deleting it from the registry "ctrl F: amvo.exe" and it still persists! Everytime I scan in safe mode using avast and spybot and ad aware, and etc, my computer restarts midway. I dunno what to do! :thumbsup:
I haven't backed up some files yet and I have some very important data and a reformat is really out of the question.
I hope there is a way to get rid of this.
I think I got it from this usb drive a niece placed in my machine when I was out, and then my yahoo messenger stopped working.
Please let me know if anyone can provide some info!
Thank you in advance!

Deckard's System Scanner v20071014.68
Run by TAE on 2008-05-09 18:18:51
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
38: 2008-05-09 10:19:02 UTC - RP776 - Deckard's System Scanner Restore Point
37: 2008-05-08 14:32:00 UTC - RP775 - System Checkpoint
36: 2008-05-07 10:01:40 UTC - RP774 - System Checkpoint
35: 2008-05-05 19:00:27 UTC - RP773 - System Checkpoint
34: 2008-05-04 15:07:55 UTC - RP772 - Removed EDL Manager


-- First Restore Point --
1: 2008-04-19 14:29:05 UTC - RP739 - Removed Doom 3


Backed up registry hives.
Performed disk cleanup.

System Drive C: has 7.77 GiB (less than 15%) free.


-- HijackThis (run as TAE.exe) -------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:22:13 PM, on 5/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\Domino.EXE
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Digidesign\Drivers\MMERefresh.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\OpenSSH\bin\cygrunsrv.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\OpenSSH\usr\sbin\sshd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\installers\AV\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\TAE.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?.home=ytie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?.home=ytie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?.home=ytie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! ¤u¨ă¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn4\yt.dll
O1 - Hosts: 213.189.34.4 auto.search.msn.com
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! ¤u¨ă¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE
O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://games.pogo.com/online2/pogo/insaniq...aploader_v6.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: emptins - {588599f4-de26-4c28-ba14-f4eb17e33481} - (no file)
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: M-Audio Series II MIDI Installer (MA_CMIDI_InstallerService) - Unknown owner - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OpenSSH Server (OpenSSHd) - Unknown owner - C:\Program Files\OpenSSH\bin\cygrunsrv.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 11992 bytes

-- File Associations -----------------------------------------------------------

.js - JSFile - DefaultIcon - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe",2


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 TPkd - c:\windows\system32\drivers\tpkd.sys <Not Verified; PACE Anti-Piracy, Inc.; InterLok®>
R1 Asapi - c:\windows\system32\drivers\asapi.sys <Not Verified; VOB Computersysteme GmbH; asapi>
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R2 DigiNet (Digidesign Ethernet Support) - c:\windows\system32\drivers\diginet.sys <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Pro Tools®>
R2 mdmxsdk - c:\windows\system32\drivers\mdmxsdk.sys <Not Verified; Conexant; Diagnostic Interface>
R2 WIBUKEY (WIBU-KEY Kernel Driver) - c:\windows\system32\drivers\wibukey.sys <Not Verified; WIBU-SYSTEMS AG; WIBU-KEY Software Protection System>
R3 BOCDRIVE (BOClean Kernel Monitor.) - c:\program files\comodo\cboclean\bocdrive.sys (file missing)
R3 CLEDX (Team H2O CLEDX service) - c:\windows\system32\drivers\cledx.sys <Not Verified; Team H2O; CLEDX>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>

S3 bdfdll - c:\program files\softwin\bitdefender10\bdfdll.sys (file missing)
S3 ENTECH - c:\windows\system32\drivers\entech.sys <Not Verified; EnTech Taiwan; PowerStrip>
S3 GMSIPCI - d:\install\gmsipci.sys (file missing)
S3 HSF_DP - c:\windows\system32\drivers\hsf_dp.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
S3 HSFHWCD2 - c:\windows\system32\drivers\hsfhwcd2.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
S3 MA_CMIDI (M-Audio USB Driver) - c:\windows\system32\drivers\ma_cmidi.sys <Not Verified; M-Audio; M-Audio USB MIDI Keyboard Interface>
S3 NTACCESS - d:\ntaccess.sys (file missing)
S3 PCANDIS5 (PCANDIS5 NDIS Protocol Driver) - c:\windows\system32\pcandis5.sys (file missing)
S3 RDID1021 (EDIROL UA-20 (WDM)) - c:\windows\system32\drivers\rdwm1021.sys <Not Verified; Roland Corporation; >
S3 RushTopDevice - c:\program files\msi\core center\rushtop.sys (file missing)
S3 winachsf - c:\windows\system32\drivers\hsf_cnxt.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
R2 DigiRefresh (Digidesign MME Refresh Service) - c:\program files\digidesign\drivers\mmerefresh.exe -s <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Digidesign MME Binder>
R2 MA_CMIDI_InstallerService (M-Audio Series II MIDI Installer) - c:\program files\m-audio\m-audio series ii midi\ma_cmidi_inst.exe <Not Verified; ; MA_CMIDI USB MIDI Installer Service>
R2 OpenSSHd (OpenSSH Server) - c:\program files\openssh\bin\cygrunsrv.exe

S4 Mssasiciw -
S4 UleadBurningHelper (Ulead Burning Helper) - c:\program files\common files\ulead systems\dvd\ulcdrsvr.exe (file missing)


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: C-Media High Definition Audio Device
Device ID: HDAUDIO\FUNC_01&VEN_434D&DEV_4980&SUBSYS_70581462&REV_0904\4&2D23EDC5&0&0001
Manufacturer: C-Media
Name: C-Media High Definition Audio Device
PNP Device ID: HDAUDIO\FUNC_01&VEN_434D&DEV_4980&SUBSYS_70581462&REV_0904\4&2D23EDC5&0&0001
Service: cmudax

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\277900001020002
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\277900001020002
Service: NIC1394

Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Description: PnP BIOS Extension
Device ID: ROOT\SYSTEM\0003
Manufacturer: (Standard system devices)
Name: PnP BIOS Extension
PNP Device ID: ROOT\SYSTEM\0003
Service: d347bus


-- Scheduled Tasks -------------------------------------------------------------

2008-05-09 17:08:00 396 --a------ C:\WINDOWS\Tasks\At1.job
2008-05-06 13:31:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-04-09 and 2008-05-09 -----------------------------

2008-05-09 18:02:03 0 d-------- C:\Program Files\SpywareGuard
2008-05-09 17:45:21 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-05-09 17:45:18 0 d-------- C:\WINDOWS\LastGood
2008-05-09 16:38:48 0 d-------- C:\Program Files\Trend Micro
2008-05-09 11:49:29 280 --a------ C:\WINDOWS\system32\PDBootState
2008-05-09 08:09:29 0 d-------- C:\WINDOWS\CSC
2008-05-09 02:59:06 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-09 02:25:48 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2008-05-08 20:04:01 569376 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-05-08 19:56:22 0 d-------- C:\Program Files\ZoneAlarmSB
2008-05-08 19:54:29 0 d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-05-08 19:54:13 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-05-08 19:54:04 11264 --a------ C:\WINDOWS\system32\SpOrder.dll <Not Verified; Microsoft Corporation; Microsoft® Windows NT™ Operating System>
2008-05-08 19:53:21 0 d-------- C:\WINDOWS\system32\ZoneLabs
2008-05-08 19:52:13 0 d-------- C:\WINDOWS\Internet Logs
2008-05-08 19:28:42 0 d-------- C:\Program Files\a-squared Anti-Malware
2008-05-08 19:06:17 0 d-------- C:\Program Files\Comodo
2008-05-07 23:06:27 103966 -r-hs---- C:\t.com
2008-05-07 23:06:00 70656 -r-hs---- C:\WINDOWS\system32\amvo0.dll
2008-05-07 23:06:00 103966 -r-hs---- C:\WINDOWS\system32\amvo.exe
2008-05-04 21:00:31 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-05-04 21:00:29 0 d-------- C:\Documents and Settings\TAE\Application Data\skypePM
2008-05-04 21:00:15 0 d-------- C:\Program Files\Common Files\Skype
2008-05-04 20:49:15 0 d-------- C:\Program Files\Recuva
2008-05-04 20:21:05 0 d-------- C:\Program Files\CCleaner
2008-04-30 01:21:10 86016 --a------ C:\WINDOWS\system32\ma_cmidn.dll <Not Verified; M-Audio; M-Audio USB MIDI Keyboard Interface>
2008-04-30 01:21:09 82944 --a------ C:\WINDOWS\system32\USBMN1X1.DLL <Not Verified; M-Audio; M-Audio USB Midi 1x1 Midi Interface>
2008-04-30 01:21:09 17920 --a------ C:\WINDOWS\system32\USBMM1X1.DLL <Not Verified; M-Audio; M-Audio USB Midi 1x1 Midi Interface>
2008-04-30 01:21:09 22208 --a------ C:\WINDOWS\system32\drivers\USBMN1X1.SYS <Not Verified; M-Audio; M-Audio USB Midi 1x1 Midi Interface>
2008-04-30 01:21:09 24128 --a------ C:\WINDOWS\system32\drivers\USBMM1X1.SYS <Not Verified; M-Audio; M-Audio USB Midi 1x1 Midi Interface>
2008-04-30 01:21:09 13504 --a------ C:\WINDOWS\system32\drivers\USB11LDR.SYS <Not Verified; MIDIMAN; Midiman USB MidiSport 1x1 Loader>
2008-04-30 01:21:09 21888 --a------ C:\WINDOWS\system32\drivers\ma_cmidi.sys <Not Verified; M-Audio; M-Audio USB MIDI Keyboard Interface>
2008-04-30 01:21:08 17920 --a------ C:\WINDOWS\system32\MA_CMIDI.DLL <Not Verified; M-Audio; M-Audio USB MIDI Keyboard Interface>
2008-04-25 20:53:36 253116 --a------ C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_5593.exe <Not Verified; pdfforge.org; PDFCreator>
2008-04-25 20:53:36 14290 --a------ C:\Program Files\settings.dat
2008-04-25 20:53:35 0 d-------- C:\Program Files\PDFCreator Toolbar
2008-04-25 20:53:08 196608 --a------ C:\WINDOWS\system32\pdfcmnnt.dll <Not Verified; internet-support foehr.com; RedMon EE>
2008-04-25 20:53:07 23552 --a------ C:\WINDOWS\system32\MSMPIDE.DLL <Not Verified; Microsoft Corporation; MSMAPI-Steuerelementbibliothek>
2008-04-25 20:53:06 0 d-------- C:\Program Files\PDFCreator
2008-04-22 22:44:20 0 d-------- C:\Documents and Settings\TAE\Application Data\Avid
2008-04-22 22:44:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Avid
2008-04-22 19:56:18 126976 --a------ C:\WINDOWS\system32\Digi32.dll <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Digidesign WaveDriver>
2008-04-22 19:55:29 11776 --a------ C:\WINDOWS\system32\drivers\diginet.sys <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Pro Tools®>
2008-04-22 19:55:28 17408 --a------ C:\WINDOWS\system32\drivers\dgfwboot.sys <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Pro Tools®>
2008-04-22 19:55:25 1900132 --a------ C:\WINDOWS\system32\ExpansionHD_Firmware.bin
2008-04-22 19:55:25 483328 --a------ C:\WINDOWS\system32\DSI.dll <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Pro Tools®>
2008-04-22 19:55:25 3638655 --a------ C:\WINDOWS\system32\DirectIO.dll <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Pro Tools®>
2008-04-22 19:55:25 118784 --a------ C:\WINDOWS\system32\Diomidi.DLL <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Pro Tools®>
2008-04-22 19:55:25 192512 --a------ C:\WINDOWS\system32\DigiPlatformSupport.dll
2008-04-22 19:55:25 15872 --a------ C:\WINDOWS\system32\digicoin.dll <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Pro Tools>
2008-04-22 19:55:13 0 d-------- C:\Documents and Settings\TAE\Application Data\InstallShield
2008-04-22 19:51:41 0 d-------- C:\Program Files\SafeNet Sentinel
2008-04-22 19:51:41 0 d-------- C:\Program Files\Common Files\SafeNet Sentinel
2008-04-22 19:45:25 0 d-------- C:\Documents and Settings\TAE\Application Data\Command & Conquer 3 Kane's Wrath
2008-04-22 01:06:34 0 d-------- C:\Program Files\Common Files\xing shared
2008-04-20 00:46:48 0 d-------- C:\Documents and Settings\TAE\Application Data\Command & Conquer 3 Tiberium Wars
2008-04-20 00:40:49 0 dr-h----- C:\Documents and Settings\TAE\Application Data\SecuROM
2008-04-19 23:40:38 0 d-------- C:\Program Files\Electronic Arts
2008-04-18 17:24:09 36864 --a------ C:\WINDOWS\system32\MaxAudio.dll <Not Verified; Cycling '74; MaxMSP>
2008-04-18 17:24:09 90112 --a------ C:\WINDOWS\system32\MaxAPI.dll <Not Verified; Cycling '74; MaxMSP>
2008-04-18 17:24:08 159744 --a------ C:\WINDOWS\system32\mactbldr.dll <Not Verified; Cycling '74; MaxMSP>
2008-04-18 17:24:08 397312 --a------ C:\WINDOWS\system32\js32mt.dll
2008-04-18 17:23:43 0 d-------- C:\Program Files\Cycling '74
2008-04-18 17:23:43 0 d-------- C:\Program Files\Common Files\Cycling '74
2008-04-17 21:11:07 467 --a------ C:\WINDOWS\system32\Datei10
2008-04-17 20:44:10 45056 --a------ C:\WINDOWS\system32\Synsopos.exe <Not Verified; SIA Syncrosoft; Syncrosoft Synsopos>
2008-04-17 20:37:18 0 d-------- C:\Program Files\Ableton
2008-04-14 14:23:02 0 d-------- C:\Documents and Settings\Guest\Application Data\Skype
2008-04-12 01:00:41 1777664 --a------ C:\WINDOWS\system32\gdiplus.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Find3M Report ---------------------------------------------------------------

2008-05-09 17:42:54 0 d-------- C:\Program Files\SpywareBlaster
2008-05-09 16:35:29 0 d-------- C:\Documents and Settings\TAE\Application Data\Skype
2008-05-09 12:43:53 24 --a------ C:\WINDOWS\system32\DVCStateBkp-{00000002-00000000-00000000-00001102-00000002-80401102}.dat
2008-05-09 12:43:53 24 --a------ C:\WINDOWS\system32\DVCState-{00000002-00000000-00000000-00001102-00000002-80401102}.dat
2008-05-08 03:48:03 0 d-------- C:\Documents and Settings\TAE\Application Data\uTorrent
2008-05-08 00:50:11 0 d-------- C:\Documents and Settings\TAE\Application Data\Adobe
2008-05-04 23:08:00 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-04 23:08:00 0 d-------- C:\Program Files\Avid
2008-05-04 23:04:21 0 d-------- C:\Program Files\Common Files
2008-05-04 20:03:21 0 d-------- C:\Program Files\Ulead Systems
2008-05-04 19:51:21 0 d-------- C:\Program Files\BitComet
2008-04-30 01:21:08 0 d-------- C:\Program Files\M-Audio
2008-04-26 00:00:21 0 d-------- C:\Program Files\Common Files\Adobe
2008-04-22 19:56:17 0 d-------- C:\Documents and Settings\TAE\Application Data\PACE Anti-Piracy
2008-04-22 19:55:28 0 d-------- C:\Program Files\Digidesign
2008-04-22 02:44:29 0 d-------- C:\Program Files\Soulseek
2008-04-22 01:06:22 0 d-------- C:\Program Files\Common Files\Real
2008-04-21 23:18:43 0 d-------- C:\Documents and Settings\TAE\Application Data\Real
2008-04-21 01:45:31 0 d-------- C:\Documents and Settings\TAE\Application Data\dvdcss
2008-04-19 23:15:09 0 d-------- C:\Program Files\Bonjour
2008-04-19 22:29:14 0 d-------- C:\Program Files\Doom 3
2008-04-19 22:13:45 0 d-------- C:\Program Files\Microsoft Games
2008-04-18 16:01:55 467 --a------ C:\WINDOWS\system32\Datei9
2008-04-18 16:01:55 467 --a------ C:\WINDOWS\system32\Datei8
2008-04-18 16:01:55 469 --a------ C:\WINDOWS\system32\Datei7
2008-04-18 16:01:55 465 --a------ C:\WINDOWS\system32\Datei6
2008-04-18 16:01:55 469 --a------ C:\WINDOWS\system32\Datei5
2008-04-18 16:01:55 471 --a------ C:\WINDOWS\system32\Datei4
2008-04-18 16:01:55 470 --a------ C:\WINDOWS\system32\Datei3
2008-04-18 16:01:55 471 --a------ C:\WINDOWS\system32\Datei2
2008-04-18 16:01:55 470 --a------ C:\WINDOWS\system32\Datei1
2008-04-18 16:01:55 468 --a------ C:\WINDOWS\system32\Datei0
2008-04-17 21:11:32 0 d-------- C:\Documents and Settings\TAE\Application Data\Steinberg
2008-04-17 20:44:28 0 d-------- C:\Program Files\Syncrosoft
2008-04-12 02:38:11 0 d-------- C:\Program Files\iTunes
2008-04-12 02:37:49 0 d-------- C:\Program Files\iPod
2008-04-12 02:37:02 0 d-------- C:\Program Files\QuickTime
2008-02-13 17:47:28 3440 --a------ C:\WINDOWS\unins000.dat
2008-02-13 17:30:16 691545 --a------ C:\WINDOWS\unins000.exe


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
05/08/2008 07:56 PM 262144 --a------ C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [05/08/2008 07:56 PM 262144]

[-HKEY_CLASSES_ROOT\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [03/09/2006 03:29 PM]
"nwiz"="nwiz.exe" [03/09/2006 03:29 PM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="NvMCTray.dll" [03/09/2006 03:29 PM C:\WINDOWS\system32\nvmctray.dll]
"Jet Detection"="C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" [11/29/2001 01:00 AM]
"H2O"="C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" [12/11/2007 04:59 AM]
"Cmaudio"="cmicnfg.cpl" []
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [03/30/2008 02:37 AM]
"Domino"="C:\WINDOWS\Domino.EXE" [06/28/2006 05:54 PM]
"DigidesignMMERefresh"="C:\Program Files\Digidesign\Drivers\MMERefresh.exe" [12/09/2006 01:17 AM]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [04/02/2008 09:07 PM]
"BigDog303"="C:\WINDOWS\VM303_STI.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 03:56 PM]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [04/23/2008 05:45 PM]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [12/17/2007 05:13 PM]
"amva"="C:\WINDOWS\system32\amvo.exe" [04/06/2008 05:50 PM]

C:\Documents and Settings\TAE\Start Menu\Programs\Startup\
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [3/19/2007 6:05:02 AM]
SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [8/29/2003 7:05:35 PM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^TAE^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=C:\Documents and Settings\TAE\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^TAE^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=C:\Documents and Settings\TAE\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^TAE^Start Menu^Programs^Startup^TransBar.lnk]
path=C:\Documents and Settings\TAE\Start Menu\Programs\Startup\TransBar.lnk
backup=C:\WINDOWS\pss\TransBar.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^TAE^Start Menu^Programs^Startup^UberIcon.lnk]
path=C:\Documents and Settings\TAE\Start Menu\Programs\Startup\UberIcon.lnk
backup=C:\WINDOWS\pss\UberIcon.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^TAE^Start Menu^Programs^Startup^Y'z Shadow.lnk]
path=C:\Documents and Settings\TAE\Start Menu\Programs\Startup\Y'z Shadow.lnk
backup=C:\WINDOWS\pss\Y'z Shadow.lnkStartup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
"C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
"C:\Program Files\D-Tools\daemon.exe" -lang 1033

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer]
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C45 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB001" /M "Stylus C45"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
C:\Program Files\Google\Google Talk\googletalk.exe /autostart

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
HDAudPropShortcut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
"C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]
C:\Program Files\MySpace\IM\MySpaceIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SCDEmuApp.exe]
C:\Program Files\PowerISO\SCDEmuApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2]
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
"C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
C:\WINDOWS\UpdReg.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINDVDPatch]
CTHELPER.EXE


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
AutoRun\command- C:\t.com
explore\Command- C:\t.com
open\Command- C:\t.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
AutoRun\command- F:\t.com
explore\Command- F:\t.com
open\Command- F:\t.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
AutoRun\command- H:\OblivionLauncher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
AutoRun\command- L:\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{088132b9-2c4c-11dc-9155-001109d45b54}]
0pen\command- krag.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL krag.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{578d62a0-7cac-11dc-923a-001109d45b54}]
AutoRun\command- H:\t.com
explore\Command- H:\t.com
open\Command- H:\t.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64af7ffa-96a5-41fa-89bb-5ad4adcfcbf1}]
AutoRun\command- F:\t.com
explore\Command- F:\t.com
open\Command- F:\t.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{73ffc575-cf6f-11da-b172-001109d45b54}]
AutoRun\command- New Document.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9657fc56-0e79-11da-9e24-806d6172696f}]
AutoRun\command- C:\t.com
explore\Command- C:\t.com
open\Command- C:\t.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b468edd9-7872-11db-831a-001109d45b54}]
Auto\command- H:\infrom.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL infrom.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d94225d1-cec1-11db-b1f4-001109d45b54}]
0pen\command- krag.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL krag.exe




-- Hosts -----------------------------------------------------------------------

213.189.34.4 auto.search.msn.com
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com

8330 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-05-09 18:23:29 ------------


Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 3.00GHz
CPU 1: Intel® Pentium® 4 CPU 3.00GHz
Percentage of Memory in Use: 32%
Physical Memory (total/avail): 2047.29 MiB / 1390.71 MiB
Pagefile Memory (total/avail): 2752.82 MiB / 2142.26 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1928.68 MiB

A: is Removable (Unformatted)
C: is Fixed (NTFS) - 76.32 GiB total, 7.77 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is Fixed (NTFS) - 186.31 GiB total, 6.1 GiB free.
G: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - Maxtor 6Y080M0 - 76.33 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 76.32 GiB - C:

\\.\PHYSICALDRIVE1 - ST3200826AS - 186.31 GiB - 1 partition
\PARTITION0 - Logical Disk Manager - 186.31 GiB - F:



-- Security Center -------------------------------------------------------------

AUOptions is set to notify before download.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

FW: ZoneAlarm Firewall v7.0.473.000 (Check Point, LTD.)
AV: avast! antivirus 4.8.1169 [VPS 080508-0] v4.8.1169 (ALWIL Software)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Avid\\Avid Xpress Pro\\DiagServer.exe"="C:\\Program Files\\Avid\\Avid Xpress Pro\\DiagServer.exe:*:Disabled:DiagServer"
"C:\\Program Files\\Valve\\Half-Life 2\\hl2.exe"="C:\\Program Files\\Valve\\Half-Life 2\\hl2.exe:*:Disabled:hl2"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Soulseek\\slsk.exe"="C:\\Program Files\\Soulseek\\slsk.exe:*:Enabled:SoulSeek"
"C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\\Program Files\\Microsoft Games\\Rise Of Legends\\legends.exe"="C:\\Program Files\\Microsoft Games\\Rise Of Legends\\legends.exe:*:Enabled:Rise Of Legends"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\Microsoft Games\\Rise of Nations\\thrones.exe"="C:\\Program Files\\Microsoft Games\\Rise of Nations\\thrones.exe:*:Enabled:Rise of Nations"
"C:\\Documents and Settings\\TAE\\Desktop\\utorrent.exe"="C:\\Documents and Settings\\TAE\\Desktop\\utorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:utorrent"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\TAE\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_09\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=VALIS
ComSpec=C:\WINDOWS\system32\cmd.exe
CYGWIN=tty
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\TAE
LOGONSERVER=\\VALIS
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\OpenSSH\bin;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\Common Files\iZotope\Runtimes;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\Avid
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0401
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_09\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\TAE\LOCALS~1\Temp
TMP=C:\DOCUME~1\TAE\LOCALS~1\Temp
tvdumpflags=8
USERDOMAIN=VALIS
USERNAME=TAE
USERPROFILE=C:\Documents and Settings\TAE
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

TAE (admin)
einz (admin)
Administrator (admin)
Guest (guest)


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MTP_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative\SBLive\Program\Ctzapxx.EXE" /X /U /S
--> C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
--> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNNMP.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A731533B-B325-4D9C-91A4-D93C8E294C19}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A731533B-B325-4D9C-91A4-D93C8E294C19}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19822917-61F6-4221-B1D0-1C3B8A06BE60}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19822917-61F6-4221-B1D0-1C3B8A06BE60}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5EEE551B-7692-4D68-91BF-DAD745243AFB}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7550D6AA-CCF3-4FDA-87D6-C2C1B2E5358D}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7550D6AA-CCF3-4FDA-87D6-C2C1B2E5358D}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{80FFF4BA-C102-4102-A4B1-935D9573278B}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{80FFF4BA-C102-4102-A4B1-935D9573278B}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C029DB0E-C59F-417A-90F8-88FD5B2C4AE7}\setup.exe" -l0x9
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uninstall.exe"
3DMark03 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF35F637-72B9-43BE-A281-06EB2854393A}\Setup.exe" -l0x9
6000 Sound Effects --> C:\WINDOWS\uninst.exe -fC:\6KSFX\DeIsL4.isu -cC:\6KSFX\_ISREG32.DLL
a-squared Anti-Malware 3.5 --> "C:\Program Files\a-squared Anti-Malware\unins000.exe"
A4 TECH PC Camera H --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{362483B1-91EB-4CB4-B9BB-3B4B4C644404}\setup.exe" -l0x9 -removeonly
Ableton Live v6.0.7 --> "C:\Program Files\Ableton\Live 6.0.7\unins000.exe"
AC3Filter (remove only) --> C:\Program Files\AC3Filter\uninstall.exe
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Audition 2.0 --> msiexec /I {01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}
Adobe Bridge 1.0 --> MsiExec.exe /I{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 2.0 --> MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903}
Adobe MPEG Encoder --> MsiExec.exe /I{9811A185-3D3D-11D6-9E14-00036D172B00}
Adobe Photoshop CS --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x9
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Reader Japanese Fonts --> MsiExec.exe /I{AC76BA86-7AD7-5760-0000-705000000001}
Advanced RealMedia Export Plug-in for Premiere 6.0 --> C:\Program Files\Adobe\Premiere 6.5\Plug-ins\RNCompiler\rnuninst.exe RealNetworks|RNCompiler|6.0
Antares Autotune DX v4.12 --> C:\PROGRA~1\Antares\AUTOTU~1\ANTARE~1\UNWISE.EXE C:\PROGRA~1\Antares\AUTOTU~1\ANTARE~1\INSTALL.LOG
Antares Filter VST DX v1.0 --> C:\PROGRA~1\Antares\UNINST~1\UNWISE.EXE C:\PROGRA~1\Antares\UNINST~1\INSTALL.LOG
Antares Kantos v1.0 --> C:\PROGRA~1\Antares\kantos\UNINST~1\UNWISE.EXE C:\PROGRA~1\Antares\kantos\UNINST~1\INSTALL.LOG
Antares Microphone Modeler 1.31 DirectX --> C:\PROGRA~1\MicModDX\UNWISE.EXE C:\PROGRA~1\MicModDX\INSTALL.LOG
Antares Tube v1.0 --> C:\PROGRA~1\Antares\TUBEUN~1\UNWISE.EXE C:\PROGRA~1\Antares\TUBEUN~1\INSTALL.LOG
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ARP2600 V --> C:\WINDOWS\unvise32.exe C:\PROGRAM FILES\Arturia\ARP2600 V\uninstal.log
ArtsAcoustic Reverb 1.2.1 --> C:\Program Files\ArtsAcoustic Reverb\uninst.exe
Arturia Minimoog V v1.0 --> C:\PROGRA~1\Arturia\MINIMO~1\UNWISE.EXE C:\PROGRA~1\Arturia\MINIMO~1\INSTALL.LOG
Arturia Moog Modular V2 v1.0 --> C:\PROGRA~1\Arturia\MOOGMO~1\UNWISE.EXE C:\PROGRA~1\Arturia\MOOGMO~1\INSTALL.LOG
ASAPI Update --> C:\WINDOWS\system32\IWUNIN~1.EXE -uninstall C:\WINDOWS\ISUNINST.EXE -fC:\PROGRA~1\VOB\ASAPIU~1\ASAPI.isu
ASIO4ALL --> C:\Program Files\ASIO4ALL v2\uninstall.exe
ASUSDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
AudibleManager --> C:\Program Files\Audible\Bin\Upgrade.exe /Uninstall
Audioease Altiverb v5.4.9 --> "C:\Program Files\Audio Ease\Altiverb 5\Uninstall\unins000.exe"
AudioMulch Interactive Music Studio 1.0 --> "C:\Program Files\AudioMulch 1.0\unins000.exe"
AudioNoise 1.3.1 --> "C:\Program Files\AudioNoise\unins000.exe"
AudioRealism Bassline v1.504 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\AUDIOR~1\Bassline\AUDIOR~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\AUDIOR~1\Bassline\AUDIOR~1\INSTALL.LOG
avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Blogger For Word --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6753BD39-312A-43D0-81FD-B983D776F0C7}\setup.exe" -l0x9 -removeonly
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
C-Media High Definition Audio Driver --> C:\WINDOWS\system32\cmirmdrv.exe
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CDisplay 1.8 --> "C:\Program Files\CDisplay\unins000.exe"
CinemaForge --> C:\WINDOWS\system32\xmforgert.exe c:\program files\CinemaForge\UninstallCF.xmfg
Command & Conquer 3 --> MsiExec.exe /I{B0C30E93-D3D9-4F04-A2AC-54749B573275}
Command & Conquer™ 3: Kane's Wrath --> MsiExec.exe /I{CC2422C9-F7B5-4175-B295-5EC2283AA674}
CopyPod (remove only) --> "C:\Program Files\CopyPod\uninstall.exe"
Creative Audio Pack --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5EEE551B-7692-4D68-91BF-DAD745243AFB}\setup.exe" -l0x9 /remove
Creative MediaSource 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x9 /remove
Creative Removable Disk Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9 /remove
Creative System Information --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
Creative ZEN V Series --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA9D879B-0F98-4059-85A5-D05718A1D6F7}\SETUP.EXE" -l0x9 /remove
Cycling '74 MaxMSP v4.5.5 --> C:\PROGRA~1\CYCLIN~1\MAXMSP~1.5\UNWISE.EXE C:\PROGRA~1\CYCLIN~1\MAXMSP~1.5\INSTALL.LOG
D-Link DU-562M External Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_USB_VID_0572&PID_1300\HXFSETUP.EXE -U -IVID_0572&PID_1300
Darwinia --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Darwinia\Uninst.isu"
dBpowerAMP FLAC Codec --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP FLAC Codec.dat
dBpowerAMP iTunes Encode --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP iTunes Encode.dat
dBpoweramp m4a Codec --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp m4a Codec.dat
dBpowerAMP Music Converter --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
Digidesign Audio Drivers 7.3.1 --> C:\Program Files\InstallShield Installation Information\{9F1D8E17-2AE6-4608-901D-42146D7D9C68}\setup.exe -runfromtemp -l0x0009 -removeonly
Direct Show Ogg Vorbis Filter (remove only) --> "C:\WINDOWS\system32\OggDSuninst.exe"
DivX --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter --> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DSound Stomp'n FX Vol.2 v1.0 --> C:\Audio\STOMPN~1\UNWISE.EXE C:\Audio\STOMPN~1\INSTALL.LOG
DSound Stomp`n FX Vol.1 v1.5 --> C:\Audio\dsound\UNWISE.EXE C:\Audio\dsound\INSTALL.LOG
DVD Decrypter (Remove Only) --> "C:\Program Files\DVD Decrypter\uninstall.exe"
DVD Identifier --> "C:\Program Files\DVD Identifier\Uninst\unins000.exe"
DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
Edirol HQ Orchestral v1.01 --> C:\PROGRA~1\Edirol\ORCHES~1\UNWISE.EXE C:\PROGRA~1\Edirol\ORCHES~1\INSTALL.LOG
Edirol SuperQuartet v1.02 --> C:\PROGRA~1\Edirol\SUPERQ~1\UNWISE.EXE C:\PROGRA~1\Edirol\SUPERQ~1\INSTALL.LOG
eMule --> "C:\Program Files\eMule\Uninstall.exe"
Enigma --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F145099-1224-4C5B-84F2-7AE6DC699F1A}\setup.exe" -l0x9 -removeonly
EPSON PhotoQuicker3.5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x9 uninst
EPSON PRINT Image Framer Tool2.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x9 anything
EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Web-To-Page --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x9 -anything
ESC45 Reference Guide --> C:\Program Files\EPSON\TPMANUAL\ESC45\REF_G\DOCUNINS.EXE
ESC45 Software Guide --> C:\Program Files\EPSON\TPMANUAL\ESC45\PQU_G\DOCUNINS.EXE
ffdshow (remove only) --> "C:\Program Files\ffdshow\uninstall.exe"
FLAC Installer 1.1.2a (remove only) --> C:\Program Files\FLAC\uninstall.exe
Flickr Uploadr 2.5.0.15 --> "C:\Program Files\Flickr Uploadr\uninstall.exe"
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Talk (remove only) --> "C:\Program Files\Google\Google Talk\uninstall.exe"
GRM Tools VST v1.0 --> C:\WINDOWS\UNWISE.EXE C:\Audio\STEINB~1\GRMtools\grmtool.LOG
HALion v1.0 VSTi --> C:\PROGRA~1\STEINB~1\VSTPLU~1\Halion\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\Halion\HALion.log
High Definition Audio Driver Package - KB835221 --> C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hitman Blood Money --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}\setup.exe" -l0x9 -removeonly
iCF Skin Pack --> C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\Uninstall Skin Pack.exe
iColorFolder --> C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\uninstall.exe
IK Multimedia Amplitube v1.3 --> C:\PROGRA~1\IKMULT~1\AMPLIT~1\UNWISE.EXE C:\PROGRA~1\IKMULT~1\AMPLIT~1\INSTALL.LOG
Infinity 2.04 --> C:\PROGRA~1\SOUNDQ~1\Infinity\UNWISE.EXE C:\PROGRA~1\SOUNDQ~1\Infinity\INSTALL.LOG
InterLok Driver Kit --> MsiExec.exe /X{1A24F9E8-009D-40FC-ABED-2AAFFAB0F4F0}
iPod for Windows 2006-03-23 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB} /l1033
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
iZotope Ozone v3.04 --> C:\PROGRA~1\iZotope\OZONE3~1\UNINST~1\UNWISE.EXE C:\PROGRA~1\iZotope\OZONE3~1\UNINST~1\INSTALL.LOG
iZotope Vinyl --> "C:\Program Files\iZotope\Vinyl\unins000.exe"
J2SE Runtime Environment 5.0 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Kaspersky Online Scanner --> C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
Lexicon PSP 42 VST DX v1.0 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\LEXICO~1\Log\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\LEXICO~1\Log\INSTALL.LOG
M-Audio Reason Control Surface --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F72DD596-F857-463C-AA43-647B45FCE14D}\setup.exe" -l0x9 -removeonly
M-Audio Series II MIDI --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{379BD39E-F13E-458F-96D8-56BD7F2CC516}\setup.exe" -l0x9 -removeonly
Macromedia Dreamweaver 8 --> MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9}
Macromedia Extension Manager --> MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Flash 8 --> MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Macromedia Flash 8 Video Encoder --> MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Matroska Pack - Lazy Man's MKV 0.94 (2004-11-11) --> "C:\Program Files\LD-Anime\unins000.exe"
Matroska Pack (remove only) --> C:\Program Files\Matroska Pack\Uninstall.exe
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft OpenType Font Properties Extension (Remove Only) --> RunDll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\system32\ShellExt\TTFExt.inf, UninstallNT
Microsoft Text-to-Speech Engine 4.0 (English) --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msTTSf22.inf, Uninstall
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Music Assistant --> rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall
MSXML4 Parser --> MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Native Instruments - Rig Kontrol 2 Driver --> C:\Program Files\Native Instruments\Rig Kontrol 2 Driver\uninst.exe Software\Native Instruments\Rig Kontrol 2 Driver\Setup
Native Instruments Absynth 2 --> C:\PROGRA~1\NATIVE~1\ABSYNT~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\ABSYNT~1\INSTALL.LOG
Native Instruments Absynth 3 --> C:\PROGRA~1\NATIVE~1\ABSYNT~2\UNWISE.EXE C:\PROGRA~1\NATIVE~1\ABSYNT~2\INSTALL.LOG
Native Instruments B4 II --> C:\PROGRA~1\NATIVE~1\B4II~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\B4II~1\INSTALL.LOG
Native Instruments B4 v1.11 --> C:\PROGRA~1\NATIVE~1\B4\UNWISE.EXE C:\PROGRA~1\NATIVE~1\B4\INSTALL.LOG
Native Instruments Battery v2.1 --> C:\PROGRA~1\NATIVE~1\BATTER~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\BATTER~1\INSTALL.LOG
Native Instruments FM7 --> C:\PROGRA~1\NATIVE~1\Fm7\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Fm7\INSTALL.LOG
Native Instruments GuitarRig2 RTAS VSTi DXi --> C:\PROGRA~1\NATIVE~1\GUITAR~2\UNWISE.EXE C:\PROGRA~1\NATIVE~1\GUITAR~2\INSTALL.LOG
Native Instruments Kontakt 2 --> C:\PROGRA~1\NATIVE~1\KONTAK~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\KONTAK~1\INSTALL.LOG
Native Instruments Reaktor 4 --> C:\PROGRA~1\NATIVE~1\REAKTO~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~1\INSTALL.LOG
Native Instruments Reaktor 4.0 --> C:\PROGRA~1\NATIVE~1\REAKTO~1\UNINST~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~1\UNINST~1\install.log
Native Instruments Reaktor v5.1.0 --> C:\PROGRA~1\NATIVE~1\REAKTO~2\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~2\INSTALL.LOG
Nero Suite --> C:\Program Files\Common Files\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""
NI Reaktor Electronic Instruments Vol.1 for Reaktor 4 --> C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\REAKTO~1.1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\REAKTO~1.1\INSTALL.LOG
Nokia Connectivity Cable Driver --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{3D249F10-79EC-48D4-93E5-C470ABE523FA} /l2057
Nokia PC Suite --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{617095DB-B523-4D11-BBFD-2D74C2AD98B8} /l2057
Nomad Factory Blue Tubes Bundle v2.0 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\NOMADF~1\BLUETU~1\NOMADF~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\NOMADF~1\BLUETU~1\NOMADF~1\INSTALL.LOG
Nomad Factory Liquid Bundle VST v1.6 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\NOMADF~1\LIQUID~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\NOMADF~1\LIQUID~1\INSTALL.LOG
Nomad Factory Rock Amp Legends VST v1.0 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\NOMADF~2\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\NOMADF~2\INSTALL.LOG
NomadFactory Blue Tubes Analog TrackBox VST RTAS v1.0 --> "C:\Program Files\Nomad Factory\Uninstall\unins000.exe"
NomadFactory Blue Tubes Equalizers Pack VST RTAS v3.0 --> "C:\Program Files\Nomad Factory\Uninstall\unins001.exe"
Nuendo Dolby Digital Encoder 1.01 --> C:\PROGRA~1\SPECTR~1\UNINST~1\NUENDO~1\UNWISE.EXE C:\PROGRA~1\SPECTR~1\UNINST~1\NUENDO~1\INSTALL.LOG
Nuendo Surround Edition v1.5 --> C:\PROGRA~1\STEINB~1\Nuendo\VSTPLU~1\Surround\SURROU~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\Nuendo\VSTPLU~1\Surround\SURROU~1\INSTALL.LOG
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
oggcodecs 0.71.0946 --> C:\Program Files\illiminable\oggcodecs\uninst.exe
Ohm Force Hematohm VST2 v1.0 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\HEMATO~1\UNINST~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\HEMATO~1\UNINST~1\INSTALL.LOG
Ohmforce Ohmboyz VST PRO v1.31 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\OHMFOR~1\OHMBOY~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\OHMFOR~1\OHMBOY~1\INSTALL.LOG
Ohmforce Predatohm VST2 PRO v1.10 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\OHMFOR~1.10P\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\OHMFOR~1.10P\INSTALL.LOG
OpenSSH for Windows (remove only) --> "C:\Program Files\OpenSSH\uninstall.exe"
Opera 9.24 --> MsiExec.exe /X{16913489-B5E3-403E-AFD3-2B19BBE464D4}
Pack Vista Inspirat 2 1.0 --> C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
PDFCreator --> "C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_5593.exe" -hu _?=C:\Program Files\PDFCreator Toolbar
PDFCreator Toolbar --> "C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_5593.exe" _?=C:\Program Files\PDFCreator Toolbar
PerfectDisk --> MsiExec.exe /I{212F5777-1190-4DEF-8E4D-6B2F313B45E7}
PIF DESIGNER2.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBAB8CE2-6AE2-497C-A745-67A61134E72C}\SETUP.EXE" -l0x9 anything
PowerISO --> "C:\Program Files\PowerISO\uninstall.exe"
PSP 84 v1.0 --> C:\PROGRA~1\PSP84~1\UNWISE.EXE C:\PROGRA~1\PSP84~1\INSTALL.LOG
PSP Audioware MasterQ DX VST v1.0 --> C:\PROGRA~1\PSPAUD~1\MasterQ\UNWISE.EXE C:\PROGRA~1\PSPAUD~1\MasterQ\INSTALL.LOG
PSP EasyVerb 1.0 --> C:\WINDOWS\iun506.exe C:\Program Files\PSP EasyVerb 1.0\irunin.ini
PSP Nitro VST and DX 1.0 --> C:\WINDOWS\iun6002.exe "C:\Program Files\PSP Nitro\irunin.ini"
PSP StereoPack 1.6 --> C:\WINDOWS\iun506.exe C:\Program Files\PSPaudioware.com\PSP StereoPack\irunin.ini
PSP VintageWarmer v1.5d --> C:\PROGRA~1\PSPVIN~1\UNWISE.EXE C:\PROGRA~1\PSPVIN~1\INSTALL.LOG
PSP_Audioware_Mastercomp_DX_RTAS_VST_v1.0-PLZ --> C:\PROGRA~1\PSP_AU~1\MASTER~1\UNWISE.EXE C:\PROGRA~1\PSP_AU~1\MASTER~1\INSTALL.LOG
Quadrafuzz v1.0 --> C:\WINDOWS\UNWISE.EXE C:\Audio\STEINB~1\QUADRA~1\INSTALL.LOG
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
Reaktor 4 user Library Part1 --> C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\INSTALL.LOG
Reaktor 4 user Library Part2 --> C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\Special\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\Special\INSTALL.LOG
Reaktor 4 User Library Part3 --> C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\SYNTHE~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\SYNTHE~1\INSTALL.LOG
Reaktor v4 user Library Part 10 --> C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\Special\DOODLE~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\Special\DOODLE~1\INSTALL.LOG
Reaktor v4 user Library Part 11 --> C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\macros\VK_2_7~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\macros\VK_2_7~1\INSTALL.LOG
Reaktor v4 user Library Part 12 --> C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\12_UNI~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\12_UNI~1\INSTALL.LOG
Reaktor v4 user Library Part 4 --> C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\macros\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\macros\INSTALL.LOG
Reaktor v4 user Library Part 5 --> C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\macros\Rte\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\macros\Rte\INSTALL.LOG
Reaktor v4 user Library Part 6 --> C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\Studios\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\Studios\INSTALL.LOG
Reaktor v4 user Library Part 7 --> C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\Studios\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\Studios\INSTALL.LOG
Reaktor v4 user Library Part 8 --> C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\SYNTHE~1\string\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\SYNTHE~1\string\INSTALL.LOG
Reaktor v4 user Library Part 9 --> C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\SEQUEN~1\NO!TRO~1.01B\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\SEQUEN~1\NO!TRO~1.01B\INSTALL.LOG
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Recuva (remove only) --> "C:\Program Files\Recuva\uninst.exe"
ReCycle 2.0 --> C:\PROGRA~1\PROPEL~1\ReCycle\UNWISE.EXE C:\PROGRA~1\PROPEL~1\ReCycle\INSTALL.LOG
ReValver --> "C:\Program Files\Alien Connections\ReValver\alloff.exe" C:\WINDOWS\uninst.exe -f"C:\Program Files\Alien Connections\ReValver\DeIsL1.isu" -cC:\PROGRA~1\ALIENC~1\ReValver\_ISREG32.DLL
ScanToWeb --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\SETUP.EXE" ADDREMOVEDLG
Security Update for Excel 2007 (KB946974) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
Security Update for Office 2007 (KB934062) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}
Security Update for Office 2007 (KB947801) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
Security Update for Outlook 2007 (KB946983) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
Security Update for Publisher 2007 (KB936646) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A32E4BAF-6477-45FA-B8AB-E743FA8D63FF}
Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}
Security Update for Visio 2007 (KB947590) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Sentinel Protection Installer 7.3.2 --> MsiExec.exe /I{EDFE2142-CFB3-44AB-A961-DE85F6408A28}
Shockwave --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Sibelius 4 --> C:\PROGRA~1\SIBELI~1\SIBELI~1\UNWISE.EXE C:\PROGRA~1\SIBELI~1\SIBELI~1\INSTALL.LOG
Skype™ 3.8 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sony Sound Forge 8.0 --> MsiExec.exe /X{767572FD-4D01-4FA3-B0A6-4B09FB2CFC37}
SoulSeek Client 156c --> "C:\Program Files\Soulseek\uninstall.exe"
Sound Blaster Live! Web 2K/XP --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FCAADB8-EB1B-11D6-AB2D-0090271A23A2}\Setup.exe" -l0x9
Spelling Dictionaries Support For Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
SpinAudio 3DDelays 1.0 --> C:\Program Files\Spin Audio\Common\uninst.exe "3DDelays"
SpinAudio 3DPanner Motion Effects 1.0 --> C:\Program Files\Spin Audio\Common\uninst.exe "3DPanner Motion Effects"
SpinAudio 3DPanner Studio 1.0 --> C:\Program Files\Spin Audio\Common\3dpsunin.exe
SpinAudio ASIO FX Processor 1.0 --> C:\Program Files\Spin Audio\Common\uninstpr.exe "ASIO FX Processor"
SpinAudio FX Designer 1.0 --> C:\Program Files\Spin Audio\Common\uninst.exe "FX Designer"
SpinAudio SpinDelay 1.2 --> C:\Program Files\Spin Audio\Common\uninst.exe "SpinDelay"
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spybot - Search & Destroy 1.5.2.20 --> "C:\WINDOWS\unins000.exe"
SpywareBlaster 4.0 --> "C:\Program Files\SpywareBlaster\unins000.exe"
SpywareGuard v2.2 --> "C:\Program Files\SpywareGuard\unins000.exe"
Steinberg Cubase SX 3 --> "C:\Program Files\Steinberg\Cubase SX 3\Uninstall.exe" "C:\Program Files\Steinberg\Cubase SX 3\install.log"
Steinberg GRM Tools Vol.2 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\GRMTOO~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\GRMTOO~1\INSTALL.log
Steinberg HALion v2.0 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\HALION~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\HALION~1\INSTALL.LOG
Steinberg Hypersonic v1.12.808 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\HYPERS~1\HYPERS~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\HYPERS~1\HYPERS~1\INSTALL.LOG
Steinberg Magneto VST v1.5 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\Magneto\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\Magneto\INSTALL.LOG
Steinberg Nuendo v3.2.0.1128 --> C:\PROGRA~1\STEINB~1\NUENDO~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\NUENDO~1\INSTALL.LOG
Steinberg V-STack V1.2.0.22 --> C:\PROGRA~1\STEINB~1\V-STack\UNWISE.EXE C:\PROGRA~1\STEINB~1\V-STack\INSTALL.LOG
Steinberg Virtual Bassist v1.0.0.504 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\VIRTUA~1\INSTALL.LOG
Steinberg VoiceMachine v1.0 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\STEINB~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\STEINB~1\INSTALL.LOG
Steinberg WaveLab 5.01a --> C:\PROGRA~1\STEINB~1\WaveLab\UNWISE.EXE C:\PROGRA~1\STEINB~1\WaveLab\INSTALL.LOG
Steinberg WaveLab v3.03d --> C:\PROGRA~1\STEINB~1\WaveLab\UNWISE.EXE C:\PROGRA~1\STEINB~1\WaveLab\INSTALL.LOG
Syncrosoft's License Control --> C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG
SyncroSoft Emu (Remove only) --> C:\Program Files\SyncroSoft\Pos\H2O\Uninst.exe
Synful Orchestra DXi/VSTi v2.22 --> C:\PROGRA~1\Synful\SYNFUL~1\UNWISE.EXE C:\PROGRA~1\Synful\SYNFUL~1\INSTALL.LOG
T-RackS 24 v2.0.1 --> C:\Audio\IKMULT~1\T-RACK~1\UNWISE.EXE C:\Audio\IKMULT~1\T-RACK~1\INSTALL.LOG
TC Native Essentials 2.02 --> C:\PROGRA~1\TCWorks\TCNativeEssentials202\UninstallTCEssentials.exe C:\PROGRA~1\TCWorks\TCNativeEssentials202\INSTALL.LOG
TC.Works.Native.Bundle.v3.0.VST.WinAll-cRime --> C:\PROGRA~1\TCNATI~1\UNWISE.EXE C:\PROGRA~1\TCNATI~1\INSTALL.LOG
The Sims 2 --> C:\Program Files\EA GAMES\The Sims 2\EAUninstall.exe
The Sims 2 Family Fun Stuff --> C:\Program Files\EA GAMES\The Sims 2 Family Fun Stuff\EAUninstall.exe
The Sims 2 Glamour Life Stuff --> C:\Program Files\EA GAMES\The Sims 2 Glamour Life Stuff\EAUninstall.exe
The Sims 2 Nightlife --> C:\Program Files\EA GAMES\The Sims 2 Nightlife\EAUninstall.exe
The Sims 2 Open For Business --> C:\Program Files\EA GAMES\The Sims 2 Open For Business\EAUninstall.exe
The Sims 2 Pets --> C:\Program Files\EA GAMES\The Sims 2 Pets\EAUninstall.exe
The Sims 2 University --> C:\Program Files\EA GAMES\The Sims 2 University\EAUninstall.exe
Timeworks Millenium Pack --> C:\Audio\TIMEWO~1\UNWISE.EXE C:\Audio\TIMEWO~1\INSTALL.LOG
Timeworks ReverbX --> C:\PROGRA~1\TIMEWO~1\ReverbX\UNWISE.EXE C:\PROGRA~1\TIMEWO~1\ReverbX\INSTALL.LOG
Tweak UI --> "C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
Unix Utilities for Yahoo! Widgets --> C:\Program Files\Yahoo!\Yahoo! Widget Engine\UnixUtils\uninstall.exe
Update for Office 2007 (KB932080) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
Update for Office 2007 (KB934391) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
Update for Office 2007 (KB934393) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}
Update for Office 2007 (KB946691) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb949037) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B4F188C6-6DBF-42A5-A8A3-3086D1A384F2}
Update for Word 2007 (KB934173) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475}
Venue InterLok Driver Kit --> MsiExec.exe /X{5684CDBB-5CB8-4E26-9F19-9DF037C143AC}
VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
VobSub v2.23 (Remove Only) --> "C:\Program Files\Gabest\VobSub\uninstall.exe"
Vodei Multimedia Processor 2.00 --> C:\Program Files\Vodei\uninst.exe
VP-EYE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC17B2BE-BA6F-4696-8E5D-ED2A62981CDA}\setup.exe" -l0x9
Warp VST V1.0 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\WARPVS~1.0\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\WARPVS~1.0\INSTALL.LOG
Wave Arts Power Suite --> C:\PROGRA~1\WAVEAR~1\UNWISE.EXE C:\PROGRA~1\WAVEAR~1\INSTALL.LOG
Waves Diamond Bundle v5.0 --> C:\PROGRA~1\Waves\UNINST~3\UNWISE.EXE C:\PROGRA~1\Waves\UNINST~3\INSTALL.LOG
Waves Gold Processors 3.5 --> C:\PROGRA~1\Waves\WAVES3~1\UNWISE.EXE C:\PROGRA~1\Waves\WAVES3~1\INSTALL.LOG
Waves Musicians Bundle v5.0 --> C:\PROGRA~1\Waves\UNINST~2\UNWISE.EXE C:\PROGRA~1\Waves\UNINST~2\INSTALL.LOG
Waves Transform Bundle v5.0 --> C:\PROGRA~1\Waves\UNINST~1\UNWISE.EXE C:\PROGRA~1\Waves\UNINST~1\INSTALL.LOG
WIBU-KEY Setup (WIBU-KEY Remove) --> C:\Program Files\WIBUKEY\Setup\SETUP32.EXE /R:{00060000-0000-1004-8002-0000C06B5161}
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Workrave 1.8.4 --> "C:\Program Files\Workrave\unins000.exe"
Yahoo! Anti-Spy --> C:\PROGRA~1\Yahoo!\Common\unypsr.exe
Yahoo! Browser Services --> C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
Yahoo! Browser Services --> C:\PROGRA~1\Yahoo!\Common\unyext.exe
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! ¤u¨ă¦C --> C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
Yahoo! Widgets --> C:\PROGRA~1\Yahoo!\YAHOO!~1\uninstall.exe
ZENcast Organizer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C029DB0E-C59F-417A-90F8-88FD5B2C4AE7}\setup.exe" -l0x9 /remove
ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
ZoneAlarm Spy Blocker --> rundll32 C:\PROGRA~1\ZONEAL~1\bar\1.bin\SpyBlock.dll,O


-- Application Event Log -------------------------------------------------------

Event Record #/Type23374 / Warning
Event Submitted/Written: 05/09/2008 08:22:52 AM
Event ID/Source: 1015 / MsiInstaller
Event Description:
Failed to connect to server. Error: 0x8007043C

Event Record #/Type23354 / Error
Event Submitted/Written: 05/09/2008 02:32:31 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application a2wizard.exe, version 3.5.0.23, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type23344 / Error
Event Submitted/Written: 05/09/2008 02:25:24 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application boc426.exe, version 4.2.6.1, faulting module unknown, version 0.0.0.0, fault address 0x0014e6f0.
Processing media-specific event for [boc426.exe!ws!]

Event Record #/Type23342 / Error
Event Submitted/Written: 05/09/2008 02:14:45 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application firefox.exe, version 1.8.20080.40413, faulting module firefox.exe, version 1.8.20080.40413, fault address 0x00440d9b.
Processing media-specific event for [firefox.exe!ws!]

Event Record #/Type23330 / Warning
Event Submitted/Written: 05/08/2008 07:59:59 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type5672 / Error
Event Submitted/Written: 05/09/2008 06:23:13 PM
Event ID/Source: 10010 / DCOM
Event Description:
The server {222F1C6D-F430-4B76-B3F1-1FE92E214AD3} did not register with DCOM within the required timeout.

Event Record #/Type5667 / Error
Event Submitted/Written: 05/09/2008 05:08:00 PM
Event ID/Source: 7901 / Schedule
Event Description:
The At1.job command failed to start due to the following error:
%%2147942402

Event Record #/Type5666 / Warning
Event Submitted/Written: 05/09/2008 04:31:51 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type5665 / Error
Event Submitted/Written: 05/09/2008 04:27:21 PM
Event ID/Source: 1003 / System Error
Event Description:
Error code 0000001a, parameter1 00041284, parameter2 c351c001, parameter3 0000a1cc, parameter4 c0c00000.

Event Record #/Type5645 / Error
Event Submitted/Written: 05/09/2008 04:26:28 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
d347bus



-- End of Deckard's System Scanner: finished at 2008-05-09 18:23:29 ------------

BC AdBot (Login to Remove)

 


#2 Tengal

Tengal
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:05:03 PM

Posted 09 May 2008 - 07:35 AM

By the way, I tried scanning my computer using the Kapersky Online Scan, and it was going fine and detected 3 viruses... then in the middle of like 3%... BOOM! My computer crashes and restarts. :thumbsup:
I tried scanning using spybot in safemode and it aborts it automatically. "Aborted by user"... but I didn't even touch it.
Looks like I can't scan my computer anymore...
Crazzzy. hehe.
Any help?
Thanks in advance!
:)


Here is the error signature

Error Signiture

BCCode : 4e BCP1 : 00000002 BCP2 : 0000DF8C BCP3 : 0007FFBF
BCP4 : 0000FFFF OSVer : 5_1_2600 SP : 2_0 Product : 256_1


and the technical error report

error report

C:\DOCUME~1\TAE\LOCALS~1\Temp\WER25bf.dir00\Mini050908-05.dmp
C:\DOCUME~1\TAE\LOCALS~1\Temp\WER25bf.dir00\sysdata.xml

Edited by Tengal, 09 May 2008 - 07:47 AM.


#3 Tengal

Tengal
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:05:03 PM

Posted 09 May 2008 - 11:18 AM

Hello, I tried scanning again and this time it went through.
Here's my Scan report.
Thanks.

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Saturday, May 10, 2008 12:08:22 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 9/05/2008
Kaspersky Anti-Virus database records: 749055
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\

Scan Statistics:
Total number of scanned objects: 272040
Number of viruses found: 5
Number of infected objects: 67
Number of suspicious objects: 2
Duration of the scan process: 02:51:02

Infected Object Name / Virus Name / Last Action
C:\autorun.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\Deckard\System Scanner\backup\DOCUME~1\TAE\LOCALS~1\Temp\xdx9qx7p.dll Infected: Trojan-PSW.Win32.OnLineGames.zzk skipped
C:\Deckard\System Scanner\backup\WINDOWS\Downloaded Program Files\popcaploader.dll Infected: not-a-virus:Downloader.Win32.PopCap.a skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolWWWSearchToonComics.zip/ld.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolWWWSearchToonComics.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\TAE\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\TAE\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\TAE\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\TAE\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\TAE\Local Settings\History\History.IE5\MSHist012008050920080510\index.dat Object is locked skipped
C:\Documents and Settings\TAE\Local Settings\Temp\xdx9qx7p.dll Infected: Trojan-PSW.Win32.OnLineGames.zzk skipped
C:\Documents and Settings\TAE\Local Settings\Temp\~DF7B81.tmp Object is locked skipped
C:\Documents and Settings\TAE\Local Settings\Temp\~DF8596.tmp Object is locked skipped
C:\Documents and Settings\TAE\Local Settings\Temp\~DFFB9E.tmp Object is locked skipped
C:\Documents and Settings\TAE\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\TAE\ntuser.dat Object is locked skipped
C:\Documents and Settings\TAE\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswAr.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\DAEMON Tools\SetupDTSB.exe Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\Program Files\OpenSSH\var\log\OpenSSHd.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0561263.dll Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0561265.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0561266.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0561349.dll Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0561350.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0561351.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0562352.dll Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0562353.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0562354.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0562399.dll Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0562400.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0562401.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0564516.exe Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0564517.dll Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0564518.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0564519.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0564544.dll Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0564546.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0564547.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0567612.exe Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0567613.dll Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0567614.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0567615.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0568655.exe Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0568656.dll Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0568657.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0568658.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0568671.dll Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0568673.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0568674.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP776\A0568707.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP776\A0568708.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP776\A0570675.dll Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP776\A0570677.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP776\A0570678.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP776\change.log Object is locked skipped
C:\t.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped
C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped
C:\WINDOWS\Internet Logs\VALIS.ldb Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\amvo.exe Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\WINDOWS\system32\amvo0.dll Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped
C:\WINDOWS\system32\config\OSession.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.dat Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.idx Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_17c.dat Object is locked skipped
C:\WINDOWS\Temp\ZLT00fd4.TMP Object is locked skipped
C:\WINDOWS\Temp\ZLT03b9c.TMP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\{00000002-00000000-00000000-00001102-00000002-80401102}.CDF Object is locked skipped
F:\autorun.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0561267.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0561268.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0561352.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0561353.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0562355.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0562356.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0562402.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0562403.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0564520.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP774\A0564521.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0564548.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0564549.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0567616.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0567617.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0568659.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0568660.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0568676.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP775\A0568677.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP776\A0568709.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP776\A0568710.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP776\A0570679.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP776\A0570680.inf Infected: Trojan-PSW.Win32.OnLineGames.zll skipped
F:\System Volume Information\_restore{6B39D86B-7E72-447D-8353-25AFFE9F6570}\RP776\change.log Object is locked skipped
F:\t.com Infected: Trojan-PSW.Win32.OnLineGames.zll skipped

Scan process completed.

#4 RenatoMejias

RenatoMejias

  • Malware Response Team
  • 913 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:03 AM

Posted 12 May 2008 - 08:32 PM

Hi, Welcome to Bleeping Computer Forums!

My name is Renato Mejias, and I will help you to solve your problems :thumbsup:.

You might want to save this page on your favorites, so you can find it again when you return.

Please take note of the following:
  • I will be handling your log and helping you, please do not make any system changes yet.
  • The process is not instant. Please continue to review my answers until I tell you that your computer is clean. Be patience.
  • The fixes are specific to your problem and should only be used for this issue on this machine
  • If there's anything that you don't understand, please ask your question(s) before proceeding with the fixes.
  • Please reply to this thread. Do not start a new topic.

Renato Victor Mejias
Malware help in portuguese
jetian6yw.jpg

#5 Tengal

Tengal
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:05:03 PM

Posted 14 May 2008 - 04:34 AM

hi renato,

i fixed my computer already. and it's all clean.
thanks for volunteering to help though!
appreciate it.
i'll close this thread now.
thanks!

#6 don77

don77

    Forum Regular


  • Members
  • 3,212 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Boston Mass
  • Local time:04:03 AM

Posted 14 May 2008 - 08:32 AM

Closed per users request




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users