Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

WindowsExplorer dies when right-click is done


  • This topic is locked This topic is locked
24 replies to this topic

#1 marentoft

marentoft

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Location:New Jersey, USA
  • Local time:09:15 PM

Posted 19 November 2008 - 11:00 PM

When I right-click on - say - 'a-disk' there is a long pause and then w-explorer dies, usually with a message that an error is forcing it to close, and usually with an error-send message box. After the box is closed w-explorer either goes away or freezes and sometimes I have to restart - not always. Also my computer is very slow bringing up websites with IE (ie7) or firefox, and i have been unable to access windows update thru IE/tools, etc. I don't know if this is a virus or trojan problem or what. I have several virus checkers that I run frequently, but only Avast runs all the time. Extensive Google and other searches have not helped with the inability to get to windows-update, but I do have it auto-scheduled to run late at night, so the only thing needing update for this was Defender - when I used your w-update web address surprise! - that link worked, but then it that wouldn't update successfully so I did a delete/install.

Av/security type stuff I have on hand: ad-aware, antivir, avast, awcl, ccleaner, cwshredder, easycleaner, fsbl,hazard shield, jv16-power-tools, pavark, regclean,rootkit revealer, rubotted, aboutbuster, ms-malicious-software-removal-tool, spybot-s&d, spyware terminator, spywareblaster, spywareguard, startup-monitor, threatfire, win-defender, winpatrol, but note that I run these manually on a fairly regular basis. Firewall is Comodo.




Here's the Hijack-log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:33:37 PM, on 11/19/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\PRISMSVR.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\PRISMSVC.EXE
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ThreatFire\TFService.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\StartupMonitor.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Comodo\Firewall\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Dell Wireless\PRISMCFG.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Whiz Kid Technomagic\Keep My IP-1.0\KeepMyIP.exe
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\RDN55M93\stinger[1].exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Hazard Shield] C:\WINDOWS\system32\hzrTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\Comodo\Firewall\cfp.exe" -h
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Wireless USB 2.0 WLAN Card Utility.lnk = ?
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {037790A6-1576-11D6-903D-00105AABADD3} (Seagull Web-to-Host Control Module v4) - https://inform.bankofny.com/mfsaccess/controls/sglw2hcm.ocx
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} (Scanner.SysScanner) - http://i.dell.com/images/global/js/scanner/SysProExe.cab
O16 - DPF: {4CCA4E6B-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/instal...tallMgr_v01.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1164026620843
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1164085681250
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775F} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlabsli.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://jpass.bankofny.com/dana-cached/setu...perSetupSP1.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O20 - AppInit_DLLs: C:\WINDOWS\system32\cssdll32.dll C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O20 - Winlogon Notify: sudown - C:\WINDOWS\SYSTEM32\sudown.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BOCore - Unknown owner - (no file)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DQMNZG - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DQMNZG.exe (file missing)
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: HazardShield - Unknown owner - C:\WINDOWS\system32\hzrController.exe
O23 - Service: Iomega App Services - Unknown owner - (no file)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: JPTGA - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JPTGA.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\WINDOWS\system32\IoctlSvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: PRISMSVC - Conexant Systems, Inc. - C:\WINDOWS\system32\PRISMSVC.EXE
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
O23 - Service: UTUF - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\UTUF.exe (file missing)
O23 - Service: ZCDI - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ZCDI.exe (file missing)

--
End of file - 14155 bytes


Any help and/or advice that you can give will be greatly appreciated.

Thanks in advance

MArentoft

BC AdBot (Login to Remove)

 


#2 mas_pogi

mas_pogi

    Carpal Tunnel of Love


  • Members
  • 1,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tokyo, JP
  • Local time:09:15 PM

Posted 20 November 2008 - 08:52 PM

Hello marentoft,

My name is Mas_pogi(mark,mp) and I will be helping you with your Malware problem.
As I am still in training I will be helping you under supervision of our expert teachers, so there may be a delay between posts.

Please do not run any other tool untill instructed to do so!
Please reply to this thread, do not start another!
Please tell me about any problems that have occurred during the fix.
Please tell me of any other symptoms you may be having as these can help also.
Please try as much as possible not to run anything while executing a fix.

If you still need help, please follow the instruction below;
  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
With Regards,
mas_pogi

#3 marentoft

marentoft
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Location:New Jersey, USA
  • Local time:09:15 PM

Posted 21 November 2008 - 10:45 AM

Hello Mas_Pogi,



Hello Mas_Pogi,

#4 marentoft

marentoft
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Location:New Jersey, USA
  • Local time:09:15 PM

Posted 21 November 2008 - 11:12 AM

Hello Mas_Pogi,

Thanks for the prompt reply.

1. During the fix - Housecall would not run for me. It would get about 1/2 way into the preliminary update and then freeze.

2. Other symptoms - Firefox - I start to type an entry and the screen stops accepting the typing - sort of like a freeze - then after awhile - 10-15 seconds usually it will come back and operate normally. IE7 actually allowed me to get to Windows update after I sent in the log to you, but froze during the validation process. I had built a slipstream disc for my computer about 4 months ago - Win Xp Pro and SP3 - figuring that I might have to do a clean install - something I would like to avoid - and found that when I tested the ability to recognize the disc the computer would not comply - a 'hal.dll' error I think - I can recheck that later if you want but would rather not do it now. Finally the computer will not accept an upgrade graphics card - going from ATI Radeon x/300/550/1050 series ) Dell 2001 FP to an ATI x1300 256M DDR2 PCI-E - which should be OK - but will not even light up the monitor. Most of these things are not that big a deal -the computer still runs pretty well in general - but they nag at me, make me think I've got a bug.



3. Here's the first txt:

Logfile of random's system information tool 1.04 (written by random/random)
Run by Administrator at 2008-11-21 10:40:58
Microsoft Windows XP Professional Service Pack 3
System drive C: has 130 GB (56%) free of 232 GB
Total RAM: 3582 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:42:37 AM, on 11/21/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\PRISMSVR.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\PRISMSVC.EXE
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ThreatFire\TFService.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\StartupMonitor.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Comodo\Firewall\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Dell Wireless\PRISMCFG.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Whiz Kid Technomagic\Keep My IP-1.0\KeepMyIP.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Download\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Hazard Shield] C:\WINDOWS\system32\hzrTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\Comodo\Firewall\cfp.exe" -h
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Wireless USB 2.0 WLAN Card Utility.lnk = ?
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {037790A6-1576-11D6-903D-00105AABADD3} (Seagull Web-to-Host Control Module v4) - https://inform.bankofny.com/mfsaccess/controls/sglw2hcm.ocx
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} (Scanner.SysScanner) - http://i.dell.com/images/global/js/scanner/SysProExe.cab
O16 - DPF: {4CCA4E6B-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/instal...tallMgr_v01.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1164026620843
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1164085681250
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775F} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlabsli.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://jpass.bankofny.com/dana-cached/setu...perSetupSP1.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O20 - AppInit_DLLs: C:\WINDOWS\system32\cssdll32.dll C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O20 - Winlogon Notify: sudown - C:\WINDOWS\SYSTEM32\sudown.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BOCore - Unknown owner - (no file)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DQMNZG - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DQMNZG.exe (file missing)
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: HazardShield - Unknown owner - C:\WINDOWS\system32\hzrController.exe
O23 - Service: Iomega App Services - Unknown owner - (no file)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: JPTGA - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JPTGA.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\WINDOWS\system32\IoctlSvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: PRISMSVC - Conexant Systems, Inc. - C:\WINDOWS\system32\PRISMSVC.EXE
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
O23 - Service: UTUF - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\UTUF.exe (file missing)
O23 - Service: ZCDI - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ZCDI.exe (file missing)

--
End of file - 14063 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1164863255.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A368E80-174F-4872-96B5-0B27DDD11DB2}]
SpywareGuardDLBLOCK.CBrowserHelper - C:\Program Files\SpywareGuard\dlprotect.dll [2003-08-02 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2008-09-21 5759816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-18 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-11-05 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-29 652784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-18 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-18 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
Ask Toolbar BHO - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [2008-09-21 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2008-09-21 5759816]
{A057A204-BACC-4D26-9990-79A187E2698E}
SITEguard
{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - Ask Toolbar - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [2008-09-21 262144]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-11-05 2403392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Run StartupMonitor"=C:\WINDOWS\StartupMonitor.exe [2000-05-20 86016]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-01 61440]
"Hazard Shield"=C:\WINDOWS\system32\hzrTray.exe [2008-02-03 32768]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"COMODO Firewall Pro"=C:\Program Files\Comodo\Firewall\cfp.exe [2008-11-18 1796856]
"COMODO Internet Security"=C:\Program Files\Comodo\Firewall\cfp.exe [2008-11-18 1796856]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"=C:\WINDOWS\MIDIDef.exe [2004-12-22 24576]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2008-11-15 313856]
"ccleaner"=C:\Program Files\CCleaner\ccleaner.exe [2008-10-23 1336560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
C:\Program Files\CCleaner\ccleaner.exe [2008-10-23 1336560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDElbyCDFL]
C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe [2002-11-02 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-03-11 202544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Drag'n'Drop_Autolaunch]
C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe [2004-12-01 131072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2008-03-11 16384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2008-09-21 160592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
C:\WINDOWS\system32\Control.exe [2004-08-04 8192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-08-27 1783808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ThreatFire]
C:\Program Files\ThreatFire\TFTray.exe [2008-10-24 263456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinPatrol]
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [2008-09-18 333120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^OOo-dev 3.0.lnk]
C:\PROGRA~1\OOO-DE~1\program\QUICKS~1.EXE [2008-04-28 384000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^SpywareGuard.lnk]
C:\PROGRA~1\SPYWAR~2\sgmain.exe [2003-08-29 360448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
C:\PROGRA~1\DIGITA~1\DLG.exe [2003-10-29 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
C:\PROGRA~1\Google\GOOGLE~1\GOOGLE~1.EXE [2008-10-29 161264]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Wireless USB 2.0 WLAN Card Utility.lnk - C:\Program Files\Dell Wireless\PRISMCFG.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" C:\WINDOWS\system32\cssdll32.dll C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-10-28 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist]
C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll [2007-11-18 10792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\PRISMAPI.DLL]
C:\WINDOWS\system32\PRISMAPI.DLL [2006-10-12 450649]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sudown]
C:\WINDOWS\system32\sudown.dll [2006-12-03 8704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{81559C35-8464-49F7-BB0E-07A383BEF910}"=C:\Program Files\SpywareGuard\spywareguard.dll [2003-08-02 126976]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\Windows Defender\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=03FEFF03

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Dell Network Assistant\ezi_hnm2.exe"="C:\Program Files\Dell Network Assistant\ezi_hnm2.exe:*:Enabled:Dell Network Assistant"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare™"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Wild Hare\Instinct\instinct.exe"="C:\Program Files\Wild Hare\Instinct\instinct.exe:*:Enabled:ds2main"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - D:\Install.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
shell\AutoRun\command - H:\install.exe


======List of files/folders created in the last 1 months======

2008-11-21 10:40:58 ----D---- C:\rsit
2008-11-19 17:37:19 ----D---- C:\Program Files\Windows Defender
2008-11-19 16:42:24 ----D---- C:\WINDOWS\BDOSCAN8
2008-11-19 11:30:26 ----D---- C:\Program Files\Panda Security
2008-11-19 11:30:25 ----D---- C:\WINDOWS\LastGood
2008-11-18 14:23:22 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2008-11-18 11:47:22 ----A---- C:\WINDOWS\system32\javaws.exe
2008-11-18 11:47:22 ----A---- C:\WINDOWS\system32\javaw.exe
2008-11-18 11:47:22 ----A---- C:\WINDOWS\system32\java.exe
2008-11-18 11:25:40 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-11-16 16:31:14 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-11-14 22:26:32 ----D---- C:\Program Files\TLJ
2008-11-14 17:28:07 ----D---- C:\Program Files\Binary News Reaper
2008-11-13 12:39:44 ----D---- C:\Program Files\Lavasoft
2008-11-13 00:09:22 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2008-11-12 22:02:07 ----D---- C:\Program Files\Illusion Softworks
2008-11-12 17:54:29 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2008-11-12 17:54:29 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2008-11-12 17:54:28 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2008-11-12 17:54:27 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2008-11-12 17:54:27 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2008-11-12 17:54:26 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2008-11-12 17:54:25 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2008-11-12 17:54:24 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2008-11-12 17:54:24 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2008-11-12 17:54:23 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2008-11-12 17:54:22 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-11-12 17:54:22 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2008-11-12 17:54:21 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2008-11-12 16:20:38 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-12 16:20:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-12 16:19:21 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-05 19:37:49 ----D---- C:\Program Files\Adobe Media Player
2008-11-05 18:24:39 ----D---- C:\WINDOWS\system32\AGEIA
2008-11-05 18:24:36 ----D---- C:\Program Files\AGEIA Technologies
2008-11-05 18:17:56 ----D---- C:\Program Files\Playlogic
2008-11-05 02:29:19 ----A---- C:\WINDOWS\Sandboxie.ini
2008-11-05 02:18:09 ----D---- C:\Program Files\Sandboxie
2008-11-03 22:33:19 ----D---- C:\Program Files\Restoration
2008-11-02 23:01:25 ----A---- C:\WINDOWS\system32\guard32.dll
2008-11-02 17:44:35 ----A---- C:\boot.ini.comodofirewall
2008-10-30 17:22:12 ----D---- C:\Documents and Settings\Administrator\Application Data\DivX
2008-10-29 13:21:21 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-10-29 11:24:44 ----D---- C:\Program Files\Innovative Solutions
2008-10-29 10:34:40 ----D---- C:\Program Files\keyfinder.2.0.1
2008-10-27 14:36:03 ----D---- C:\Program Files\Defraggler
2008-10-24 20:49:27 ----D---- C:\Documents and Settings\Administrator\Application Data\gtk-2.0
2008-10-24 20:45:23 ----D---- C:\Program Files\Gnumeric
2008-10-23 20:27:58 ----D---- C:\Program Files\RegSeeker
2008-10-23 18:41:09 ----D---- C:\Program Files\AbiSuite2
2008-10-23 16:54:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-23 16:07:22 ----D---- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org
2008-10-23 16:00:50 ----D---- C:\Program Files\OpenOffice.org 3
2008-10-23 15:22:32 ----D---- C:\Documents and Settings\Administrator\Application Data\OOo-dev3

======List of files/folders modified in the last 1 months======

2008-11-21 10:42:21 ----D---- C:\WINDOWS\Prefetch
2008-11-21 10:41:57 ----D---- C:\WINDOWS\Temp
2008-11-21 10:40:29 ----D---- C:\Download
2008-11-19 23:04:22 ----D---- C:\Program Files\HiJackThis
2008-11-19 18:47:13 ----D---- C:\Download-Loaded
2008-11-19 18:15:38 ----D---- C:\WINDOWS\system32
2008-11-19 17:40:31 ----SD---- C:\WINDOWS\Tasks
2008-11-19 17:37:29 ----SHD---- C:\WINDOWS\Installer
2008-11-19 17:37:28 ----SHD---- C:\Config.Msi
2008-11-19 17:37:20 ----HD---- C:\WINDOWS\inf
2008-11-19 17:37:19 ----RD---- C:\Program Files
2008-11-19 16:43:09 ----D---- C:\WINDOWS\system32\drivers
2008-11-19 16:42:29 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-19 16:42:26 ----D---- C:\WINDOWS
2008-11-19 11:33:52 ----D---- C:\Program Files\Quicken
2008-11-19 11:30:14 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-19 10:59:43 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-18 22:24:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-18 22:20:38 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-11-18 16:43:27 ----D---- C:\Program Files\Mozilla Firefox
2008-11-18 15:41:54 ----D---- C:\WINDOWS\system32\FxsTmp
2008-11-18 14:38:12 ----D---- C:\Program Files\ATI
2008-11-18 14:23:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-11-18 14:19:58 ----RSD---- C:\WINDOWS\assembly
2008-11-18 14:19:14 ----D---- C:\Program Files\ATI Technologies
2008-11-18 14:09:03 ----D---- C:\WINDOWS\Debug
2008-11-18 12:33:07 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-11-18 12:32:10 ----D---- C:\Documents and Settings\Administrator\Application Data\Spyware Terminator
2008-11-18 12:31:24 ----D---- C:\Program Files\Spyware Terminator
2008-11-18 12:27:38 ----D---- C:\Program Files\Opera
2008-11-18 11:25:40 ----D---- C:\Program Files\Common Files
2008-11-18 10:53:49 ----D---- C:\Program Files\Common Files\Adobe
2008-11-18 10:53:40 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-11-18 10:53:32 ----D---- C:\Program Files\Adobe
2008-11-18 07:10:50 ----D---- C:\WINDOWS\Help
2008-11-17 22:46:57 ----D---- C:\Program Files\CCleaner
2008-11-17 11:45:17 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-11-17 00:15:37 ----D---- C:\Program Files\SpywareBlaster
2008-11-16 18:11:28 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-11-16 16:31:15 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-15 03:28:23 ----A---- C:\WINDOWS\game.ini
2008-11-14 18:18:03 ----D---- C:\Documents and Settings\All Users\Application Data\Avg7
2008-11-14 16:06:44 ----D---- C:\@BKPS
2008-11-14 02:00:17 ----D---- C:\regclean
2008-11-13 12:39:02 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-11-13 06:59:52 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-12 22:16:31 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-12 19:47:28 ----RASH---- C:\boot.ini
2008-11-12 18:13:32 ----A---- C:\WINDOWS\Quicken.ini
2008-11-12 18:13:24 ----D---- C:\Program Files\Common Files\Palo Alto Software
2008-11-12 17:55:49 ----A---- C:\WINDOWS\system32\DxDiag.txt
2008-11-12 17:54:32 ----D---- C:\WINDOWS\system32\DirectX
2008-11-12 16:58:15 ----HD---- C:\WINDOWS\msdownld.tmp
2008-11-12 16:20:35 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-12 16:18:37 ----D---- C:\WINDOWS\WinSxS
2008-11-09 07:45:02 ----D---- C:\WINDOWS\system32\config
2008-11-05 22:42:16 ----D---- C:\WINDOWS\system32\Macromed
2008-11-05 19:38:15 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-11-05 19:35:38 ----D---- C:\Program Files\Google
2008-11-05 18:25:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-11-05 17:34:29 ----A---- C:\WINDOWS\BOC427.INI
2008-11-05 16:46:45 ----D---- C:\Program Files\SpywareGuard
2008-11-05 01:47:06 ----D---- C:\Program Files\Ubisoft
2008-11-04 14:36:40 ----A---- C:\WINDOWS\win.ini
2008-11-04 14:36:40 ----A---- C:\WINDOWS\system.ini
2008-11-04 14:35:39 ----D---- C:\WINDOWS\pss
2008-11-04 14:35:09 ----D---- C:\WINDOWS\security
2008-11-04 14:19:36 ----D---- C:\WINDOWS\Registration
2008-11-04 14:12:18 ----D---- C:\Program Files\Dell
2008-11-02 23:16:19 ----D---- C:\Program Files\Free Easy Burner
2008-11-02 23:06:05 ----D---- C:\Documents and Settings\All Users\Application Data\comodo
2008-11-02 23:01:27 ----D---- C:\Documents and Settings\Administrator\Application Data\Comodo
2008-11-02 23:01:23 ----D---- C:\Program Files\Comodo
2008-11-02 20:12:28 ----D---- C:\Program Files\ThreatFire
2008-11-02 17:44:44 ----D---- C:\Documents and Settings\All Users\Application Data\Bitmeter2
2008-11-02 17:29:54 ----D---- C:\WINDOWS\system32\wbem
2008-11-01 18:32:04 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-10-31 06:04:33 ----D---- C:\Program Files\Spyware Doctor
2008-10-29 13:20:47 ----D---- C:\Program Files\Java
2008-10-29 12:51:04 ----RSD---- C:\WINDOWS\Fonts
2008-10-29 12:49:19 ----D---- C:\Program Files\JRE
2008-10-29 12:21:30 ----D---- C:\Program Files\Secunia
2008-10-28 21:23:22 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2008-10-28 21:22:02 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2008-10-28 21:11:35 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2008-10-28 21:11:21 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2008-10-28 21:11:12 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2008-10-28 21:11:03 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2008-10-28 21:10:59 ----A---- C:\WINDOWS\system32\atioglxx.dll
2008-10-28 21:10:45 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2008-10-28 21:09:10 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2008-10-28 21:07:44 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2008-10-28 21:05:00 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2008-10-28 20:57:58 ----A---- C:\WINDOWS\system32\ati3duag.dll
2008-10-28 20:49:31 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2008-10-28 20:41:13 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2008-10-28 20:25:31 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2008-10-28 20:21:21 ----A---- C:\WINDOWS\system32\atikvmag.dll
2008-10-28 20:19:50 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2008-10-28 20:19:40 ----A---- C:\WINDOWS\system32\atitvo32.dll
2008-10-28 20:18:30 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2008-10-28 20:12:51 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2008-10-25 15:59:54 ----D---- C:\Program Files\Microsoft Office
2008-10-25 15:59:52 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-10-25 15:59:30 ----D---- C:\Program Files\MSECACHE
2008-10-23 18:56:02 ----A---- C:\WINDOWS\ModemLog_Conexant D850 56K V.9x DFVc Modem.txt
2008-10-23 16:37:15 ----A---- C:\WINDOWS\ODBC.INI
2008-10-23 15:58:03 ----D---- C:\Program Files\OpenOffice.org 2.4
2008-10-23 15:47:49 ----D---- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org2
2008-10-23 15:25:36 ----D---- C:\Program Files\OpenOffice.org

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2008-11-18 99216]
R1 cmdHlp;COMODO Firewall Pro Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2008-11-18 31504]
R1 DVDVRRdr_xp;DVDVRRdr_xp; C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys [2007-07-14 146560]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2007-07-14 213120]
R1 vmm;Virtual Machine Monitor; \??\C:\WINDOWS\system32\Drivers\vmm.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-10-26 20747]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-11-05 271360]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2002-11-29 16320]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-11-05 18048]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 Packet;Auto Internet Protocol; C:\WINDOWS\system32\DRIVERS\packet.sys [2006-12-18 12672]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\drivers\PfModNT.sys []
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2007-02-23 32768]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-10-28 3341824]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 CTUSFSYN;Creative SoundFont Synthesizer; C:\WINDOWS\system32\drivers\ctusfsyn.sys [2005-05-25 158464]
R3 DELL_A02;Dell TrueMobile 1300 USB2.0 WLAN Card Driver; C:\WINDOWS\system32\DRIVERS\PRISMA02.sys [2006-10-26 357344]
R3 dsNcAdpt;Juniper Network Connect Adapter; C:\WINDOWS\system32\DRIVERS\dsNcAdpt.sys [2007-12-27 23552]
R3 E100B;Intel® PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2005-06-13 162816]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2002-11-28 15360]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-11-17 1042432]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2003-11-17 212224]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys []
R3 sigfilt;sigfilt; C:\WINDOWS\system32\drivers\sigfilt.sys [2005-03-24 1350272]
R3 STHDA;High Definition Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2005-06-06 180736]
R3 TfNetMon;TfNetMon; \??\C:\WINDOWS\system32\drivers\TfNetMon.sys []
R3 TMPassthruMP;TMPassthruMP; C:\WINDOWS\system32\DRIVERS\TMPassthru.sys [2007-11-27 35216]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-02-11 59520]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-02-11 20608]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-11-17 680704]
S1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2008-06-10 9336]
S1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2008-06-10 9464]
S1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2007-07-14 259200]
S1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys []
S3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
S3 BOCDRIVE;BOClean Kernel Monitor.; \??\C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys []
S3 cel90xbe;cel90xbe; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cel90xbe.sys []
S3 DSproct;DSproct; \??\C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys []
S3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2007-07-14 21993]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-21 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-22 21568]
S3 IKFileSec;File Security Driver; C:\WINDOWS\system32\drivers\ikfilesec.sys [2008-06-02 42376]
S3 IkSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2008-06-02 66952]
S3 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2008-06-10 81288]
S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2007-07-14 22745]
S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-04-09 9856]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-10-27 7808]
S3 SDDMI2;SDDMI2; \??\C:\WINDOWS\system32\DDMI2.sys []
S3 TMPassthru;Trend Micro Passthru Ndis Service; C:\WINDOWS\system32\DRIVERS\TMPassthru.sys [2007-11-27 35216]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-02-11 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-10-28 585728]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\Comodo\Firewall\cmdagent.exe [2008-11-18 618232]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [1999-12-13 44032]
R2 dsNcService;Juniper Network Connect Service; C:\Program Files\Juniper Networks\Common Files\dsNcService.exe [2007-12-27 423280]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-18 152984]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-02-18 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2008-07-06 107832]
R2 PRISMSVC;PRISMSVC; C:\WINDOWS\system32\PRISMSVC.EXE [2006-10-12 61529]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2008-11-15 52736]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-08-27 570880]
R2 ThreatFire;ThreatFire; C:\Program Files\ThreatFire\TFService.exe [2008-10-24 70944]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2001-05-01 53248]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\wmpnetwk.exe [2006-10-18 913408]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-10-28 593920]
S2 HazardShield;HazardShield; C:\WINDOWS\system32\hzrController.exe [2008-02-03 15360]
S2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 Creative Labs Licensing Service;Creative Labs Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe [2006-11-20 69632]
S3 DQMNZG;DQMNZG; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DQMNZG.exe []
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-06-26 31592]
S3 GoToAssist;GoToAssist; C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe [2007-11-18 16936]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 JPTGA;JPTGA; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JPTGA.exe []
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920]
S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2008-08-07 1073544]
S3 UTUF;UTUF; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\UTUF.exe []
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 ZCDI;ZCDI; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ZCDI.exe []
S4 Iomega Activity Disk2;Iomega Activity Disk2; []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-08 65795]
S4 R;R; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\R.exe []

-----------------EOF-----------------




4. Here's the 2nd txt:

info.txt logfile of random's system information tool 1.04 2008-11-21 10:42:42

======Uninstall list======

-->"C:\Program Files\Creative\SBAudigy\Program\CTZapxx.EXE" ctsbmb.ini /U /N /S /W
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->MsiExec.exe /X{7B4AB13C-1A5C-4BC5-ABA6-762F8198444C}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5B17E626-7885-4FC3-A66A-73548A4F01FD}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5B17E626-7885-4FC3-A66A-73548A4F01FD}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DAAC5938-8026-4D0C-A476-D1954917B7F5}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DAAC5938-8026-4D0C-A476-D1954917B7F5}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x9 /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.42-->MsiExec.exe /I{23170F69-40C1-2701-0442-000001000000}
7-Zip 4.58 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
ACDSee for PENTAX 2.0-->MsiExec.exe /I{D8320DD6-FE47-41DE-B116-4158B7AE3F37}
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Acronis True Image Home-->MsiExec.exe /X{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Media Player-->msiexec /qb /x {5C74694C-A687-E3EB-FF18-B018D4A76ECD}
Adobe Media Player-->MsiExec.exe /I{5C74694C-A687-E3EB-FF18-B018D4A76ECD}
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Advanced WindowsCare Personal-->"C:\Program Files\IObit\Advanced WindowsCare V2\unins000.exe"
AGEIA PhysX v6.10.05-->MsiExec.exe /X{582876EC-A178-44D4-9823-C10D6C62EAFF}
AI RoboForm (All Users)-->"C:\Program Files\Siber Systems\AI RoboForm\rfwipeout.exe"
AM-DeadLink 3.0-->"C:\Program Files\AM-DeadLink\unins000.exe"
AnswerWorks 5.0 English Runtime-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}\setup.exe" -l0x9 -uninst -removeonly
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ask Toolbar-->rundll32 C:\PROGRA~1\AskSBar\bar\1.bin\AskSBar.dll,O
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x3334
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Azureus 3.0-->C:\Program Files\Azureus\uninstall.exe
Binary News Reaper 0.14.7 Beta-->"C:\Program Files\Binary News Reaper\unins000.exe"
BitMeter-->"C:\Program Files\Codebox\BitMeter\uninstall.exe"
BOClean-->C:\WINDOWS\UNBOC.EXE
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CloneCD-->"C:\Program Files\Elaborate Bytes\CloneCD\ccd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneCD"
COMODO Firewall Pro-->C:\Program Files\COMODO\Firewall\cfpconfg.exe -u
COMODO SafeSurf-->C:\Program Files\COMODO\SafeSurf\cssconfg.exe -u
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Creative MediaSource-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}\Setup.exe" -l0x9 /remove
Debugging Tools for Windows (x86)-->MsiExec.exe /I{1CD0C3C5-809D-4CFC-904A-1B67C6243637}
Defraggler (remove only)-->"C:\Program Files\Defraggler\uninst.exe"
Dell Network Assistant-->MsiExec.exe /I{0240BDFB-2995-4A3F-8C96-18D41282B716}
Dell Resource CD-->MsiExec.exe /X{FCD9CD52-7222-4672-94A0-A722BA702FD0}
Dell Support 3.2.1-->MsiExec.exe /X{7A35F91E-1D16-454F-A248-B9B782A2327C}
Dell Support Center-->MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
DellConnect-->MsiExec.exe /X{52D56C42-8C69-4882-A661-39695537C9CF}
Delta Force - Black Hawk Down-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8FE54D21-8254-4CCF-AEE0-066496AE43F4}\setup.exe" -l0x9 -uninst
Digital Line Detect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\Setup.exe" -l0x9 ControlPanelAnyText
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DriverMax 4-->"C:\Program Files\Innovative Solutions\DriverMax\unins000.exe"
EasyCleaner-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly
FastStone Image Viewer 3.0-->C:\Program Files\FastStone Image Viewer\uninst.exe
filehippo.com Update Checker-->"C:\Program Files\filehippo.com\uninstall.exe"
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Free Easy Burner V 3.8-->"C:\Program Files\Free Easy Burner\unins000.exe"
getPlus®-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
GiPo@MoveOnBoot 1.9.5-->MsiExec.exe /I{9F185C48-595B-401A-A1D6-AAB324890DC4}
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
GoToAssist 8.0.0.480-->C:\Program Files\Citrix\GoToAssist\480\G2AUninstaller.exe /uninstall
GradeQuick Web Plugin-->MsiExec.exe /I{0EB768CD-EF48-4C66-8BCB-2DA8166B2654}
GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E0303B6A-C675-4102-95DA-C013625BFA99}\setup.exe" -l0x9 -removeonly
Half-Life Dedicated Server Update Tool-->C:\PROGRA~1\Valve\HLServer\UNWISE.EXE C:\PROGRA~1\Valve\HLServer\INSTALL.LOG
Hidden & Dangerous 2 -->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{83437081-8186-4F63-BD39-4BE8A691E055}
Hidden & Dangerous 2 Patch-->"C:\Program Files\Illusion Softworks\Hidden & Dangerous 2\\patch-uninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Driver Diagnostics-->MsiExec.exe /X{6314D540-E3C1-4F30-AEEB-4154C93375C3}
HP Memories Disc-->MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
HP Photo and Imaging 2.0 - All-in-One Drivers-->MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}
HP Photo and Imaging 2.0 - All-in-One-->MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1}
hp psc 1200 series-->MsiExec.exe /X{C900EF06-2E76-49C7-8DB0-41F629B21DC5}
hp psc 1200 series-->rundll32 hpzcon07.dll,VendorJettison hp psc 1200 series
Intel® PRO Network Connections Drivers-->Prounstl.exe
Iomega HotBurn Pro-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CCB1507A-AAEA-4778-AC4B-DD5EAB1A961E}\Setup.exe" -l0x9 UNINSTALL
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Iron Warriors: T72 Tank Command-->"C:\Program Files\Strategy First\Iron Warriors\unins000.exe"
IsoBuster 2.4-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
Java™ 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java™ SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Java™ SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Juniper Networks Network Connect 6.0.0-->"C:\Program Files\Juniper Networks\Network Connect 6.0.0\uninstall.exe"
jv16 PowerTools 2007-->"C:\Program Files\jv16 PowerTools 2006\unins000.exe"
jv16 PowerTools 2008-->"C:\Program Files\jv16 PowerTools 2008\unins000.exe"
Karen's Autorun.inf Editor-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\PTAutoRun\ST6UNST.LOG"
Karen's Computer Profiler (C:\Program Files\Karen's Computer Profiler\)-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Karen's Computer Profiler\ST6UNST.000"
Karen's Computer Profiler-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Karen's Computer Profiler\ST6UNST.LOG"
Karen's Font Explorer-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Fonts\ST6UNST.LOG"
Karen's Registry Pruner-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Pruner\ST6UNST.LOG"
Karen's Registry Ripper-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\RegRip\ST6UNST.LOG"
Karen's Version Browser-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Karen's Version Browser\ST6UNST.LOG"
Karen's Window Watcher-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\WinWatch\ST6UNST.LOG"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft Calculator Plus-->MsiExec.exe /I{83073C45-3003-4671-9A86-243AAADD915A}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Basic Edition 2003-->MsiExec.exe /I{91130409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Converter Pack-->MsiExec.exe /X{6EECB283-E65F-40EF-86D3-D51BF02A8D43}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Virtual PC 2007-->MsiExec.exe /X{8A7CAA24-7B23-410B-A7C3-F994B0944160}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mouse Suite for Desktop Computers-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{448E2D77-E504-4221-B2C2-93646B344729}\Setup.exe" -l0x9 -removeonly
Move Networks Player for Internet Explorer-->"C:\Documents and Settings\Administrator\Application Data\Move Networks\ie_bin\unins000.exe"
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OOo-dev 3.0 Beta-->MsiExec.exe /I{91C69FCE-E631-440A-8682-E2ADA9F5AEAC}
OpenAL-->"C:\Program Files\OpenAL\OpenALwEAX.exe" /U /S
OpenOffice.org 3.0-->MsiExec.exe /I{F44DA61E-720D-4E79-871F-F6E628B33242}
Opera 9.50-->MsiExec.exe /X{ACC7272E-0200-482F-89FD-532FD03CF656}
Opera 9.62-->MsiExec.exe /X{8318FEFD-F467-44D6-82B8-129374BFE9B1}
Opera-->C:\PROGRA~1\OPERA9~1.5BE\uninst\unwise.exe C:\PROGRA~1\OPERA9~1.5BE\uninst\install.log
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PCmover-->MsiExec.exe /X{0E747712-A0CF-4F5A-9933-864DF8984925}
PE Builder 3.1.10a-->"c:\pebuilder3110a\unins000.exe"
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Portal-->"C:\Program Files\Steam\steam.exe" steam://uninstall/400
PrintKey2000-->C:\PROGRA~1\PRINTK~1\UNWISE.EXE C:\PROGRA~1\PRINTK~1\INSTALL.LOG
Process Tamer 2.08.02-->"C:\Program Files\ProcessTamer\unins000.exe"
Psychonauts-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A129D1F2-CAC4-4AD7-B26D-3C6411B87DCC}\setup.exe" -l0x9 -removeonly
Quicken 2008-->MsiExec.exe /X{3B0F52AC-EF5C-4831-B221-06C782E41280}
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Recovery Toolbox for CD Free 1.0-->"C:\Program Files\Recovery Toolbox for CD Free\unins000.exe"
Recuva (remove only)-->"C:\Program Files\Recuva\uninst.exe"
Revo Uninstaller 1.75-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Rhapsody Player Engine-->MsiExec.exe /I{8A62A068-3FD6-495A-9F66-26FE94F32EC9}
Sandboxie 3.32-->"C:\WINDOWS\Installer\SandboxieInstall.exe" /remove
Secunia PSI (RC4)-->"C:\Program Files\Secunia\PSI (RC4)\uninstall.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\Setup.exe" -l0x9 -remove -removeonly
Sound Blaster Audigy ADVANCED MB-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}\SETUP.EXE" -l0x9 /remove
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
Spyware Terminator-->"C:\Program Files\Spyware Terminator\unins000.exe"
SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe"
SpywareGuard v2.2-->"C:\Program Files\SpywareGuard\unins000.exe"
StartupMonitor-->MsiExec.exe /I{76EFAC4F-1712-401F-B2AE-590B170C9BCE}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
suDown 2.0-->"C:\WINDOWS\unins000.exe"
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
ThreatFire 3.5-->"C:\Program Files\ThreatFire\unins000.exe"
Tweak UI-->"C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
Update for Windows Internet Explorer 7 (KB928089)-->"C:\WINDOWS\ie7updates\KB928089\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
USB 2.0 Wireless LAN Card Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}\setup.exe" -l0x9 -L0x9 -removeonly
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
WebCyberCoach 3.2 Dell-->"C:\Program Files\WebCyberCoach\b_Dell\WCC_Wipe.exe" "WebCyberCoach ext\wtrb" /inf "engine.inf,RealUninstallSection,,4" /infcfg "enginecf.inf,RealUninstallSection,,4"
What's Running 2.2-->"C:\Program Files\WhatsRunning\unins000.exe"
Whiz Kid Technomagic Keep My IP, v.1.0-->"C:\Program Files\Whiz Kid Technomagic\Keep My IP-1.0\uninstall.exe"
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Marketplace upgrade options tool-->MsiExec.exe /I{D1D4C9A3-060B-472A-88B7-B313CD622381}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows Vista Upgrade Advisor-->MsiExec.exe /I{C6AA3FB7-804F-4808-AD91-B62D6ED9B788}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPatrol 2008-->C:\PROGRA~1\BILLPS~1\WINPAT~1\Setup.exe /remove /q0
WinPatrol-->MsiExec.exe /I{3205A978-4A7A-403B-A4B9-D48E6BAFB73B}
World of Warcraft FREE Trial-->MsiExec.exe /X{02EBDBB9-4600-41D3-B566-40CB861511D2}
XnView 1.95-->"C:\Program Files\XnView\unins000.exe"

======Hosts File======

127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com

======Security center information======

AV: ThreatFire
AV: Avira AntiVir PersonalEdition (disabled)
AV: avast! antivirus 4.8.1229 [VPS 081120-0] (disabled)
FW: COMODO Firewall

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=0403
"set devmgr_show_nonpresent_devices"=1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------


Thanks for the help.
marentoft

#5 mas_pogi

mas_pogi

    Carpal Tunnel of Love


  • Members
  • 1,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tokyo, JP
  • Local time:09:15 PM

Posted 26 November 2008 - 09:09 AM

hi.

Welcome to BC once again. Sorry for the delay.

Other symptoms - Firefox - I start to type an entry and the screen stops accepting the typing - sort of like a freeze - then after awhile - 10-15 seconds usually it will come back and operate normally. IE7 actually allowed me to get to Windows update after I sent in the log to you, but froze during the validation process. I had built a slipstream disc for my computer about 4 months ago - Win Xp Pro and SP3 - figuring that I might have to do a clean install - something I would like to avoid - and found that when I tested the ability to recognize the disc the computer would not comply - a 'hal.dll' error I think -

Let see what we can do.

. Finally the computer will not accept an upgrade graphics card - going from ATI Radeon x/300/550/1050 series ) Dell 2001 FP to an ATI x1300 256M DDR2 PCI-E - which should be OK - but will not even light up the monitor. Most of these things are not that big a deal -the computer still runs pretty well in general - but they nag at me, make me think I've got a bug.

I'll forward you to hardware forum later . They can help you there.

lets continue.
  • I can see you have two Antivirus . Avast and Threatfire.

    Using more than one anti-virus program is not advisable. The primary concern with using more than one anti-virus program is due to conflicts that can arise when they are running in real-time mode simultaneously. Even when one of them is disabled for use as a stand-alone scanner, it can affect the other. Anti-virus software components insert themselves into the operating systems core and using more than one can cause instability, crash your computer, slow performance and waste system resources. When actively running in the background while connected to the Internet, they both may try to update their definition databases at the same time. As the programs compete for resources required to download the necessary files this often can result in sluggish system performance or unresponsive behavior.

    Each anti-virus will often interpret the activity of the other as a virus and there is a greater chance of them alerting you to a "False Positive". If one finds a virus and then the other also finds the same virus, both programs will be competing over exclusive rights on dealing with that virus. Each anti-virus will attempt to remove the offending file and quarantine it. If one finds and quarantines the file before the other one does, then you encounter the problem of both wanting to scan each other's zipped or archived files and each reporting the other's quarantined contents. This can lead to a repetitive cycle of endless alerts that continually warn you that a virus has been found when that is not the case.

    Anti-virus scanners use virus definitions to check for viruses and these can include a fragment of the virus code which may be recognized by other anti-virus programs as the virus itself. Because of this, most anti-virus programs encrypt their definitions so that they do not trigger a false alarm when scanned by other security programs. However, some anti-virus vendors do not encrypt their definitions and will trigger false alarms if used while another resident anti-virus program is active.

    To avoid these problems, use only one anti-virus solution.


    Uninstall one of them but I suggest to keep Avast antivirus. Goto ADD/REMOVE programs at the Control Panel to uinstall threatfire.


    I can also see many remnants of your past Antivirus.

    Avira

    Uninstall it too.

  • Uninstall also this following programs using ADD/REMOVE program at the Control Panel.

    This programs are used for advertisement.
    COMODO SafeSurf
    Ask Toolbar


    Outdated java runtime
    Java™ 6 Update 7
    Java™ SE Runtime Environment 6 Update 1
    Java™ SE Runtime Environment 6


    Outdated program
    Opera 9.50

  • Your log(s) show that you are using so called peer-to-peer or file-sharing programmes (in your case Azureus 3.0). These programmes allow to share files between users as the name(s) suggest. In today's world the cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

    It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

    It is also important to note that sharing entertainment files and proprietary software infringes the copyright laws in many countries over the world and you are putting yourself at risk of being indicted through organisations watching over the rights of the authors of such files (i.e. the RIAA for music files, or the MPAA for movie files in the USA) or the authors of the files themselves.

    Naturally there are also legal ways to use these services, such as downloading Linux distributions or office suites such as "Open Office."


  • Backup Your Registry with ERUNT
    • Please use the following link and scroll down to ERUNT and download it.
      http://aumha.org/freeware/freeware.php
    • For version with the Installer:
      Use the setup program to install ERUNT on your computer
    • For the zipped version:
      Unzip all the files into a folder of your choice.
    Click Erunt.exe to backup your registry to the folder of your choice.

    Note: to restore your registry, go to the folder and start ERDNT.exe


  • Please download the OTMoveIt3 by OldTimer.
    • Save it to your desktop.
    • Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
    • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
      :Processes
      explorer.exe
      
      :Services
      DQMNZG
      UTUF
      ZCDI
      TMPassthruMP
      TMPassthru
      cel90xbe
      JPTGA
      R
      
      :Reg
      [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
      "{A057A204-BACC-4D26-9990-79A187E2698E}"=-
      [-HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}]
      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
      "NoResolveSearch"=dword:00000000
      
      
      :Commands
      [emptytemp]
      [start explorer]
      [Reboot]
    • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
    • Click the red Moveit! button.
    • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
    • Close OTMoveIt3
    Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

  • Please make sure that you can view all hidden files. Instructions on how to do this can be found here:

    How to see hidden files in Windows

    Please click this link-->Jotti

    When the jotti page has finished loading, click the Browse button and navigate to the following file and click Submit.

    H:\install.exe
    D:\install.exe


    Please post back the results of the scan in your next post.

    If Jotti is busy, try the same at Virustotal: http://www.virustotal.com/

  • Run ESET Online Scan

    Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.
    • Check (tick) this box: YES, I accept the Terms of Use.
    • Click on the Start button next to it.
    • When prompted to run ActiveX. click Yes.
    • You will be asked to install an ActiveX. Click Install.
    • Once installed, the scanner will be initialized.
    • After the scanner is initialized, click Start.
    • Uncheck (untick) Remove found threats box.
    • Check (tick) Scan unwanted applications.
    • Click on Scan.
    • It will start scanning. Please be patient.
    • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.
  • Delete this file C:\RSIT\info.txt

    • Run random's system information tool (RSIT) again from your desktop.
    • Double click on RSIT.exe to run RSIT.
    • Click Continue at the disclaimer screen.
    • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
In your reply, please post

Otmoveit log
ESET scan result
Jotti's result
RSIT's log.txt and info.txt


Mark

#6 marentoft

marentoft
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Location:New Jersey, USA
  • Local time:09:15 PM

Posted 26 November 2008 - 03:45 PM

Hello M_P,

11/26/08 - 1:42 PM (give or take)

1. Uninstall Threatfire - Done.

2. Keep Avast! - OK.

3. Uninstall - Avira - Done.
- Comodo Safesurf - Done.
- Ask Toolbar - Done.
- Java™ 6 Update 7 - Done.
- Java™ SE Runtime Environment 6 Update 1 - Done.
- Java™ SE Runtime Environment 6 - Done.
- Opera 9.50 - Done.
- Azureus - Done.





4. OTMoveIt3 - Results - before restart

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Service DQMNZG stopped successfully.
Service DQMNZG deleted successfully.
Service UTUF stopped successfully.
Service UTUF deleted successfully.
Service ZCDI stopped successfully.
Service ZCDI deleted successfully.
Unable to stop service TMPassthruMP .
Service TMPassthru stopped successfully.
Service TMPassthru deleted successfully.
Service cel90xbe stopped successfully.
Service cel90xbe deleted successfully.
Service JPTGA stopped successfully.
Service JPTGA deleted successfully.
Service R stopped successfully.
Service R deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry key HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\\ not found.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\\"NoResolveSearch"|dword:00000000 /E : value set successfully!
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Perflib_Perfdata_b14.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~DF93B9.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~DF93D9.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_3bc.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_d04.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Opera cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11262008_142537


5-a. After restart - could not open IE7 (or Email) - did system
restore using point just before uninstall of Opera - then
came back and repeated Erunt - took a new system
restore point - and now doing OTMov again.....


5-b. OTMoveIt3 - Results - after restart - 2nd time around

This is the log file displayed via notepad after the restart....

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Service DQMNZG stopped successfully.
Service DQMNZG deleted successfully.
Service UTUF stopped successfully.
Service UTUF deleted successfully.
Service ZCDI stopped successfully.
Service ZCDI deleted successfully.
Unable to stop service TMPassthruMP .
Service TMPassthru stopped successfully.
Service TMPassthru deleted successfully.
Service cel90xbe stopped successfully.
Service cel90xbe deleted successfully.
Service JPTGA stopped successfully.
Service JPTGA deleted successfully.
Service R stopped successfully.
Service R deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry key HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\\ not found.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\\"NoResolveSearch"|dword:00000000 /E : value set successfully!
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Perflib_Perfdata_968.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~DFADC2.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~DFAE0A.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_378.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_73c.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Opera cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11262008_151412

Files moved on Reboot...
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Perflib_Perfdata_968.dat not found!
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~DFADC2.tmp not found!
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~DFAE0A.tmp not found!
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_378.dat not found!
File C:\WINDOWS\temp\Perflib_Perfdata_73c.dat not found!


6-a. After restart - could not open IE7 (or Email) - AGAIN
did system restore using point I created earlier


7. I am stopping here ... now that I can access web again - await further info from
you about this problem with OTMOV

Marentoft

#7 mas_pogi

mas_pogi

    Carpal Tunnel of Love


  • Members
  • 1,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tokyo, JP
  • Local time:09:15 PM

Posted 26 November 2008 - 05:57 PM

hi.

6-a. After restart - could not open IE7 (or Email) - AGAIN
did system restore using point I created earlier

Did you run system restore? Why? :thumbsup:


Mark

#8 marentoft

marentoft
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Location:New Jersey, USA
  • Local time:09:15 PM

Posted 26 November 2008 - 07:08 PM

m_p,


Re: " ... mas_pogi Posted Today, 05:57 PM
hi.


QUOTE
6-a. After restart - could not open IE7 (or Email) - AGAIN
did system restore using point I created earlier

Did you run system restore? Why?


Mark ... " ..............

I had to do a restore - it was the only way i could get access to the web via IE7

MArentoft

#9 mas_pogi

mas_pogi

    Carpal Tunnel of Love


  • Members
  • 1,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tokyo, JP
  • Local time:09:15 PM

Posted 27 November 2008 - 02:05 AM

Hi.

I understand. Do you any other computer that you can access aside from
the one you are using right now?

Now. Repeat all the fixes in post#5. I mean all of them.
Try connecting the IExplorer to complete the fix with ESET scanner.
If it still crash, Try this one.

Go to Posted Image> ALL Programs > Accessories > System Tools > Internet Explorer(No Add-ons)
Then proceed with ESET.


Please don't do any system modofication unless instructed to do so. Which includes system restore.

Thank you.

Mark

Edited by mas_pogi, 27 November 2008 - 06:20 AM.


#10 marentoft

marentoft
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Location:New Jersey, USA
  • Local time:09:15 PM

Posted 29 November 2008 - 07:32 PM

M_P,

Question - What program to use to invoke IE(7)/no addons? I get an 'open with' box and so far

cannot get anything to happen.

MArentoft

#11 mas_pogi

mas_pogi

    Carpal Tunnel of Love


  • Members
  • 1,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tokyo, JP
  • Local time:09:15 PM

Posted 29 November 2008 - 07:36 PM

hi.

Follow this one.

Go to Posted Image> ALL Programs > Accessories > System Tools > Internet Explorer(No Add-ons)

Then paste in

http://www.eset.com/onlinescan/
in the address bar.

Mark

#12 mas_pogi

mas_pogi

    Carpal Tunnel of Love


  • Members
  • 1,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tokyo, JP
  • Local time:09:15 PM

Posted 01 December 2008 - 06:37 AM

hi.

Do you still need help? :thumbsup:

Mark

#13 marentoft

marentoft
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Location:New Jersey, USA
  • Local time:09:15 PM

Posted 02 December 2008 - 10:40 AM

M_P,

I am not sure about the problem status of my pc at this point, since the list of things you request has not been finished.

But let me say this one more time - When I run OTMoveit and do the restart that it asks for I can no longer access the

internet via IE7 or Firefox or Opera, and I cannot access my Email via Outlook. So I cannot do any of the things you

mention after OTM. So what to do? I can only get internet access back by doing a restore. I have run ESET after getting

my access back (no problems found) and I could run the other things (like Jotti), but I can't do those after running

OTMoveit/restart.

So it appears to me that I am stuck, unless you have a way for me to run OTM/restart and still keep web access, or I can

go on with the other things to do in your list without running OTM and send back those info's to you, or I guess we can just

call it quits at this point.

marentoft

#14 mas_pogi

mas_pogi

    Carpal Tunnel of Love


  • Members
  • 1,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tokyo, JP
  • Local time:09:15 PM

Posted 02 December 2008 - 10:54 AM

hi Maren.

I guess you completed all the step aside from OTmoveit.
OTmoveit is working properly.
But undo every step you have taken since you have a system restore.
When try to remove the infection, it breaks your connection.

Since it was quite a while. Can I have a latest RSIT? I'll review this one again and
ask my coach about this. If you still wish to continue.
  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
Please post back the result of log.txt


Mark

Edited by mas_pogi, 02 December 2008 - 10:55 AM.


#15 marentoft

marentoft
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Location:New Jersey, USA
  • Local time:09:15 PM

Posted 02 December 2008 - 12:26 PM

M_P,




Here is the RSIT info.txt:

info.txt logfile of random's system information tool 1.04 2008-12-02 12:23:02

======Uninstall list======

-->"C:\Program Files\Creative\SBAudigy\Program\CTZapxx.EXE" ctsbmb.ini /U /N /S /W
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->MsiExec.exe /X{7B4AB13C-1A5C-4BC5-ABA6-762F8198444C}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x9

/remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x9

/remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x9

/remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9

/remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x9

/remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x9

/remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x9

/remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{5B17E626-7885-4FC3-A66A-73548A4F01FD}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{5B17E626-7885-4FC3-A66A-73548A4F01FD}\setup.exe" -l0x9

/remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9

/remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9

/remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}\setup.exe" -l0x9

/remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x9

/remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x9

/remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{DAAC5938-8026-4D0C-A476-D1954917B7F5}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{DAAC5938-8026-4D0C-A476-D1954917B7F5}\setup.exe" -l0x9

/remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x9

/remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.42-->MsiExec.exe /I{23170F69-40C1-2701-0442-000001000000}
7-Zip 4.58 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
ACDSee for PENTAX 2.0-->MsiExec.exe /I{D8320DD6-FE47-41DE-B116-4158B7AE3F37}
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Acronis True Image Home-->MsiExec.exe /X{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Media Player-->msiexec /qb /x {5C74694C-A687-E3EB-FF18-B018D4A76ECD}
Adobe Media Player-->MsiExec.exe /I{5C74694C-A687-E3EB-FF18-B018D4A76ECD}
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Advanced WindowsCare Personal-->"C:\Program Files\IObit\Advanced WindowsCare V2\unins000.exe"
AGEIA PhysX v6.10.05-->MsiExec.exe /X{582876EC-A178-44D4-9823-C10D6C62EAFF}
AI RoboForm (All Users)-->"C:\Program Files\Siber Systems\AI RoboForm\rfwipeout.exe"
AM-DeadLink 3.0-->"C:\Program Files\AM-DeadLink\unins000.exe"
AnswerWorks 5.0 English Runtime-->RunDll32

C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program

Files\InstallShield Installation Information\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}\setup.exe" -l0x9 -uninst

-removeonly
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32

C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program

Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x4434
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart

-flags:0x2010001 -inf_class:DISPLAY -clean
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil

Software\Avast4\Setup\setiface.dll",RunSetup
Azureus 3.0-->C:\Program Files\Azureus\uninstall.exe
Binary News Reaper 0.14.7 Beta-->"C:\Program Files\Binary News Reaper\unins000.exe"
BitMeter-->"C:\Program Files\Codebox\BitMeter\uninstall.exe"
BOClean-->C:\WINDOWS\UNBOC.EXE
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CloneCD-->"C:\Program Files\Elaborate Bytes\CloneCD\ccd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneCD"
COMODO Firewall Pro-->C:\Program Files\COMODO\Firewall\cfpconfg.exe -u
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Creative MediaSource-->RunDll32

C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program

Files\InstallShield Installation Information\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}\Setup.exe" -l0x9 /remove
Debugging Tools for Windows (x86)-->MsiExec.exe /I{1CD0C3C5-809D-4CFC-904A-1B67C6243637}
Defraggler (remove only)-->"C:\Program Files\Defraggler\uninst.exe"
Dell Network Assistant-->MsiExec.exe /I{0240BDFB-2995-4A3F-8C96-18D41282B716}
Dell Resource CD-->MsiExec.exe /X{FCD9CD52-7222-4672-94A0-A722BA702FD0}
Dell Support 3.2.1-->MsiExec.exe /X{7A35F91E-1D16-454F-A248-B9B782A2327C}
Dell Support Center-->MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
DellConnect-->MsiExec.exe /X{52D56C42-8C69-4882-A661-39695537C9CF}
Delta Force - Black Hawk Down-->RunDll32

C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program

Files\InstallShield Installation Information\{8FE54D21-8254-4CCF-AEE0-066496AE43F4}\setup.exe" -l0x9 -uninst
Digital Line Detect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\Setup.exe" -l0x9

ControlPanelAnyText
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DriverMax 4-->"C:\Program Files\Innovative Solutions\DriverMax\unins000.exe"
EasyCleaner-->RunDll32

C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program

Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly
ESET Online Scanner-->C:\WINDOWS\system32\OnlineScannerUninstaller.exe
FastStone Image Viewer 3.0-->C:\Program Files\FastStone Image Viewer\uninst.exe
filehippo.com Update Checker-->"C:\Program Files\filehippo.com\uninstall.exe"
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Free Easy Burner V 3.8-->"C:\Program Files\Free Easy Burner\unins000.exe"
getPlus®-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
GiPo@MoveOnBoot 1.9.5-->MsiExec.exe /I{9F185C48-595B-401A-A1D6-AAB324890DC4}
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
GoToAssist 8.0.0.480-->C:\Program Files\Citrix\GoToAssist\480\G2AUninstaller.exe /uninstall
GradeQuick Web Plugin-->MsiExec.exe /I{0EB768CD-EF48-4C66-8BCB-2DA8166B2654}
GTA San Andreas-->RunDll32

C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program

Files\InstallShield Installation Information\{E0303B6A-C675-4102-95DA-C013625BFA99}\setup.exe" -l0x9 -removeonly
Half-Life Dedicated Server Update Tool-->C:\PROGRA~1\Valve\HLServer\UNWISE.EXE

C:\PROGRA~1\Valve\HLServer\INSTALL.LOG
Hidden & Dangerous 2 -->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe

/M{83437081-8186-4F63-BD39-4BE8A691E055}
Hidden & Dangerous 2 Patch-->"C:\Program Files\Illusion Softworks\Hidden & Dangerous 2\\patch-uninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall

{ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Driver Diagnostics-->MsiExec.exe /X{6314D540-E3C1-4F30-AEEB-4154C93375C3}
HP Memories Disc-->MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
HP Photo and Imaging 2.0 - All-in-One Drivers-->MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}
HP Photo and Imaging 2.0 - All-in-One-->MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1}
hp psc 1200 series-->MsiExec.exe /X{C900EF06-2E76-49C7-8DB0-41F629B21DC5}
hp psc 1200 series-->rundll32 hpzcon07.dll,VendorJettison hp psc 1200 series
Intel® PRO Network Connections Drivers-->Prounstl.exe
Iomega HotBurn Pro-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup

"C:\Program Files\InstallShield Installation Information\{CCB1507A-AAEA-4778-AC4B-DD5EAB1A961E}\Setup.exe" -l0x9

UNINSTALL
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Iron Warriors: T72 Tank Command-->"C:\Program Files\Strategy First\Iron Warriors\unins000.exe"
IsoBuster 2.4-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java™ 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Juniper Networks Network Connect 6.0.0-->"C:\Program Files\Juniper Networks\Network Connect 6.0.0\uninstall.exe"
jv16 PowerTools 2007-->"C:\Program Files\jv16 PowerTools 2006\unins000.exe"
jv16 PowerTools 2008-->"C:\Program Files\jv16 PowerTools 2008\unins000.exe"
Karen's Autorun.inf Editor-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\PTAutoRun\ST6UNST.LOG"
Karen's Computer Profiler (C:\Program Files\Karen's Computer Profiler\)-->C:\WINDOWS\st6unst.exe -n "C:\Program

Files\Karen's Computer Profiler\ST6UNST.000"
Karen's Computer Profiler-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Karen's Computer Profiler\ST6UNST.LOG"
Karen's Font Explorer-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Fonts\ST6UNST.LOG"
Karen's Registry Pruner-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Pruner\ST6UNST.LOG"
Karen's Registry Ripper-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\RegRip\ST6UNST.LOG"
Karen's Version Browser-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Karen's Version Browser\ST6UNST.LOG"
Karen's Window Watcher-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\WinWatch\ST6UNST.LOG"
Microsoft .NET Framework 1.1 Hotfix

(KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe"

"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft Calculator Plus-->MsiExec.exe /I{83073C45-3003-4671-9A86-243AAADD915A}
Microsoft Compression Client Pack 1.0 for Windows

XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation

APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel

APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Basic Edition 2003-->MsiExec.exe /I{91130409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Converter Pack-->MsiExec.exe /X{6EECB283-E65F-40EF-86D3-D51BF02A8D43}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack

1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Virtual PC 2007-->MsiExec.exe /X{8A7CAA24-7B23-410B-A7C3-F994B0944160}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mouse Suite for Desktop Computers-->RunDll32

C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program

Files\InstallShield Installation Information\{448E2D77-E504-4221-B2C2-93646B344729}\Setup.exe" -l0x9 -removeonly
Move Networks Player for Internet Explorer-->"C:\Documents and Settings\Administrator\Application Data\Move

Networks\ie_bin\unins000.exe"
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OOo-dev 3.0 Beta-->MsiExec.exe /I{91C69FCE-E631-440A-8682-E2ADA9F5AEAC}
OpenAL-->"C:\Program Files\OpenAL\OpenALwEAX.exe" /U /S
OpenOffice.org 3.0-->MsiExec.exe /I{F44DA61E-720D-4E79-871F-F6E628B33242}
Opera 9.62-->MsiExec.exe /X{8318FEFD-F467-44D6-82B8-129374BFE9B1}
Opera-->C:\PROGRA~1\OPERA9~1.5BE\uninst\unwise.exe C:\PROGRA~1\OPERA9~1.5BE\uninst\install.log
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PCmover-->MsiExec.exe /X{0E747712-A0CF-4F5A-9933-864DF8984925}
PE Builder 3.1.10a-->"c:\pebuilder3110a\unins000.exe"
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Portal-->"C:\Program Files\Steam\steam.exe" steam://uninstall/400
PrintKey2000-->C:\PROGRA~1\PRINTK~1\UNWISE.EXE C:\PROGRA~1\PRINTK~1\INSTALL.LOG
Process Tamer 2.08.02-->"C:\Program Files\ProcessTamer\unins000.exe"
Psychonauts-->RunDll32

C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program

Files\InstallShield Installation Information\{A129D1F2-CAC4-4AD7-B26D-3C6411B87DCC}\setup.exe" -l0x9 -removeonly
Quicken 2008-->MsiExec.exe /X{3B0F52AC-EF5C-4831-B221-06C782E41280}
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Recovery Toolbox for CD Free 1.0-->"C:\Program Files\Recovery Toolbox for CD Free\unins000.exe"
Recuva (remove only)-->"C:\Program Files\Recuva\uninst.exe"
Revo Uninstaller 1.75-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Rhapsody Player Engine-->MsiExec.exe /I{8A62A068-3FD6-495A-9F66-26FE94F32EC9}
Sandboxie 3.32-->"C:\WINDOWS\Installer\SandboxieInstall.exe" /remove
Secunia PSI (RC4)-->"C:\Program Files\Secunia\PSI (RC4)\uninstall.exe"
Security Update for Windows Internet Explorer 7

(KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7

(KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7

(KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7

(KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7

(KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7

(KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7

(KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7

(KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7

(KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player 11

(KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11

(KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
SigmaTel Audio-->RunDll32

C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program

Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\Setup.exe" -l0x9 -remove

-removeonly
Sound Blaster Audigy ADVANCED MB-->RunDll32

C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program

Files\InstallShield Installation Information\{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}\SETUP.EXE" -l0x9 /remove
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
Spyware Terminator-->"C:\Program Files\Spyware Terminator\unins000.exe"
SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe"
SpywareGuard v2.2-->"C:\Program Files\SpywareGuard\unins000.exe"
StartupMonitor-->MsiExec.exe /I{76EFAC4F-1712-401F-B2AE-590B170C9BCE}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
suDown 2.0-->"C:\WINDOWS\unins000.exe"
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Tweak UI-->"C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
Update for Windows Internet Explorer 7 (KB928089)-->"C:\WINDOWS\ie7updates\KB928089\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
USB 2.0 Wireless LAN Card Utility-->RunDll32

C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program

Files\InstallShield Installation Information\{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}\setup.exe" -l0x9 -L0x9

-removeonly
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
WebCyberCoach 3.2 Dell-->"C:\Program Files\WebCyberCoach\b_Dell\WCC_Wipe.exe" "WebCyberCoach ext\wtrb" /inf

"engine.inf,RealUninstallSection,,4" /infcfg "enginecf.inf,RealUninstallSection,,4"
What's Running 2.2-->"C:\Program Files\WhatsRunning\unins000.exe"
Whiz Kid Technomagic Keep My IP, v.1.0-->"C:\Program Files\Whiz Kid Technomagic\Keep My IP-1.0\uninstall.exe"
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Marketplace upgrade options tool-->MsiExec.exe /I{D1D4C9A3-060B-472A-88B7-B313CD622381}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows Vista Upgrade Advisor-->MsiExec.exe /I{C6AA3FB7-804F-4808-AD91-B62D6ED9B788}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPatrol 2008-->C:\PROGRA~1\BILLPS~1\WINPAT~1\Setup.exe /remove /q0
WinPatrol-->MsiExec.exe /I{3205A978-4A7A-403B-A4B9-D48E6BAFB73B}
World of Warcraft FREE Trial-->MsiExec.exe /X{02EBDBB9-4600-41D3-B566-40CB861511D2}
XnView 1.95-->"C:\Program Files\XnView\unins000.exe"

======Hosts File======

127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com

======Security center information======

AV: ThreatFire
AV: avast! antivirus 4.8.1296 [VPS 081202-0]
FW: COMODO Firewall

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\wbem;C:\Program Files\ATI

Technologies\ATI.ACE\Core-Static;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=0403
"set devmgr_show_nonpresent_devices"=1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------





Here is the RSIT log.txt:

Logfile of random's system information tool 1.04 (written by random/random)
Run by Administrator at 2008-12-02 12:22:50
Microsoft Windows XP Professional Service Pack 3
System drive C: has 133 GB (57%) free of 232 GB
Total RAM: 3582 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:22:58 PM, on 12/2/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\PRISMSVC.EXE
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\WINDOWS\StartupMonitor.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Comodo\Firewall\cfp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Dell Wireless\PRISMCFG.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program

Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI

RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program

files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program

Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program

Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program

Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI

RoboForm\roboform.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Hazard Shield] C:\WINDOWS\system32\hzrTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User

'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

(User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Wireless USB 2.0 WLAN Card Utility.lnk = ?
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber

Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber

Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program

Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} -

C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -

C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) -

http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {037790A6-1576-11D6-903D-00105AABADD3} (Seagull Web-to-Host Control Module v4) -

https://inform.bankofny.com/mfsaccess/controls/sglw2hcm.ocx
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) -

https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) -

http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) -

http://www.pandasecurity.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program

Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} (Scanner.SysScanner) -

http://i.dell.com/images/global/js/scanner/SysProExe.cab
O16 - DPF: {4CCA4E6B-9259-11D9-AC6E-444553544200} (FixController Control) -

http://h30155.www3.hp.com/ediags/dd/instal...tallMgr_v01.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) -

http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -

http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

http://update.microsoft.com/windowsupdate/...b?1164026620843
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) -

http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

http://update.microsoft.com/microsoftupdat...b?1164085681250
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775F} (System Requirements Lab) -

http://www.systemrequirementslab.com/sysreqlabsli.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) -

http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) -

https://jpass.bankofny.com/dana-cached/setu...perSetupSP1.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) -

http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O20 - Winlogon Notify: sudown - C:\WINDOWS\SYSTEM32\sudown.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil

Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BOCore - Unknown owner - (no file)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program

Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs

Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DQMNZG - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DQMNZG.exe (file missing)
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper

Networks\Common Files\dsNcService.exe
O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program

Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: HazardShield - Unknown owner - C:\WINDOWS\system32\hzrController.exe
O23 - Service: Iomega App Services - Unknown owner - (no file)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program

Files\Java\jre6\bin\jqs.exe
O23 - Service: JPTGA - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JPTGA.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\WINDOWS\system32\IoctlSvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: PRISMSVC - Conexant Systems, Inc. - C:\WINDOWS\system32\PRISMSVC.EXE
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware

Terminator\sp_rsser.exe
O23 - Service: UTUF - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\UTUF.exe (file missing)
O23 - Service: ZCDI - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ZCDI.exe (file missing)

--
End of file - 14085 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1164863255.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11

75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{4A368E80-174F-4872-96B5-0B27DDD11DB2}]
SpywareGuardDLBLOCK.CBrowserHelper - C:\Program Files\SpywareGuard\dlprotect.dll [2003-08-02 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2008-09-21 5759816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-18 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-11-05 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-29 652784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-18 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-18 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

[2008-09-21 5759816]
{A057A204-BACC-4D26-9990-79A187E2698E}
SITEguard
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-11-05

2403392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Run StartupMonitor"=C:\WINDOWS\StartupMonitor.exe [2000-05-20 86016]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-01 61440]
"Hazard Shield"=C:\WINDOWS\system32\hzrTray.exe [2008-02-03 32768]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]
"COMODO Firewall Pro"=C:\Program Files\Comodo\Firewall\cfp.exe [2008-11-18 1796856]
"COMODO Internet Security"=C:\Program Files\Comodo\Firewall\cfp.exe [2008-11-18 1796856]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-18 136600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"=C:\WINDOWS\MIDIDef.exe [2004-12-22 24576]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ccleaner"=C:\Program Files\CCleaner\ccleaner.exe [2008-10-23 1336560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
C:\Program Files\CCleaner\ccleaner.exe [2008-10-23 1336560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDElbyCDFL]
C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe [2002-11-02 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-03-11 202544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Drag'n'Drop_Autolaunch]
C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe [2004-12-01 131072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2008-03-11 16384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2008-09-21 160592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
C:\WINDOWS\system32\Control.exe [2004-08-04 8192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-08-27 1783808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ThreatFire]
C:\Program Files\ThreatFire\TFTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinPatrol]
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [2008-09-18 333120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and

Settings^Administrator^Start Menu^Programs^Startup^OOo-dev 3.0.lnk]
C:\PROGRA~1\OOO-DE~1\program\QUICKS~1.EXE [2008-04-28 384000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and

Settings^Administrator^Start Menu^Programs^Startup^SpywareGuard.lnk]
C:\PROGRA~1\SPYWAR~2\sgmain.exe [2003-08-29 360448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All

Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
C:\PROGRA~1\DIGITA~1\DLG.exe [2003-10-29 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All

Users^Start Menu^Programs^Startup^Google Updater.lnk]
C:\PROGRA~1\Google\GOOGLE~1\GOOGLE~1.EXE [2008-10-29 161264]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Wireless USB 2.0 WLAN Card Utility.lnk - C:\Program Files\Dell Wireless\PRISMCFG.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-10-28 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist]
C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll [2007-11-18 10792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\PRISMAPI.DLL]
C:\WINDOWS\system32\PRISMAPI.DLL [2006-10-12 450649]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sudown]
C:\WINDOWS\system32\sudown.dll [2006-12-03 8704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

[2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{81559C35-8464-49F7-BB0E-07A383BEF910}"=C:\Program Files\SpywareGuard\spywareguard.dll [2003-08-02 126976]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll

[2008-05-26 304128]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\Windows Defender\MpShHook.dll [2006-11-03

83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=03FEFF03

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\auth

orizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network

Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Dell Network Assistant\ezi_hnm2.exe"="C:\Program Files\Dell Network

Assistant\ezi_hnm2.exe:*:Enabled:Dell Network Assistant"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 -

Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare™"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows

Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows

Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Wild Hare\Instinct\instinct.exe"="C:\Program Files\Wild Hare\Instinct\instinct.exe:*:Enabled:ds2main"
"C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\autho

rizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network

Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows

Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows

Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - D:\Install.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
shell\AutoRun\command - H:\install.exe


======List of files/folders created in the last 1 months======

2008-11-28 19:21:08 ----D---- C:\Program Files\iPod
2008-11-28 19:21:05 ----D---- C:\Program Files\iTunes
2008-11-28 19:21:05 ----D---- C:\Documents and Settings\All Users\Application

Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-27 10:04:49 ----D---- C:\Program Files\EsetOnlineScanner
2008-11-26 14:25:37 ----D---- C:\@OTMoveIt
2008-11-26 14:21:03 ----D---- C:\Program Files\Erunt
2008-11-26 13:57:17 ----A---- C:\Program Files\Uninstall Ask Toolbar.dll
2008-11-23 19:43:33 ----D---- C:\Program Files\QuickTime
2008-11-22 12:09:11 ----D---- C:\Program Files\iPod(2)
2008-11-22 12:09:08 ----D---- C:\Program Files\iTunes(2)
2008-11-22 12:05:24 ----D---- C:\Program Files\QuickTime(2)
2008-11-21 10:40:58 ----D---- C:\rsit
2008-11-19 17:37:19 ----D---- C:\Program Files\Windows Defender
2008-11-19 16:42:24 ----D---- C:\WINDOWS\BDOSCAN8
2008-11-19 11:30:26 ----D---- C:\Program Files\Panda Security
2008-11-18 14:23:22 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2008-11-18 11:47:22 ----A---- C:\WINDOWS\system32\javaws.exe
2008-11-18 11:47:22 ----A---- C:\WINDOWS\system32\javaw.exe
2008-11-18 11:47:22 ----A---- C:\WINDOWS\system32\java.exe
2008-11-18 11:25:40 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-11-16 16:31:14 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-11-14 22:26:32 ----D---- C:\Program Files\TLJ
2008-11-14 17:28:07 ----D---- C:\Program Files\Binary News Reaper
2008-11-13 12:39:44 ----D---- C:\Program Files\Lavasoft
2008-11-13 00:09:22 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2008-11-12 22:02:07 ----D---- C:\Program Files\Illusion Softworks
2008-11-12 17:54:29 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2008-11-12 17:54:29 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2008-11-12 17:54:28 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2008-11-12 17:54:27 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2008-11-12 17:54:27 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2008-11-12 17:54:26 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2008-11-12 17:54:25 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2008-11-12 17:54:24 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2008-11-12 17:54:24 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2008-11-12 17:54:23 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2008-11-12 17:54:22 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-11-12 17:54:22 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2008-11-12 17:54:21 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2008-11-12 16:20:38 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-12 16:20:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-12 16:19:21 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-05 19:37:49 ----D---- C:\Program Files\Adobe Media Player
2008-11-05 18:24:39 ----D---- C:\WINDOWS\system32\AGEIA
2008-11-05 18:24:36 ----D---- C:\Program Files\AGEIA Technologies
2008-11-05 18:17:56 ----D---- C:\Program Files\Playlogic
2008-11-05 02:29:19 ----A---- C:\WINDOWS\Sandboxie.ini
2008-11-05 02:18:09 ----D---- C:\Program Files\Sandboxie
2008-11-03 22:33:19 ----D---- C:\Program Files\Restoration

======List of files/folders modified in the last 1 months======

2008-12-02 12:21:08 ----D---- C:\Program Files\HiJackThis
2008-12-02 12:20:20 ----D---- C:\WINDOWS\Temp
2008-12-02 12:19:07 ----D---- C:\WINDOWS\Prefetch
2008-12-02 10:41:27 ----D---- C:\WINDOWS
2008-12-02 09:43:17 ----D---- C:\WINDOWS\system32
2008-12-02 09:43:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-02 09:41:59 ----SD---- C:\WINDOWS\Tasks
2008-12-02 09:31:43 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-29 23:17:23 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-28 19:22:04 ----SHD---- C:\WINDOWS\Installer
2008-11-28 19:22:04 ----SHD---- C:\Config.Msi
2008-11-28 19:21:08 ----RD---- C:\Program Files
2008-11-28 19:21:07 ----D---- C:\Program Files\Common Files\Apple
2008-11-28 12:49:04 ----D---- C:\Program Files\Mozilla Firefox
2008-11-28 12:32:04 ----D---- C:\WINDOWS\system32\config
2008-11-28 12:31:25 ----D---- C:\WINDOWS\system32\wbem
2008-11-28 12:31:24 ----D---- C:\WINDOWS\Registration
2008-11-28 12:22:14 ----D---- C:\WINDOWS\network diagnostic
2008-11-28 12:17:07 ----D---- C:\Download
2008-11-26 19:10:56 ----A---- C:\WINDOWS\game.ini
2008-11-26 15:38:28 ----D---- C:\@BKPS
2008-11-26 15:31:11 ----D---- C:\Download-Loaded
2008-11-26 14:51:44 ----D---- C:\Program Files\Opera 9.5 beta
2008-11-26 14:45:25 ----D---- C:\Program Files\Comodo
2008-11-26 14:43:34 ----D---- C:\Program Files\Azureus
2008-11-26 14:00:34 ----D---- C:\Program Files\Java
2008-11-26 14:00:32 ----D---- C:\Program Files\Common Files
2008-11-26 13:25:15 ----D---- C:\WINDOWS\system32\drivers
2008-11-26 13:10:46 ----A---- C:\WINDOWS\wininit.ini
2008-11-26 13:06:46 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-11-26 12:21:30 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-11-25 16:26:05 ----D---- C:\Program Files\ATI
2008-11-23 19:49:32 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-23 19:28:21 ----HD---- C:\WINDOWS\inf
2008-11-19 11:33:52 ----D---- C:\Program Files\Quicken
2008-11-18 15:41:54 ----D---- C:\WINDOWS\system32\FxsTmp
2008-11-18 14:33:59 ----A---- C:\WINDOWS\system32\guard32.dll
2008-11-18 14:23:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-11-18 14:19:58 ----RSD---- C:\WINDOWS\assembly
2008-11-18 14:19:14 ----D---- C:\Program Files\ATI Technologies
2008-11-18 14:09:03 ----D---- C:\WINDOWS\Debug
2008-11-18 12:33:07 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-11-18 12:32:10 ----D---- C:\Documents and Settings\Administrator\Application Data\Spyware Terminator
2008-11-18 12:31:24 ----D---- C:\Program Files\Spyware Terminator
2008-11-18 12:27:38 ----D---- C:\Program Files\Opera
2008-11-18 11:47:00 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-11-18 10:53:49 ----D---- C:\Program Files\Common Files\Adobe
2008-11-18 10:53:40 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-11-18 10:53:32 ----D---- C:\Program Files\Adobe
2008-11-18 07:10:50 ----D---- C:\WINDOWS\Help
2008-11-17 22:46:57 ----D---- C:\Program Files\CCleaner
2008-11-17 11:45:17 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-11-17 00:15:37 ----D---- C:\Program Files\SpywareBlaster
2008-11-16 18:11:28 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-11-16 16:31:15 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-14 18:18:03 ----D---- C:\Documents and Settings\All Users\Application Data\Avg7
2008-11-14 15:32:14 ----D---- C:\Documents and Settings\Administrator\Application Data\gtk-2.0
2008-11-14 02:00:17 ----D---- C:\regclean
2008-11-13 12:39:02 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-11-13 06:59:52 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-12 22:16:31 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-12 19:47:28 ----RASH---- C:\boot.ini
2008-11-12 18:13:32 ----A---- C:\WINDOWS\Quicken.ini
2008-11-12 18:13:24 ----D---- C:\Program Files\Common Files\Palo Alto Software
2008-11-12 17:55:49 ----A---- C:\WINDOWS\system32\DxDiag.txt
2008-11-12 17:54:32 ----D---- C:\WINDOWS\system32\DirectX
2008-11-12 16:58:15 ----HD---- C:\WINDOWS\msdownld.tmp
2008-11-12 16:20:35 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-12 16:18:37 ----D---- C:\WINDOWS\WinSxS
2008-11-05 22:42:16 ----D---- C:\WINDOWS\system32\Macromed
2008-11-05 19:38:15 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-11-05 19:35:38 ----D---- C:\Program Files\Google
2008-11-05 18:25:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-11-05 17:34:29 ----A---- C:\WINDOWS\BOC427.INI
2008-11-05 16:46:45 ----D---- C:\Program Files\SpywareGuard
2008-11-05 01:47:06 ----D---- C:\Program Files\Ubisoft
2008-11-04 15:05:24 ----D---- C:\Program Files\RegSeeker
2008-11-04 14:36:40 ----A---- C:\WINDOWS\win.ini
2008-11-04 14:36:40 ----A---- C:\WINDOWS\system.ini
2008-11-04 14:35:39 ----D---- C:\WINDOWS\pss
2008-11-04 14:35:09 ----D---- C:\WINDOWS\security
2008-11-04 14:12:18 ----D---- C:\Program Files\Dell

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2008-11-18

99216]
R1 cmdHlp;COMODO Firewall Pro Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2008-11-18 31504]
R1 DVDVRRdr_xp;DVDVRRdr_xp; C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys [2007-07-14 146560]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2007-07-14 213120]
R1 vmm;Virtual Machine Monitor; \??\C:\WINDOWS\system32\Drivers\vmm.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-10-26 20747]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-11-05 271360]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2002-11-29 16320]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-11-05 18048]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 Packet;Auto Internet Protocol; C:\WINDOWS\system32\DRIVERS\packet.sys [2006-12-18 12672]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\drivers\PfModNT.sys []
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2007-02-23 32768]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-10-28 3341824]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10

138752]
R3 CTUSFSYN;Creative SoundFont Synthesizer; C:\WINDOWS\system32\drivers\ctusfsyn.sys [2005-05-25 158464]
R3 DELL_A02;Dell TrueMobile 1300 USB2.0 WLAN Card Driver; C:\WINDOWS\system32\DRIVERS\PRISMA02.sys

[2006-10-26 357344]
R3 dsNcAdpt;Juniper Network Connect Adapter; C:\WINDOWS\system32\DRIVERS\dsNcAdpt.sys [2007-12-27 23552]
R3 E100B;Intel® PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2005-06-13

162816]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2002-11-28 15360]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

[2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-11-17 1042432]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2003-11-17 212224]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17

16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys []
R3 sigfilt;sigfilt; C:\WINDOWS\system32\drivers\sigfilt.sys [2005-03-24 1350272]
R3 STHDA;High Definition Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\sthda.sys

[2005-06-06 180736]
R3 TMPassthruMP;TMPassthruMP; C:\WINDOWS\system32\DRIVERS\TMPassthru.sys [2007-11-27 35216]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys

[2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-02-11 59520]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys

[2008-02-11 20608]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2007-01-29

59280]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-11-17 680704]
S1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2008-06-10 9336]
S1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2008-06-10 9464]
S1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2007-07-14 259200]
S1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys []
S3 BOCDRIVE;BOClean Kernel Monitor.; \??\C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys []
S3 cel90xbe;cel90xbe; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cel90xbe.sys []
S3 DSproct;DSproct; \??\C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys []
S3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2007-07-14 21993]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-21 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-21

16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys

[2005-10-22 21568]
S3 IKFileSec;File Security Driver; C:\WINDOWS\system32\drivers\ikfilesec.sys [2008-06-02 42376]
S3 IkSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2008-06-02 66952]
S3 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2008-06-10 81288]
S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2007-07-14 22745]
S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-04-09 9856]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-10-27 7808]
S3 SDDMI2;SDDMI2; \??\C:\WINDOWS\system32\DDMI2.sys []
S3 TMPassthru;Trend Micro Passthru Ndis Service; C:\WINDOWS\system32\DRIVERS\TMPassthru.sys [2007-11-27

35216]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-02-11 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver;

C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector;

C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment;

C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-10-28 585728]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\Comodo\Firewall\cmdagent.exe [2008-11-18

618232]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE

[1999-12-13 44032]
R2 dsNcService;Juniper Network Connect Service; C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

[2007-12-27 423280]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-18 152984]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-02-18 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2008-07-06 107832]
R2 PRISMSVC;PRISMSVC; C:\WINDOWS\system32\PRISMSVC.EXE [2006-10-12 61529]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2008-11-15 52736]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-08-27

570880]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2001-05-01 53248]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media

Player\wmpnetwk.exe [2006-10-18 913408]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-10-28 593920]
S2 HazardShield;HazardShield; C:\WINDOWS\system32\hzrController.exe [2008-02-03 15360]
S2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

[2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86;

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 Creative Labs Licensing Service;Creative Labs Licensing Service; C:\Program Files\Common Files\Creative Labs

Shared\Service\CreativeLicensing.exe [2006-11-20 69632]
S3 DQMNZG;DQMNZG; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DQMNZG.exe []
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0;

c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-06-26 31592]
S3 GoToAssist;GoToAssist; C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe [2007-11-18 16936]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication

Foundation\infocard.exe [2007-10-11 864256]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 JPTGA;JPTGA; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JPTGA.exe []
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28

89136]
S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920]
S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2008-08-07 1073544]
S3 UTUF;UTUF; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\UTUF.exe []
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25

266240]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe

[2008-04-14 14336]
S3 ZCDI;ZCDI; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ZCDI.exe []
S4 Iomega Activity Disk2;Iomega Activity Disk2; []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows

Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-08 65795]
S4 R;R; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\R.exe []

-----------------EOF-----------------




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users