Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virtumonde & Possibly Other Infections


  • This topic is locked This topic is locked
2 replies to this topic

#1 Modulus

Modulus

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Connecticut
  • Local time:12:14 AM

Posted 09 December 2008 - 06:50 PM

I've run CCleaner, SpybotS&D, AdAware, Malwarebytes and probably a few other apps trying to rid myself of this recent infection, to no avail.

I have had BSOD's, browser crashes, pop ups, explorer crashes, and high CPU cycles on explorer.exe and lsass.exe processes causing me a large amount of irritation.

Any help is appreciated!! Thanks!

Logfile of random's system information tool 1.04 (written by random/random)
Run by Mike at 2008-12-09 18:44:21
Microsoft Windows XP Home Edition Service Pack 2
System drive F: has 104 GB (44%) free of 238 GB
Total RAM: 2047 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:44:22 PM, on 12/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
F:\WINDOWS\system32\nvsvc32.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\MsPMSPSv.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
F:\WINDOWS\CTHELPER.EXE
F:\WINDOWS\system32\RUNDLL32.EXE
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
F:\Program Files\Belkin\Nostromo\nost_LM.exe
F:\Program Files\Internet Explorer\iexplore.exe
F:\Program Files\Internet Explorer\iexplore.exe
F:\Program Files\Internet Explorer\iexplore.exe
F:\WINDOWS\system32\rundll32.exe
F:\Program Files\Mozilla Firefox 3.1 Beta 2\firefox.exe
F:\Documents and Settings\Mike\Local Settings\Temporary Internet Files\Content.IE5\KMADV8JZ\RSIT[1].exe
F:\Program Files\Trend Micro\HijackThis\Mike.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - F:\Program Files\IE7Pro\IE7Pro.dll
O2 - BHO: (no name) - {04F5218A-5CFB-4F7C-AEE0-9ACD45CC175C} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0d6ffb7b-e5e5-4986-bcc4-ffab056fc1cb} - F:\WINDOWS\system32\jawepuwa.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {D7FCEDF0-90B5-40E3-AF96-AACC33A286E1} - (no file)
O2 - BHO: (no name) - {f6116e46-a849-4ef1-ae1d-f80d99dade1e} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [favifajeli] Rundll32.exe "F:\WINDOWS\system32\dataheme.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [favifajeli] Rundll32.exe "F:\WINDOWS\system32\dataheme.dll",s (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk.disabled
O4 - Global Startup: Loadout Manager.lnk = F:\Program Files\Belkin\Nostromo\nost_LM.exe
O8 - Extra context menu item: &Save Video As... - res://F:\Program Files\videodetect\videodetect.dll/201
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - F:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - F:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra button: Video Detect - {0028E570-E86D-4ceb-A108-76158C18DEF3} - F:\Program Files\videodetect\videodetect.dll
O9 - Extra 'Tools' menuitem: Video Detect - {0028E570-E86D-4ceb-A108-76158C18DEF3} - F:\Program Files\videodetect\videodetect.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - F:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - F:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - F:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - F:\WINDOWS\system32\shdocvw.dll
O12 - Plugin for .mdz: F:\Program Files\Internet Explorer\Plugins\npmod32.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1192231833875
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: F:\WINDOWS\system32\dataheme.dll f:\windows\system32\viheheji.dll f:\windows\system32\kalagoji.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - f:\windows\system32\kalagoji.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - f:\windows\system32\kalagoji.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - F:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - Unknown owner - F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TVersityMediaServer - Unknown owner - F:\Program Files\TVersity\Media Server\MediaServer.exe
O24 - Desktop Component 0: (no name) - F:\Documents and Settings\Mike\My Documents\My Pictures\350zgts06_01(2).jpg
O24 - Desktop Component 2: (no name) - F:\Documents and Settings\Mike\My Documents\blah.html

--
End of file - 8410 bytes

======Scheduled tasks folder======

F:\WINDOWS\tasks\hbeqtppi.job
F:\WINDOWS\tasks\ujfpgrro.job
F:\WINDOWS\tasks\User_Feed_Synchronization-{B5A797E7-17F3-4E67-8D43-EE37425E3CC4}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - F:\Program Files\IE7Pro\IE7Pro.dll [2007-06-22 1048576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04F5218A-5CFB-4F7C-AEE0-9ACD45CC175C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0d6ffb7b-e5e5-4986-bcc4-ffab056fc1cb}]
F:\WINDOWS\system32\jawepuwa.dll [2008-09-08 63030]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - F:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - F:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - F:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - f:\program files\google\googletoolbar1.dll [2008-10-06 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D7FCEDF0-90B5-40E3-AF96-AACC33A286E1}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f6116e46-a849-4ef1-ae1d-f80d99dade1e}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - f:\program files\google\googletoolbar1.dll [2008-10-06 2403392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=F:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"CTHelper"=F:\WINDOWS\CTHELPER.EXE [2006-08-11 17920]
"NvCplDaemon"=F:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]
"NvMediaCenter"=F:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]
"QuickTime Task"=F:\Program Files\QuickTime\qttask.exe [2007-12-11 286720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=F:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"SpybotSD TeaTimer"=F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
F:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2008-11-09 2356088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]
F:\PROGRA~1\AVG\AVG8\avgtray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bar]
F:\DOCUME~1\Mike\LOCALS~1\Temp\coccrrwnxa.tmp []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
F:\Program Files\BitTorrent\bittorrent.exe [2008-09-26 634672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
F:\Program Files\DNA\btdna.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
F:\Program Files\GameSpy\Comrade\Comrade.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
F:\WINDOWS\system32\CTXFIHLP.EXE [2006-08-11 18944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CurseClient]
F:\Program Files\Curse\CurseClient.exe [2008-10-10 4789760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Uploader Oe Integration]
F:\Program Files\Free Download Manager\FUM\fumoei.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gadcom]
F:\Documents and Settings\Mike\Application Data\gadcom\gadcom.exe 61A847B5BBF728173599284503996897C881250221C8670836AC4FA7C8833201749139 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gainward]
F:\WINDOWS\TBPanel.exe /A []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
F:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
F:\Program Files\Google\Google Talk\googletalk.exe /autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GSC]
F:\Program Files\GSC\GSClient.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
F:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
F:\Program Files\Internet Download Manager\IDMan.exe /onboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
F:\Program Files\Download Manager\DLM.exe [2008-08-01 1103216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
F:\Program Files\CyberLink\PowerDVD\Language\Language.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LCDMon]
F:\Program Files\Logitech\G-series Software\LCDMon.exe [2006-03-06 497152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LGDCore]
F:\Program Files\Logitech\G-series Software\LGDCore.exe [2006-03-06 1122304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
F:\WINDOWS\Logi_MwX.Exe [2003-12-17 19968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
F:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NapsterShell]
F:\Program Files\Napster\napster.exe /systray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA nTune]
F:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-07-03 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
F:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
F:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayNC Launcher]
f:\program files\ncsoft\launcher\NCLauncher.exe /Minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\prunnet]
F:\WINDOWS\system32\prunnet.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
F:\Program Files\QuickTime\qttask.exe [2007-12-11 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RivaTunerStartupDaemon]
F:\Program Files\RivaTuner v2.05\RivaTuner.exe /S []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartRAM]
F:\Program Files\IObit\Advanced WindowsCare V2\MemCleaner.exe /m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
F:\WINDOWS\SOUNDMAN.EXE [2005-08-17 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
f:\program files\steam\steam.exe [2008-10-26 1410296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Taskbar Shuffle]
F:\Program Files\Taskbar Shuffle\taskbarshuffle.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UltraMon]
F:\Program Files\UltraMon\UltraMon.exe /auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
F:\Program Files\Winamp\winampa.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zboard]
F:\Program Files\Ideazon\ZEngine\Zboard.exe [2007-04-03 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
f:\Program Files\Zune\ZuneLauncher.exe [2008-04-29 158624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^dbB+ Timer.lnk]
F:\WINDOWS\Installer\{682DF6E2-8090-41BF-9533-BA94E9FE46AF}\_ECA712DB4BD111E5E4E278.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^Wowhead Client.lnk]
F:\DOCUME~1\Mike\LOCALS~1\Temp\Rar$EX00.750\WOWHEA~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^ymetray.lnk]
F:\PROGRA~1\Yahoo!\YAHOO!~1\ymetray.exe yahoomusicengine -preload []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\F:^Documents and Settings^Mike^Start Menu^Programs^Startup^Yahoo! Widget Engine.lnk]
F:\PROGRA~1\Yahoo!\Widgets\YAHOOW~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"RichVideo"=2
"PnkBstrA"=2
"nTuneService"=2
"Microsoft Office Groove Audit Service"=3
"ZuneWlanCfgSvc"=3
"ZuneNetworkSvc"=2
"ZuneBusEnum"=2
"WZCSVC"=2
"UPS"=3
"Spooler"=2
"ose"=3
"CiSvc"=3
"Browser"=2
"ADVService"=3
"TVersityMediaServer"=2
"avg8wd"=2

F:\Documents and Settings\All Users\Start Menu\Programs\Startup
Loadout Manager.lnk - F:\Program Files\Belkin\Nostromo\nost_LM.exe

F:\Documents and Settings\Mike\Start Menu\Programs\Startup
OneNote 2007 Screen Clipper and Launcher.lnk.disabled - F:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="F:\WINDOWS\system32\dataheme.dll f:\windows\system32\viheheji.dll f:\windows\system32\kalagoji.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
F:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - F:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - f:\windows\system32\kalagoji.dll [2008-12-09 94006]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - f:\windows\system32\kalagoji.dll [2008-12-09 94006]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=F:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
F:\WINDOWS\system32\dataheme.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=4294967295

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"F:\UnrealTournament\System\UnrealTournament.exe"="F:\UnrealTournament\System\UnrealTournament.exe:*:Enabled:UnrealTournament"
"F:\Program Files\BitTorrent\bittorrent.exe"="F:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"F:\Program Files\MSN Messenger\msnmsgr.exe"="F:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"F:\Program Files\MSN Messenger\livecall.exe"="F:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"F:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="F:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"F:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="F:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"F:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="F:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"F:\WINDOWS\system32\pnkbstra.exe"="F:\WINDOWS\system32\pnkbstra.exe:*:Enabled:PnkBstrA"
"F:\WINDOWS\system32\PnkBstrB.exe"="F:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"F:\Program Files\Microsoft ActiveSync\rapimgr.exe"="F:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"F:\Program Files\Microsoft ActiveSync\wcescomm.exe"="F:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"F:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="F:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"F:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe"="F:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"F:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords.exe"="F:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords.exe:*:Enabled:Sid Meier's Civilization 4 Warlords"
"F:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords_PitBoss.exe"="F:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Pitboss"
"F:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe"="F:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword"
"F:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe"="F:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword Pitboss"
"F:\Program Files\Curse\CurseClient.exe"="F:\Program Files\Curse\CurseClient.exe:*:Enabled:Curse Client"
"F:\Program Files\AVG\AVG8\avgupd.exe"="F:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"F:\WINDOWS\system32\winlogon.exe"="F:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"F:\Program Files\TVersity\Media Server\MediaServer.exe"="F:\Program Files\TVersity\Media Server\MediaServer.exe:*:Enabled:TVersity Media Server"
"F:\Program Files\Belkin\Nostromo\nost_LM.exe"="F:\Program Files\Belkin\Nostromo\nost_LM.exe:*:Enabled:nost_LM"
"F:\Program Files\Mozilla Firefox\firefox.exe"="F:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:firefox"
"F:\WINDOWS\system32\rundll32.exe"="F:\WINDOWS\system32\rundll32.exe:*:Enabled:rundll32"
"F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"="F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe:*:Enabled:TeaTimer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"F:\Program Files\MSN Messenger\msnmsgr.exe"="F:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"F:\Program Files\MSN Messenger\livecall.exe"="F:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"F:\Program Files\Microsoft ActiveSync\rapimgr.exe"="F:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"F:\Program Files\Microsoft ActiveSync\wcescomm.exe"="F:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"F:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="F:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

======List of files/folders created in the last 1 months======

2008-12-09 18:44:21 ----D---- F:\rsit
2008-12-09 18:41:46 ----D---- F:\Program Files\Mozilla Firefox 3.1 Beta 2
2008-12-09 18:14:34 ----SH---- F:\WINDOWS\system32\ofonezuf.ini
2008-12-09 06:14:26 ----SH---- F:\WINDOWS\system32\olalonak.ini
2008-12-08 18:36:45 ----A---- F:\WINDOWS\wininit.ini
2008-12-07 17:19:32 ----D---- F:\Backup 12-07-2008
2008-12-07 16:54:03 ----A---- F:\WINDOWS\{00000004-00000000-00000007-00001102-00000004-20021102}.BAK
2008-12-07 14:08:12 ----A---- F:\WINDOWS\ntbtlog.txt
2008-12-07 01:30:16 ----A---- F:\WINDOWS\Folder Lock 6 Setup Log.txt
2008-12-06 18:15:19 ----D---- F:\Documents and Settings\Mike\Application Data\SuperNZB
2008-12-06 18:15:11 ----D---- F:\Program Files\SuperNZB
2008-12-06 17:04:46 ----D---- F:\Documents and Settings\Mike\Application Data\IDM
2008-12-06 17:04:46 ----D---- F:\Documents and Settings\Mike\Application Data\DMCache
2008-12-06 17:04:42 ----D---- F:\Program Files\Internet Download Manager
2008-12-06 15:47:35 ----SHD---- F:\Config.Msi
2008-12-06 13:44:39 ----A---- F:\WINDOWS\system32\NCTWMVFile.dll
2008-12-06 13:44:39 ----A---- F:\WINDOWS\system32\NCTVideoFile.dll
2008-12-06 13:44:39 ----A---- F:\WINDOWS\system32\NCTVideoDxPlayer.dll
2008-12-06 13:44:39 ----A---- F:\WINDOWS\system32\NCTVideoCoreM.dll
2008-12-06 13:44:39 ----A---- F:\WINDOWS\system32\NCTQuickTimeFile.dll
2008-12-06 13:44:39 ----A---- F:\WINDOWS\system32\NCTAVIFile.dll
2008-12-06 13:44:39 ----A---- F:\WINDOWS\system32\NCTAudioFormatSettings3.dll
2008-12-06 13:44:39 ----A---- F:\WINDOWS\system32\NCTAudioCompress3.dll
2008-12-06 13:44:38 ----A---- F:\WINDOWS\system32\wmpcdcs8.exe
2008-12-06 13:44:38 ----A---- F:\WINDOWS\system32\NCTVideoCompress.dll
2008-12-06 13:44:38 ----A---- F:\WINDOWS\system32\NCTAudioCompress2.dll
2008-12-06 13:44:38 ----A---- F:\WINDOWS\system32\msvcr70.dll
2008-12-06 13:44:38 ----A---- F:\WINDOWS\system32\msvcp70.dll
2008-12-06 13:44:38 ----A---- F:\WINDOWS\system32\lame_enc.dll
2008-12-03 19:53:39 ----D---- F:\Documents and Settings\Mike\Application Data\Malwarebytes
2008-12-03 19:52:59 ----D---- F:\Program Files\Malwarebytes' Anti-Malware
2008-12-03 19:52:59 ----D---- F:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-03 19:08:38 ----D---- F:\Program Files\Lavasoft
2008-12-03 19:08:33 ----D---- F:\Documents and Settings\All Users\Application Data\Lavasoft
2008-12-03 18:22:36 ----D---- F:\Program Files\Spybot - Search & Destroy
2008-12-03 18:22:36 ----D---- F:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-03 00:40:03 ----A---- F:\WINDOWS\system32\rqRIyApo.dll
2008-12-02 19:55:10 ----A---- F:\WINDOWS\SchedLgU.Txt
2008-12-02 18:44:43 ----D---- F:\Documents and Settings\All Users\Application Data\avg8
2008-12-02 18:36:08 ----D---- F:\Program Files\Trend Micro
2008-12-01 19:47:22 ----A---- F:\WINDOWS\system32\0b23c5f2-.txt
2008-12-01 19:45:16 ----ASH---- F:\WINDOWS\system32\lmWaGfhk.ini
2008-11-30 13:33:32 ----D---- F:\Program Files\avijoin
2008-11-29 12:15:02 ----D---- F:\Program Files\NewsLeecher
2008-11-29 01:57:53 ----D---- F:\Documents and Settings\Mike\Application Data\GrabIt
2008-11-29 01:40:21 ----D---- F:\Documents and Settings\Mike\Application Data\NewzToolz-EZ
2008-11-15 13:06:05 ----D---- F:\Documents and Settings\Mike\Application Data\vlc
2008-11-15 13:05:17 ----D---- F:\Program Files\VideoLAN
2008-11-14 22:43:34 ----A---- F:\WINDOWS\cdplayer.ini
2008-11-11 19:19:57 ----D---- F:\Documents and Settings\Mike\Application Data\Red Alert 3

======List of files/folders modified in the last 1 months======

2008-12-09 18:41:55 ----D---- F:\WINDOWS\Prefetch
2008-12-09 18:41:46 ----RD---- F:\Program Files
2008-12-09 18:26:31 ----D---- F:\Program Files\Mozilla Firefox
2008-12-09 18:14:40 ----D---- F:\WINDOWS\system32
2008-12-09 18:14:20 ----ASH---- F:\WINDOWS\system32\kalagoji.dll
2008-12-09 18:14:20 ----ASH---- F:\WINDOWS\system32\fuzenofo.dll
2008-12-09 06:14:15 ----N---- F:\WINDOWS\system32\kanolalo.dll
2008-12-09 06:14:15 ----ASH---- F:\WINDOWS\system32\yofamoyu.dll
2008-12-08 21:02:36 ----D---- F:\WINDOWS\Temp
2008-12-08 18:36:45 ----D---- F:\WINDOWS
2008-12-08 18:14:35 ----ASH---- F:\WINDOWS\system32\nuvanifi.dll
2008-12-08 18:14:35 ----ASH---- F:\WINDOWS\system32\lotonene.dll
2008-12-08 03:05:44 ----N---- F:\WINDOWS\system32\fiseziju.dll
2008-12-07 18:29:16 ----D---- F:\Program Files\TVersity Codec Pack
2008-12-07 18:29:13 ----D---- F:\Program Files\ffdshow
2008-12-07 17:35:41 ----SD---- F:\Documents and Settings\Mike\Application Data\Microsoft
2008-12-07 17:16:06 ----D---- F:\WINDOWS\system32\CatRoot2
2008-12-07 16:53:12 ----SHD---- F:\RECYCLER
2008-12-07 15:05:17 ----ASH---- F:\WINDOWS\system32\pusekudu.dll
2008-12-07 14:23:18 ----D---- F:\WINDOWS\Help
2008-12-07 14:21:52 ----A---- F:\WINDOWS\win.ini
2008-12-07 14:21:52 ----A---- F:\WINDOWS\system.ini
2008-12-07 14:08:47 ----HD---- F:\WINDOWS\inf
2008-12-06 16:46:55 ----SHD---- F:\WINDOWS\Installer
2008-12-06 16:25:40 ----SD---- F:\WINDOWS\Downloaded Program Files
2008-12-06 16:14:21 ----D---- F:\Program Files\Windows Media Connect 2
2008-12-06 15:58:25 ----D---- F:\Program Files\Steam
2008-12-06 15:51:45 ----HD---- F:\Program Files\InstallShield Installation Information
2008-12-06 15:50:53 ----D---- F:\Program Files\DivX
2008-12-06 15:49:09 ----D---- F:\WINDOWS\system
2008-12-06 15:46:40 ----D---- F:\Documents and Settings\All Users\Application Data\Amazon
2008-12-06 15:43:38 ----D---- F:\WINDOWS\system32\drivers
2008-12-06 13:45:32 ----D---- F:\Documents and Settings\Mike\Application Data\IGN_DLM
2008-12-05 21:03:11 ----D---- F:\WINDOWS\system32\LogFiles
2008-12-03 19:07:15 ----D---- F:\Program Files\Common Files\Wise Installation Wizard
2008-12-03 00:40:05 ----SD---- F:\WINDOWS\Tasks
2008-12-02 18:26:10 ----D---- F:\Documents and Settings\Mike\Application Data\IObit
2008-12-02 18:06:32 ----D---- F:\Program Files\Common Files
2008-11-29 14:53:04 ----D---- F:\Documents and Settings\Mike\Application Data\NewsLeecher
2008-11-29 14:42:13 ----D---- F:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-11-29 14:29:31 ----D---- F:\WINDOWS\Debug
2008-11-28 17:44:40 ----D---- F:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-11-28 17:42:37 ----D---- F:\WINDOWS\system32\PolarClock3 dir
2008-11-20 23:44:00 ----D---- F:\WINDOWS\system32\Adobe
2008-11-20 23:34:01 ----D---- F:\Documents and Settings\Mike\Application Data\Macromedia
2008-11-20 23:34:01 ----D---- F:\Documents and Settings\Mike\Application Data\Adobe
2008-11-20 20:11:48 ----D---- F:\World of Warcraft
2008-11-17 20:37:03 ----D---- F:\Program Files\Curse
2008-11-15 12:44:59 ----RSHDC---- F:\WINDOWS\system32\dllcache
2008-11-15 12:44:08 ----D---- F:\WINDOWS\nview
2008-11-15 12:42:26 ----D---- F:\Program Files\AGEIA Technologies
2008-11-14 22:43:14 ----D---- F:\Documents and Settings\Mike\Application Data\BitTorrent
2008-11-12 03:00:55 ----HD---- F:\WINDOWS\$hf_mig$
2008-11-12 03:00:22 ----D---- F:\WINDOWS\WinSxS
2008-11-11 18:33:27 ----D---- F:\WINDOWS\system32\DirectX
2008-11-11 18:30:33 ----D---- F:\Program Files\DAEMON Tools
2008-11-10 18:10:00 ----RSD---- F:\WINDOWS\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; F:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 36864]
R1 kbdhid;Keyboard HID Driver; F:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R2 zumbus;Zune Bus Enumerator Driver; F:\WINDOWS\system32\DRIVERS\zumbus.sys [2008-04-29 40704]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); F:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-19 3644800]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; F:\WINDOWS\system32\DRIVERS\AN983.sys [2004-08-03 36224]
R3 Arp1394;1394 ARP Client Protocol; F:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 bcgame;Nostromo HID Device Minidriver; F:\WINDOWS\system32\drivers\bcgame.sys [2003-07-23 22821]
R3 ctac32k;Creative AC3 Software Decoder; F:\WINDOWS\system32\drivers\ctac32k.sys [2006-08-11 502272]
R3 ctaud2k;Creative Audio Driver (WDM); F:\WINDOWS\system32\drivers\ctaud2k.sys [2006-08-11 499584]
R3 ctprxy2k;Creative Proxy Driver; F:\WINDOWS\system32\drivers\ctprxy2k.sys [2006-08-11 7168]
R3 ctsfm2k;Creative SoundFont Management Device Driver; F:\WINDOWS\system32\drivers\ctsfm2k.sys [2006-08-11 143872]
R3 emupia;E-mu Plug-in Architecture Driver; F:\WINDOWS\system32\drivers\emupia2k.sys [2006-08-11 78336]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; F:\WINDOWS\system32\drivers\ha10kx2k.sys [2006-08-11 766976]
R3 hap16v2k;Creative P16V HAL Driver; F:\WINDOWS\system32\drivers\hap16v2k.sys [2006-08-11 154112]
R3 hidusb;Microsoft HID Class Driver; F:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; F:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys [2003-12-17 25505]
R3 LHidUsb;Logitech USB Receiver device driver; F:\WINDOWS\System32\Drivers\LHidUsb.Sys [2003-12-17 37887]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; F:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2003-12-17 70801]
R3 mouhid;Mouse HID Driver; F:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; F:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; F:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-12 5810]
R3 NIC1394;1394 Net Driver; F:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 nv;nv; F:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
R3 ossrv;Creative OS Services Driver; F:\WINDOWS\system32\drivers\ctoss2k.sys [2006-08-11 116224]
R3 tbhsd;Tunebite High-Speed Dubbing; F:\WINDOWS\system32\drivers\tbhsd.sys [2007-09-06 19200]
R3 usbccgp;Microsoft USB Generic Parent Driver; F:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; F:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; F:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; F:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 Wdf01000;Wdf01000; F:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S1 amdtools;AMD Special Tools Driver; F:\WINDOWS\system32\DRIVERS\amdtools.sys []
S1 ATITool;ATITool Overclocking Utility; F:\WINDOWS\system32\DRIVERS\ATITool.sys [2006-11-10 24064]
S1 AvgLdx86;AVG Free AVI Loader Driver x86; F:\WINDOWS\System32\Drivers\avgldx86.sys []
S1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; F:\WINDOWS\System32\Drivers\avgmfx86.sys []
S2 MCSTRM;MCSTRM; F:\WINDOWS\system32\drivers\MCSTRM.sys []
S3 Alpham;Ideazon Fang Composite Keyboard Driver; F:\WINDOWS\system32\DRIVERS\Alpham.sys [2005-12-04 34944]
S3 Alpham1;Ideazon Fang USB Human Interface Device; F:\WINDOWS\system32\DRIVERS\Alpham1.sys [2007-03-20 42240]
S3 Alpham2;Ideazon Fang MM USB Human Interface Device; F:\WINDOWS\system32\DRIVERS\Alpham2.sys [2007-03-20 18432]
S3 azar7xsm;azar7xsm; F:\WINDOWS\system32\drivers\azar7xsm.sys []
S3 Cardex;Cardex; \??\F:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 cmudau32;C-Media USB UDA Sound Interface; F:\WINDOWS\system32\drivers\cmudaxu.sys [2006-02-09 1391040]
S3 ctdvda2k;Creative DVD-Audio Device Driver; F:\WINDOWS\system32\drivers\ctdvda2k.sys [2005-11-10 340704]
S3 ENTECH;ENTECH; \??\F:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 hamachi;Hamachi Network Interface; F:\WINDOWS\system32\DRIVERS\hamachi.sys [2007-05-26 25544]
S3 hap17v2k;Creative P17V HAL Driver; F:\WINDOWS\system32\drivers\hap17v2k.sys [2006-08-11 180224]
S3 npkcrypt;npkcrypt; \??\F:\Program Files\Lineage II\system\npkcrypt.sys []
S3 npkcusb;npkcusb; \??\F:\Program Files\Lineage II\system\npkcusb.sys []
S3 NVR0Dev;NVR0Dev; \??\F:\WINDOWS\nvoclock.sys []
S3 PalmUSBD;PalmUSBD; F:\WINDOWS\system32\drivers\PalmUSBD.sys []
S3 SANDRA;SANDRA; \??\F:\Program Files\SiSoftware\SiSoftware Sandra Professional Business XIIc\Sandra.sys []
S3 UltraMonMirror;UltraMonMirror; F:\WINDOWS\system32\DRIVERS\UltraMonMirror.sys []
S3 usb_rndisx;USB RNDIS Adapter; F:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-20 12800]
S3 usbaudio;USB Audio Driver (WDM); F:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbprint;Microsoft USB PRINTER Class; F:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; F:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; F:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb;WpdUsb; F:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; F:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; F:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; F:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 MDM;Machine Debug Manager; F:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2003-03-19 335872]
R2 NVSvc;NVIDIA Display Driver Service; F:\WINDOWS\system32\nvsvc32.exe [2008-10-07 163908]
R2 WMDM PMSP Service;WMDM PMSP Service; F:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; F:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S2 avg8wd;AVG Free8 WatchDog; F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe []
S2 WMPNetworkSvc;Windows Media Player Network Sharing Service; F:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 aspnet_state;ASP.NET State Service; F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; f:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 gusvc;Google Updater Service; F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-06 138168]
S3 idsvc;Windows CardSpace; F:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 odserv;Microsoft Office Diagnostics Service; F:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 TVersityMediaServer;TVersityMediaServer; F:\Program Files\TVersity\Media Server\MediaServer.exe [2008-11-27 827392]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; F:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 usprserv;User Privilege Service; F:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
S4 ADVService;Amazon Unbox Video Service; F:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe []
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; F:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; F:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]
S4 nTuneService;nTune Service; F:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-07-03 131072]
S4 ose;Office Source Engine; F:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 PnkBstrA;PnkBstrA; F:\WINDOWS\system32\PnkBstrA.exe [2007-11-14 66872]
S4 ZuneBusEnum;Zune Bus Enumerator; f:\WINDOWS\system32\ZuneBusEnum.exe [2008-04-29 61856]
S4 ZuneNetworkSvc;Zune Network Sharing Service; f:\Program Files\Zune\ZuneNss.exe [2008-04-29 5065120]
S4 ZuneWlanCfgSvc;Zune Wireless Configuration Service; f:\WINDOWS\system32\ZuneWlanCfgSvc.exe [2008-04-29 245664]

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.04 2008-12-09 18:44:24

======Uninstall list======

-->F:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->F:\Program Files\USBToolbox\setup.exe
-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {926CC8AE-8414-43DF-8EB4-CF26D9C3C663}
-->MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 F:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player ActiveX-->F:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->F:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player-->F:\WINDOWS\system32\Adobe\Shockwave 11\UNWISE.EXE F:\WINDOWS\system32\Adobe\Shockwave 11\Install.log
AsusUpdate-->F:\WINDOWS\IsUninst.exe -f"F:\Program Files\ASUS\AsusUpdate\Uninst.isu"
AVI Joiner-->"F:\Program Files\avijoin\unins000.exe"
Calculator-->F:\Program Files\Microsoft ActiveSync\Calculator\Uninstall.exe Calculator
CCleaner (remove only)-->"F:\Program Files\CCleaner\uninst.exe"
Curse Client-->F:\Program Files\Curse\uninstall.exe
Desktop Netstat 1.3a-->rundll32.exe advpack.dll,LaunchINFSectionEx F:\Program Files\Google\Google Desktop Search\Plugins\Desktop Netstat\DesktopNetstat.inf,DefaultUnInstall
Diablo II-->F:\WINDOWS\DIIUnin.exe F:\WINDOWS\DIIUnin.dat
DivX Codec-->F:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->F:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->F:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->F:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Download Manager 2.3.7-->F:\Program Files\Download Manager\uninst.exe
EndItAll 2.0-->"F:\Program Files\EndItAll\unins000.exe"
Enemy Territory - QUAKE Wars™ Beta 1.1 Patch-->F:\Program Files\InstallShield Installation Information\{B547451E-9D40-411C-9A18-05A2D997B225}\setup.exe -runfromtemp -l0x0409
EPSON Printer Software-->F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
ffdshow [rev 1723] [2007-12-24]-->"F:\Program Files\ffdshow\unins000.exe"
FLV Player 1.3.3-->"F:\Program Files\FLVPlayer\uninstall.exe"
FLV Player-->"F:\WINDOWS\FLV Player\uninstall.exe" "/U:F:\Program Files\FLV Player\Uninstall\uninstall.xml"
Fraps (remove only)-->"F:\Fraps\uninstall.exe"
Freez FLV to MP3 Converter-->"F:\Program Files\Smallvideosoft\Freez FLV to MP3 Converter\unins000.exe"
Google Earth-->MsiExec.exe /I{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "f:\program files\google\googletoolbar1.dll"
HijackThis 2.0.2-->"F:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Internet Explorer 7 (KB947864)-->"F:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
IE7Pro-->"F:\Program Files\IE7Pro\unins000.exe"
Java™ 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java™ 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Logitech G-series Keyboard Software-->MsiExec.exe /X{5A080213-5AEC-4BF2-BB32-796EB0E421EC}
Logitech MouseWare 9.79.1 -->RunDll32 F:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "F:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\Setup.exe" -l0x9 -l0009 UNINSTALL
Malwarebytes' Anti-Malware-->"F:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"F:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "F:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Language Pack - DEU-->F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - DEU\install.exe
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0-->f:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Compression Client Pack 1.0 for Windows XP-->"F:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Internationalized Domain Names Mitigation APIs-->"F:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"F:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"F:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"F:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"F:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
mIRC-->"F:\Program Files\mIRC\mirc.exe" -uninstall
ModPlug Player-->"F:\Program Files\ModPlug\Player\unins000.exe"
Mozilla Firefox (3.1b2)-->F:\Program Files\Mozilla Firefox 3.1 Beta 2\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Napster Burn Engine-->MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}
NewsLeecher v3.9 Final-->"F:\Program Files\NewsLeecher\unins000.exe"
Nostromo Array Programming Software-->MsiExec.exe /X{0F3A1C5A-DA6A-4536-A058-CBB857CAC20C}
NVIDIA Drivers-->F:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX v8.09.04-->MsiExec.exe /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
Peggle Extreme-->"F:\Program Files\Steam\steam.exe" steam://uninstall/3483
Quicken 2009-->MsiExec.exe /X{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}
QuickTime-->MsiExec.exe /I{E0D51394-1D45-460A-B62D-383BC4F8B335}
Realtek AC'97 Audio-->RunDll32 F:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "F:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x9 -removeonly
Rhapsody Player Engine-->MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Rhapsody-->F:\PROGRA~1\Rhapsody\Unwise32.exe /A F:\PROGRA~1\Rhapsody\install.log
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Visio 2007 (KB947590)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Security Update for Windows Internet Explorer 7 (KB928090)-->"F:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB931768)-->"F:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566)-->"F:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"F:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"F:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"F:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"F:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"F:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"F:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"F:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Sid Meier's Civilization 4 - Beyond the Sword-->F:\Program Files\InstallShield Installation Information\{32E4F0D2-C135-475E-A841-1D59A0D22989}\setup.exe -runfromtemp -l0x0009 -removeonly
Sid Meier's Civilization 4 - Warlords-->F:\Program Files\InstallShield Installation Information\{3E4B349F-10B5-4586-9D99-489A90A8B228}\setup.exe -runfromtemp -l0x0009 -removeonly
Sid Meier's Civilization 4-->RunDll32 F:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "F:\Program Files\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x9 -removeonly
Spb Mobile Shell-->F:\Program Files\Microsoft ActiveSync\Spb Mobile Shell\Uninstall.exe Spb Mobile Shell
Spybot - Search & Destroy-->"F:\Program Files\Spybot - Search & Destroy\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SuperNZB v3.2.1-->"F:\Program Files\SuperNZB\unins000.exe"
Team Fortress 2-->"F:\Program Files\Steam\steam.exe" steam://uninstall/440
Tunebite 4.1.0.35-->"F:\Program Files\Tunebite\unins000.exe"
TVersity Codec Pack 1.2-->F:\Program Files\TVersity Codec Pack\uninst.exe
TVersity Media Server 1.0.0.8 RC5-->F:\Program Files\TVersity\Media Server\uninst.exe
Unreal Tournament-->F:\Program Files\UnrealTournament\System\Setup.exe uninstall "UnrealTournament"
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb957829)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {07A1F6B6-4F1C-418C-A605-755A121C4A16}
USB Mass Storage Toolbox-->RunDll32 F:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "F:\Program Files\InstallShield Installation Information\{62B002C5-1AB3-11D8-8092-00E018B21FC0}\Setup.exe"
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Ventrilo Server-->MsiExec.exe /I{1D46A3A0-B37D-423A-91C2-101A49E2FF80}
videodetect 1.0-->"F:\Program Files\videodetect\unins000.exe"
VLC media player 0.9.6-->F:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp-->"F:\Program Files\Winamp\UninstWA.exe"
Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Imaging Component-->"F:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 8 Beta 2-->"F:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Media Format 11 runtime-->"F:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"F:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"F:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"F:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Mobile® Device Handbook-->F:\Program Files\Windows Mobile Device Handbook\Windows Mobile Device Handbook\Bin\DHUninstall.exe
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
WinRAR archiver-->F:\Program Files\WinRAR\uninstall.exe
World of Warcraft-->F:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
Z Engine-->MsiExec.exe /X{64E47A5F-B3C4-476A-9100-2D006BD1FFB4}
Zune Desktop Theme-->MsiExec.exe /X{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}
Zune Language Pack (ES)-->MsiExec.exe /X{EE4ACABF-531E-419A-9225-B8E0FA4955AF}
Zune Language Pack (FR)-->MsiExec.exe /X{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}
Zune-->f:\Program Files\Zune\ZuneSetup.exe /x
Zune-->MsiExec.exe /X{FF70513F-E3A7-402F-84FB-B7810A064BE2}

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;F:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;F:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;F:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
"QTJAVA"=F:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip

-----------------EOF-----------------
I'm not a vegetarian because I dislike meat, I'm a vegetarian because I hate plants!

BC AdBot (Login to Remove)

 


#2 Modulus

Modulus
  • Topic Starter

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Connecticut
  • Local time:12:14 AM

Posted 15 December 2008 - 07:17 PM

Nevermind... Reinstalling windows.
I'm not a vegetarian because I dislike meat, I'm a vegetarian because I hate plants!

#3 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:01:14 AM

Posted 17 December 2008 - 02:34 AM

Thank for telling us what your are doing. Good luck.

Should you have other problem, please start a new topic,

This thread is closed.
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users