Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware help please


  • This topic is locked This topic is locked
1 reply to this topic

#1 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:50 PM

Posted 09 December 2008 - 11:42 PM

This a friends computer. She had Norton that was out of date and not functional. No reliable firewall. I loaded AVG-8. Ran a virus and malware sweep. Configured a firewall. Cleaned up temp files, cookies, and junk files. Despite clearing a huge mess of viruses and spyware she is still infected. Looks like a job for Hijack this and ComboFix. I have posted my RSIT and AVG log's. Thanks for the help.

Update-

I went ahead and ran MBAM in safe mode then rebooted and ran HijackThis. I have also included their logfiles.


info.txt logfile of random's system information tool 1.04 2008-12-09 22:30:46

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Add or Remove Adobe Creative Suite 3 Design Premium-->C:\Program Files\Common Files\Adobe\Installers\498b43b77cac072081a5692bfc52804\Setup.exe
Adobe Acrobat 8.1.2 Professional-->msiexec /I {AC76BA86-1033-0000-7760-000000000003}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B7F560B3-6EFF-4026-A982-843895A41149}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102}
Adobe Creative Suite 3 Design Premium-->MsiExec.exe /I{1BDC1AB0-2677-4593-8F94-329F7CA8F670}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3-->MsiExec.exe /I{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Flash CS3-->MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 9 Plugin-->MsiExec.exe /X{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Video Encoder-->MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Center 2.1-->MsiExec.exe /I{25569723-DC5A-4467-A639-79535BF01B71}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3-->MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Premiere Elements 3.0.2 Templates-->MsiExec.exe /I{6EACDDF4-4220-49A3-9204-984C86852C3D}
Adobe Premiere Elements 3.0.2-->msiexec /I {530AFAFF-6F0A-48BB-88D0-04F9658322D3}
Adobe Premiere Elements 3.0.2-->MsiExec.exe /I{530AFAFF-6F0A-48BB-88D0-04F9658322D3}
Adobe Reader 7.0.5-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70500000002}
Adobe Setup-->MsiExec.exe /I{C8BA6802-38DA-43F9-8ACB-73161C277C9A}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Version Cue CS3 Server-->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Agere Systems PCI-SV92PP Soft Modem-->agrsmdel
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x9
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
AVG 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
BIONICLE Heroes-->C:\Program Files\InstallShield Installation Information\{09961A16-DA99-4F15-BBE1-E7755A3BA8E3}\setup.exe -runfromtemp -l0x0409
Canon MP Navigator 3.0-->"C:\Program Files\Canon\MP Navigator 3.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 3.0\uninst.ini
Canon MP810 User Registration-->C:\Program Files\Canon\IJEREG\MP810\UNINST.EXE
Canon MP810-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP810\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP810 /L0x0009
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
Color@Home-->C:\WINDOWS\iun6002.exe "C:\Program Files\Glidden\Color@Home\irunin.ini"
Command & Conquer 3-->MsiExec.exe /I{B0C30E93-D3D9-4F04-A2AC-54749B573275}
Command & Conquer Generals-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
Command & Conquer Renegade-->C:\Westwood\Renegade\Uninstll.exe
Command and ConquerTM Generals Zero Hour-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}
Disney Mix It Plug-in-->MsiExec.exe /I{222285C2-037F-4AF9-83B3-B33A7288EC9D}
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.1.1.5 Be-->"C:\Program Files\DVDFab 5\unins000.exe"
Easy-WebPrint-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x9 -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x9 -removeonly
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Home-Plan Finder™ 5.0-->C:\WINDOWS\uninst.exe -f"C:\Program Files\AbbiSoft House Plans Inc.\Home-Plan Finder™ 5.0\DeIsL1.isu" -c"C:\Program Files\AbbiSoft House Plans Inc.\Home-Plan Finder™ 5.0\_ISREG32.DLL"
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Boot Optimizer-->MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP Deskjet Printer Preload-->MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}
HP DigitalMedia Archive-->MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920}
HP Document Viewer 6.1-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP DVD Play 2.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Photosmart 330,380,420,470,7800,8000,8200 Series-->C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat
HP Photosmart Cameras 6.0-->C:\Program Files\HP\Digital Imaging\{5D61626A-BD55-4e42-82EE-4AE89D8FD050}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP Photosmart for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
HP Photosmart Premier Software 6.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP PSC & OfficeJet 6.1.A-->"C:\Program Files\HP\Digital Imaging\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\setup\hpzscr01.exe" -datfile hposcr08.dat
HP Rhapsody-->C:\PROGRA~1\HPRHAP~1\Unwise32.exe /A C:\PROGRA~1\HPRHAP~1\install.log
HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center and Imaging Support Tools 6.1-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Web Helper-->regsvr32 /u /s "C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll"
ImageMixer VCD2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F8C6BABF-0837-4EA0-AD6C-8E5A392A7538}\setup.exe" -l0x9 UNINSTALL
Insaniquarium Deluxe-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
Intel Matrix Storage Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}\Setup.exe" -l0409 -INTELUNINST
Intel® PRO Network Connections Drivers-->Prounstl.exe
Intel® Quick Resume Technology Drivers-->MsiExec.exe /I{8C22F265-DE76-44D1-8A79-A71D819137DA}
Intel® Quick Resume Technology Drivers-->MsiExec.exe /X{8C22F265-DE76-44D1-8A79-A71D819137DA} /qb!
Intel® Viiv™ Software-->MsiExec.exe /X{27E395E5-EB04-4BFD-96C3-C9A102E97E1B}
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
Jasc Paint Shop Pro 8-->MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
JPGAvi 1.07.0.68-->"C:\Program Files\NDW\JPGAvi\unins000.exe"
JumpStart Spanish-->C:\WINDOWS\IsUninst.exe -fC:\KA\JSSPAN\DeIsL1.isu
LDraw-->C:\WINDOWS\iun6002.exe "C:\LDraw\Uninstall\irunin.ini"
LEGO MINDSTORMS Edu NXT - English Language Pack-->MsiExec.exe /X{825FD625-F68D-44F7-9E4C-BA9FC6B77123}
LEGO MINDSTORMS Edu NXT Software v1.0-->MsiExec.exe /X{EA114186-2EA0-4DDD-8B9B-954F20C5AD88}
LEGO MINDSTORMS NXT Driver-->MsiExec.exe /I{2BD2A1A8-2AF2-460E-AAC3-E823884EB306}
LEGO® MINDSTORMS® NXT - English Language Pack-->MsiExec.exe /I{3E4153AF-3D74-4062-8812-B1FDCE6B1F37}
LEGO® MINDSTORMS® NXT Software v1.0-->MsiExec.exe /I{4246326C-E861-43CA-B47D-2357454385F9}
Macromedia Contribute 3.11-->MsiExec.exe /I{4B9535BF-CC90-4158-AF32-CAF57A8820CA}
Macromedia Dreamweaver 8-->MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9}
Macromedia Extension Manager-->MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Fireworks 8-->MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}
Macromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash 8-->MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Macromedia Flash Player-->MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
Magic School Bus - Earth-->C:\Program Files\Microsoft Kids\MSB Earth\System\MSBEUNST.EXE /L"C:\Program Files\Microsoft Kids\MSB Earth\System\MSB Earth.log"
Mah Jong Quest-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Money 2006-->"C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2003 Edition 60 Days Trial Welcome Tour-->MsiExec.exe /I{A01FC76F-CC09-4658-9E37-5C2F635EE708}
Microsoft Office Standard Edition 2003-->MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Text-to-Speech Engine 4.0 (English)-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msTTSa22.inf, Uninstall
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
MicroWorlds EX Robotics-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82027218-1192-43CB-ACF6-E6C04250E396}\setup.exe" -l0x9 -removeonly
MobileMe Control Panel-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}
Mozilla Firefox (2.0.0.17)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee autoProducer 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{27428D1B-8CBA-4EEA-B9C0-A23CA7B4FCC1}\setup.exe" -l0x9
muvee autoProducer unPlugged 2.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FDD0538-C67A-4F67-B3F8-09D1AAF04D99}\setup.exe" -l0x9
Mystery Case Files-->"C:\Program Files\HP Games\Mystery Case Files\Uninstall.exe"
National Instruments Software-->"C:\Program Files\National Instruments\Shared\NIUninstaller\uninst.exe"
Netscape Browser (remove only)-->"C:\Program Files\Netscape\Netscape Browser\NSUninst.exe"
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Photo Story 3 for Windows-->MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}
Picture Package-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}\setup.exe" -l0x9 UNINSTALL
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Quicken 2006-->MsiExec.exe /X{2818095F-FB6C-42C8-827E-0A406CC9AFF5}
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Registry Genius v3.0-->"C:\Program Files\Registry Genius\unins000.exe"
Ricochet Lost Worlds-->"C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
Robotics Engineering Vol. 1-->MsiExec.exe /I{3B8FAAF2-D6EC-44D7-ACA3-27DD6D985195}
Sandboxie 3.24-->"C:\WINDOWS\Installer\SandboxieInstall.exe" /remove
ScanSoft OmniPage SE 4.0-->MsiExec.exe /I{29D851C2-048C-4B5E-8D1F-25D473342BB5}
SCRABBLE-->"C:\Program Files\HP Games\SCRABBLE\Uninstall.exe"
Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Encoder (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sid Meier's Civilization 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x9 -removeonly
SMART Board Software-->MsiExec.exe /I{46486451-E60F-42C3-92D7-796D8594688A}
SMART Essentials for Educators-->MsiExec.exe /X{2348B97D-C991-438F-BC44-294C931E7B8B}
Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Sony USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
TurboTax Deluxe 2007-->C:\Program Files\TurboTax\Deluxe 2007\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2007\Uninstall.log" -NoGui
TurboTax Deluxe Deduction Maximizer 2006-->C:\Program Files\TurboTax\Deluxe 2006\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2006\Uninstall.log" -NoGui
TurboTax ItsDeductible 2006-->MsiExec.exe /X{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}
Typing Tutor Platinum-->F:\setup.exe -funttplat.ins
Ulead COOL 3D 3.0-->C:\WINDOWS\Ulead.dat\uninstall\setup.exe
Ulead VideoStudio 8.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4F1DA6BF-3614-48A1-9970-9E90F646789E}\setup.exe" -l0x9
UME-36 Content Manager 1.0.26-->"C:\Program Files\Cellebrite Mobile Synchronization\UME-36 Content Manager\unins000.exe"
Update for Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Updates from HP (remove only)-->C:\WINDOWS\HPCPCUninstall-9972322\HPBWSetup.exe -appid 9972322 -uninstall
ViewSonic Monitor Drivers-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B4FEA924-630D-11D4-B78E-005004566E4D}\Setup.exe" -l0x9
WildTangent Web Driver-->C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB912067-->"C:\WINDOWS\$NtUninstallKB912067$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinVDIG 1.0-->"C:\Program Files\WinVDIG\unins000.exe"

======Security center information======

AV: AVG Internet Security
FW: Norton Internet Worm Protection (disabled)
FW: AVG Firewall

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\VXIPNP\WinNT\Bin;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0604
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Common Files\Sonic Shared\Sonic Central\
"VXIPNPPATH"=C:\VXIPNP\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------
info.txt logfile of random's system information tool 1.04 2008-12-09 22:30:46

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Add or Remove Adobe Creative Suite 3 Design Premium-->C:\Program Files\Common Files\Adobe\Installers\498b43b77cac072081a5692bfc52804\Setup.exe
Adobe Acrobat 8.1.2 Professional-->msiexec /I {AC76BA86-1033-0000-7760-000000000003}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B7F560B3-6EFF-4026-A982-843895A41149}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102}
Adobe Creative Suite 3 Design Premium-->MsiExec.exe /I{1BDC1AB0-2677-4593-8F94-329F7CA8F670}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3-->MsiExec.exe /I{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Flash CS3-->MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 9 Plugin-->MsiExec.exe /X{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Video Encoder-->MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Center 2.1-->MsiExec.exe /I{25569723-DC5A-4467-A639-79535BF01B71}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3-->MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Premiere Elements 3.0.2 Templates-->MsiExec.exe /I{6EACDDF4-4220-49A3-9204-984C86852C3D}
Adobe Premiere Elements 3.0.2-->msiexec /I {530AFAFF-6F0A-48BB-88D0-04F9658322D3}
Adobe Premiere Elements 3.0.2-->MsiExec.exe /I{530AFAFF-6F0A-48BB-88D0-04F9658322D3}
Adobe Reader 7.0.5-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70500000002}
Adobe Setup-->MsiExec.exe /I{C8BA6802-38DA-43F9-8ACB-73161C277C9A}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Version Cue CS3 Server-->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Agere Systems PCI-SV92PP Soft Modem-->agrsmdel
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x9
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
AVG 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
BIONICLE Heroes-->C:\Program Files\InstallShield Installation Information\{09961A16-DA99-4F15-BBE1-E7755A3BA8E3}\setup.exe -runfromtemp -l0x0409
Canon MP Navigator 3.0-->"C:\Program Files\Canon\MP Navigator 3.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 3.0\uninst.ini
Canon MP810 User Registration-->C:\Program Files\Canon\IJEREG\MP810\UNINST.EXE
Canon MP810-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP810\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP810 /L0x0009
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
Color@Home-->C:\WINDOWS\iun6002.exe "C:\Program Files\Glidden\Color@Home\irunin.ini"
Command & Conquer 3-->MsiExec.exe /I{B0C30E93-D3D9-4F04-A2AC-54749B573275}
Command & Conquer Generals-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
Command & Conquer Renegade-->C:\Westwood\Renegade\Uninstll.exe
Command and ConquerTM Generals Zero Hour-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}
Disney Mix It Plug-in-->MsiExec.exe /I{222285C2-037F-4AF9-83B3-B33A7288EC9D}
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.1.1.5 Be-->"C:\Program Files\DVDFab 5\unins000.exe"
Easy-WebPrint-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x9 -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x9 -removeonly
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Home-Plan Finder™ 5.0-->C:\WINDOWS\uninst.exe -f"C:\Program Files\AbbiSoft House Plans Inc.\Home-Plan Finder™ 5.0\DeIsL1.isu" -c"C:\Program Files\AbbiSoft House Plans Inc.\Home-Plan Finder™ 5.0\_ISREG32.DLL"
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Boot Optimizer-->MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP Deskjet Printer Preload-->MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}
HP DigitalMedia Archive-->MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920}
HP Document Viewer 6.1-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP DVD Play 2.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Photosmart 330,380,420,470,7800,8000,8200 Series-->C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat
HP Photosmart Cameras 6.0-->C:\Program Files\HP\Digital Imaging\{5D61626A-BD55-4e42-82EE-4AE89D8FD050}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP Photosmart for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
HP Photosmart Premier Software 6.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP PSC & OfficeJet 6.1.A-->"C:\Program Files\HP\Digital Imaging\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\setup\hpzscr01.exe" -datfile hposcr08.dat
HP Rhapsody-->C:\PROGRA~1\HPRHAP~1\Unwise32.exe /A C:\PROGRA~1\HPRHAP~1\install.log
HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center and Imaging Support Tools 6.1-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Web Helper-->regsvr32 /u /s "C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll"
ImageMixer VCD2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F8C6BABF-0837-4EA0-AD6C-8E5A392A7538}\setup.exe" -l0x9 UNINSTALL
Insaniquarium Deluxe-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
Intel Matrix Storage Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}\Setup.exe" -l0409 -INTELUNINST
Intel® PRO Network Connections Drivers-->Prounstl.exe
Intel® Quick Resume Technology Drivers-->MsiExec.exe /I{8C22F265-DE76-44D1-8A79-A71D819137DA}
Intel® Quick Resume Technology Drivers-->MsiExec.exe /X{8C22F265-DE76-44D1-8A79-A71D819137DA} /qb!
Intel® Viiv™ Software-->MsiExec.exe /X{27E395E5-EB04-4BFD-96C3-C9A102E97E1B}
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
Jasc Paint Shop Pro 8-->MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
JPGAvi 1.07.0.68-->"C:\Program Files\NDW\JPGAvi\unins000.exe"
JumpStart Spanish-->C:\WINDOWS\IsUninst.exe -fC:\KA\JSSPAN\DeIsL1.isu
LDraw-->C:\WINDOWS\iun6002.exe "C:\LDraw\Uninstall\irunin.ini"
LEGO MINDSTORMS Edu NXT - English Language Pack-->MsiExec.exe /X{825FD625-F68D-44F7-9E4C-BA9FC6B77123}
LEGO MINDSTORMS Edu NXT Software v1.0-->MsiExec.exe /X{EA114186-2EA0-4DDD-8B9B-954F20C5AD88}
LEGO MINDSTORMS NXT Driver-->MsiExec.exe /I{2BD2A1A8-2AF2-460E-AAC3-E823884EB306}
LEGO® MINDSTORMS® NXT - English Language Pack-->MsiExec.exe /I{3E4153AF-3D74-4062-8812-B1FDCE6B1F37}
LEGO® MINDSTORMS® NXT Software v1.0-->MsiExec.exe /I{4246326C-E861-43CA-B47D-2357454385F9}
Macromedia Contribute 3.11-->MsiExec.exe /I{4B9535BF-CC90-4158-AF32-CAF57A8820CA}
Macromedia Dreamweaver 8-->MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9}
Macromedia Extension Manager-->MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Fireworks 8-->MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}
Macromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash 8-->MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Macromedia Flash Player-->MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
Magic School Bus - Earth-->C:\Program Files\Microsoft Kids\MSB Earth\System\MSBEUNST.EXE /L"C:\Program Files\Microsoft Kids\MSB Earth\System\MSB Earth.log"
Mah Jong Quest-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Money 2006-->"C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2003 Edition 60 Days Trial Welcome Tour-->MsiExec.exe /I{A01FC76F-CC09-4658-9E37-5C2F635EE708}
Microsoft Office Standard Edition 2003-->MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Text-to-Speech Engine 4.0 (English)-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msTTSa22.inf, Uninstall
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
MicroWorlds EX Robotics-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82027218-1192-43CB-ACF6-E6C04250E396}\setup.exe" -l0x9 -removeonly
MobileMe Control Panel-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}
Mozilla Firefox (2.0.0.17)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee autoProducer 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{27428D1B-8CBA-4EEA-B9C0-A23CA7B4FCC1}\setup.exe" -l0x9
muvee autoProducer unPlugged 2.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FDD0538-C67A-4F67-B3F8-09D1AAF04D99}\setup.exe" -l0x9
Mystery Case Files-->"C:\Program Files\HP Games\Mystery Case Files\Uninstall.exe"
National Instruments Software-->"C:\Program Files\National Instruments\Shared\NIUninstaller\uninst.exe"
Netscape Browser (remove only)-->"C:\Program Files\Netscape\Netscape Browser\NSUninst.exe"
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Photo Story 3 for Windows-->MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}
Picture Package-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}\setup.exe" -l0x9 UNINSTALL
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Quicken 2006-->MsiExec.exe /X{2818095F-FB6C-42C8-827E-0A406CC9AFF5}
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Registry Genius v3.0-->"C:\Program Files\Registry Genius\unins000.exe"
Ricochet Lost Worlds-->"C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
Robotics Engineering Vol. 1-->MsiExec.exe /I{3B8FAAF2-D6EC-44D7-ACA3-27DD6D985195}
Sandboxie 3.24-->"C:\WINDOWS\Installer\SandboxieInstall.exe" /remove
ScanSoft OmniPage SE 4.0-->MsiExec.exe /I{29D851C2-048C-4B5E-8D1F-25D473342BB5}
SCRABBLE-->"C:\Program Files\HP Games\SCRABBLE\Uninstall.exe"
Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Encoder (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sid Meier's Civilization 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x9 -removeonly
SMART Board Software-->MsiExec.exe /I{46486451-E60F-42C3-92D7-796D8594688A}
SMART Essentials for Educators-->MsiExec.exe /X{2348B97D-C991-438F-BC44-294C931E7B8B}
Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Sony USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
TurboTax Deluxe 2007-->C:\Program Files\TurboTax\Deluxe 2007\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2007\Uninstall.log" -NoGui
TurboTax Deluxe Deduction Maximizer 2006-->C:\Program Files\TurboTax\Deluxe 2006\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2006\Uninstall.log" -NoGui
TurboTax ItsDeductible 2006-->MsiExec.exe /X{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}
Typing Tutor Platinum-->F:\setup.exe -funttplat.ins
Ulead COOL 3D 3.0-->C:\WINDOWS\Ulead.dat\uninstall\setup.exe
Ulead VideoStudio 8.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4F1DA6BF-3614-48A1-9970-9E90F646789E}\setup.exe" -l0x9
UME-36 Content Manager 1.0.26-->"C:\Program Files\Cellebrite Mobile Synchronization\UME-36 Content Manager\unins000.exe"
Update for Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Updates from HP (remove only)-->C:\WINDOWS\HPCPCUninstall-9972322\HPBWSetup.exe -appid 9972322 -uninstall
ViewSonic Monitor Drivers-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B4FEA924-630D-11D4-B78E-005004566E4D}\Setup.exe" -l0x9
WildTangent Web Driver-->C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB912067-->"C:\WINDOWS\$NtUninstallKB912067$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinVDIG 1.0-->"C:\Program Files\WinVDIG\unins000.exe"

======Security center information======

AV: AVG Internet Security
FW: Norton Internet Worm Protection (disabled)
FW: AVG Firewall

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\VXIPNP\WinNT\Bin;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0604
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Common Files\Sonic Shared\Sonic Central\
"VXIPNPPATH"=C:\VXIPNP\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------
"Scan ""Scan whole computer"" was finished."
"Infections found:";"39"
"Infected objects removed or healed:";"39"
"Not removed or healed:";"0"
"Spyware found:";"3"
"Spyware removed:";"3"
"Not removed:";"0"
"Warnings count:";"0"
"Information count:";"0"
"Scan started:";"Tuesday, December 09, 2008, 6:49:00 PM"
"Scan finished:";"Tuesday, December 09, 2008, 9:34:18 PM (2 hour(s) 45 minute(s) 18 second(s))"
"Total object scanned:";"1222402"
"User who launched the scan:";"HP_Administrator"

"Infections"
"File";"Infection";"Result"
"C:\WINDOWS\system32\digukazi.dll";"Trojan horse Vundo.BJ";"Moved to Virus Vault"
"C:\WINDOWS\system32\dirohoja.dll";"Trojan horse BHO.GNG";"Moved to Virus Vault"
"C:\WINDOWS\system32\dugewiho.dll";"Trojan horse Vundo.BJ";"Moved to Virus Vault"
"C:\WINDOWS\system32\fekeviji.dll";"Trojan horse Generic12.UML";"Moved to Virus Vault"
"C:\WINDOWS\system32\fekoyamo.dll";"Trojan horse Generic12.QYX";"Moved to Virus Vault"
"C:\WINDOWS\system32\firemaya.dll";"Trojan horse BHO.GNG";"Moved to Virus Vault"
"C:\WINDOWS\system32\forapahi.dll";"Trojan horse BHO.GKP";"Moved to Virus Vault"
"C:\WINDOWS\system32\gibivito.dll";"Trojan horse Generic12.WES";"Moved to Virus Vault"
"C:\WINDOWS\system32\gogenepu.dll";"Trojan horse BHO.GKN";"Moved to Virus Vault"
"C:\WINDOWS\system32\guriwuva.dll";"Trojan horse Vundo.BJ";"Moved to Virus Vault"
"C:\WINDOWS\system32\hejodaja.dll";"Trojan horse BHO.GLZ";"Moved to Virus Vault"
"C:\WINDOWS\system32\hesovosu.dll";"Trojan horse BHO.GKP";"Moved to Virus Vault"
"C:\WINDOWS\system32\hikizune.dll";"Trojan horse BHO.GNH";"Moved to Virus Vault"
"C:\WINDOWS\system32\howiniju.dll";"Trojan horse Vundo.BJ";"Moved to Virus Vault"
"C:\WINDOWS\system32\jawoduzo.dll";"Trojan horse Generic12.QYX";"Moved to Virus Vault"
"C:\WINDOWS\system32\kakugiwi.dll";"Trojan horse BHO.GKN";"Moved to Virus Vault"
"C:\WINDOWS\system32\kibeluwe.dll";"Trojan horse BHO.GKP";"Moved to Virus Vault"
"C:\WINDOWS\system32\koguholu.dll";"Trojan horse BHO.GLZ";"Moved to Virus Vault"
"C:\WINDOWS\system32\kosimora.dll";"Trojan horse Vundo.BJ";"Moved to Virus Vault"
"C:\WINDOWS\system32\lukawagi.dll";"Trojan horse Downloader.Generic8.GLJ";"Moved to Virus Vault"
"C:\WINDOWS\system32\momifigo.dll";"Trojan horse Vundo.BC";"Moved to Virus Vault"
"C:\WINDOWS\system32\najemize.dll";"Trojan horse Generic12.UML";"Moved to Virus Vault"
"C:\WINDOWS\system32\nedivibe.dll";"Trojan horse Vundo.BJ";"Moved to Virus Vault"
"C:\WINDOWS\system32\nuhapile.dll";"Trojan horse Vundo.BJ";"Moved to Virus Vault"
"C:\WINDOWS\system32\pijelodo.dll";"Trojan horse BHO.GKN";"Moved to Virus Vault"
"C:\WINDOWS\system32\raginuwe.dll";"Trojan horse BHO.GOC";"Moved to Virus Vault"
"C:\WINDOWS\system32\sajifamu.dll";"Trojan horse Generic12.WUE";"Moved to Virus Vault"
"C:\WINDOWS\system32\samekojo.dll";"Trojan horse Vundo.BJ";"Moved to Virus Vault"
"C:\WINDOWS\system32\sejahogo.dll";"Trojan horse BHO.GNH";"Moved to Virus Vault"
"C:\WINDOWS\system32\tekaleko.dll";"Trojan horse Generic12.WES";"Moved to Virus Vault"
"C:\WINDOWS\system32\tirumufa.dll";"Trojan horse BHO.GNG";"Moved to Virus Vault"
"C:\WINDOWS\system32\vawahoda.dll";"Trojan horse Generic12.QYX";"Moved to Virus Vault"
"C:\WINDOWS\system32\vekatele.dll";"Trojan horse Vundo.BJ";"Moved to Virus Vault"
"C:\WINDOWS\system32\vodezuhu.dll";"Trojan horse Vundo.BJ";"Moved to Virus Vault"
"C:\WINDOWS\system32\wabujuto.dll";"Trojan horse Vundo.BJ";"Moved to Virus Vault"
"C:\WINDOWS\system32\wolavege.dll";"Trojan horse Vundo.BJ";"Moved to Virus Vault"
"C:\WINDOWS\system32\wosefaro.dll";"Trojan horse BHO.GNH";"Moved to Virus Vault"
"C:\WINDOWS\system32\yibemiwu.dll";"Trojan horse BHO.GLZ";"Moved to Virus Vault"
"C:\WINDOWS\system32\yorugili.dll";"Trojan horse BHO.GNH";"Moved to Virus Vault"

"Spyware"
"File";"Infection";"Result"
"C:\Program Files\Online Services\PeoplePC\ISP5900\Branding\ppal3ppc.exe";"Adware Generic2.ABZP";"Moved to Virus Vault"
"C:\Program Files\Online Services\PeoplePC\ISP5900\Branding\ppal3ppc.exe:\$JF\PPCToolbar.dll";"Adware Generic2.ABZP";"Moved to Virus Vault"
"C:\Program Files\Registry Genius\RegGeniusUpdate.exe";"Adware Generic3.GUA";"Moved to Virus Vault"

"Warnings"
"File";"Infection";"Result"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt";"Found Tracking cookie.Advertising";"Healed"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\2o7.net.16132136";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\2o7.net.3a0e6e11";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\2o7.net.427cc580";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\2o7.net.536d6d15";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\2o7.net.6dcf084c";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\2o7.net.93af4fad";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\2o7.net.9464f2b7";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\2o7.net.f57f2f12";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\ad.yieldmanager.com.539b0606";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\ad.yieldmanager.com.557bf2b0";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\ad.yieldmanager.com.830b6f08";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\ad.yieldmanager.com.b68f2b7b";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\ad.yieldmanager.com.ff92306";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\ad.yieldmanager.com.e762f029";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\adbrite.com.44f92a69";"Found Tracking cookie.Adbrite";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\adbrite.com.71beeff9";"Found Tracking cookie.Adbrite";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\adbrite.com.d5e309c2";"Found Tracking cookie.Adbrite";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\adopt.euroclick.com.891542da";"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\advertising.com.1820df7a";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\2o7.net.9973bb23";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\2o7.net.a82b59e1";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\2o7.net.a9ff4c77";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\2o7.net.b162060f";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\2o7.net.d8564f4";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\adrevolver.com.4a719aa9";"Found Tracking cookie.Adrevolver";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\adrevolver.com.f6cfcad4";"Found Tracking cookie.Adrevolver";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\advertising.com.525a5fb9";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\adrevolver.com.b595d4db";"Found Tracking cookie.Adrevolver";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\advertising.com.203aa218";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\advertising.com.b624fa46";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\advertising.com.f62113d5";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\burstnet.com.27341d57";"Found Tracking cookie.Burstnet";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\burstnet.com.c4fe2ebb";"Found Tracking cookie.Burstnet";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\doubleclick.net.bf396750";"Found Tracking cookie.Doubleclick";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\mediaplex.com.f652b123";"Found Tracking cookie.Mediaplex";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\2o7.net.fc3845a9";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\adrevolver.com.9b9d670a";"Found Tracking cookie.Adrevolver";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\atdmt.com.b3e33b5f";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\casalemedia.com.80ad4799";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\bluestreak.com.bf396750";"Found Tracking cookie.Bluestreak";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\bs.serving-sys.com.5bf1f00f";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\casalemedia.com.1773afc";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\casalemedia.com.987e6b46";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\hitbox.com.2b95f8a3";"Found Tracking cookie.Hitbox";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\casalemedia.com.5e43734d";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\fastclick.net.57e8da10";"Found Tracking cookie.Fastclick";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\media.adrevolver.com.2be00b0";"Found Tracking cookie.Adrevolver";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\media.adrevolver.com.539b0606";"Found Tracking cookie.Adrevolver";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\media.adrevolver.com.5fed601d";"Found Tracking cookie.Adrevolver";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\perf.overture.com.610ef18d";"Found Tracking cookie.Overture";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\questionmarket.com.3eb5a9f1";"Found Tracking cookie.Questionmarket";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\fastclick.net.8a6435e9";"Found Tracking cookie.Fastclick";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\questionmarket.com.4dd5e426";"Found Tracking cookie.Questionmarket";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\media.adrevolver.com.57f415b5";"Found Tracking cookie.Adrevolver";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\overture.com.52ca467a";"Found Tracking cookie.Overture";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\overture.com.e626e6be";"Found Tracking cookie.Overture";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\revsci.net.2df99d79";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\revsci.net.44927ec";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\revsci.net.55564293";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\revsci.net.652ce730";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\revsci.net.e9dbeb91";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\revsci.net.f1b6b2e";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\revsci.net.f7ac007f";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\serving-sys.com.255d6f2f";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\serving-sys.com.400f83f";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\statcounter.com.24495ba3";"Found Tracking cookie.Statcounter";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\serving-sys.com.4b416ef8";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\serving-sys.com.606c3d3b";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\serving-sys.com.6a1cf9e8";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\serving-sys.com.c9034af6";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\statcounter.com.2623c193";"Found Tracking cookie.Statcounter";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\statcounter.com.2d8fa505";"Found Tracking cookie.Statcounter";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\statcounter.com.ac8d8264";"Found Tracking cookie.Statcounter";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\statcounter.com.e7816ad9";"Found Tracking cookie.Statcounter";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\statse.webtrendslive.com.b4ca7df0";"Found Tracking cookie.Webtrendslive";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\statse.webtrendslive.com.b4ca7df0";"Found Tracking cookie.Webtrendslive";"Potentially dangerous object"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\tribalfusion.com.dcc03271";"Found Tracking cookie.Tribalfusion";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\tacoda.net.27341d57";"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\tacoda.net.c4fe2ebb";"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\tacoda.net.d323296e";"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\tacoda.net.e9f57f8";"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\yadro.ru.c77afad5";"Found Tracking cookie.Yadro";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\zedo.com.14a38114";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\zedo.com.27f1639b";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\zedo.com.775ee79c";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\zedo.com.a5b6a132";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\zedo.com.c1dd09f2";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\zedo.com.cef1c7af";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\zedo.com.dd15d628";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\zedo.com.f1d14556";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\w0q39644.default\cookies.txt:\zedo.com.ff8ec9c0";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@ad.yieldmanager[2].txt";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@ad.yieldmanager[2].txt:\ad.yieldmanager.com.539b0606";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@ad.yieldmanager[2].txt:\ad.yieldmanager.com.557bf2b0";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@burstnet[1].txt";"Found Tracking cookie.Burstnet";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@burstnet[1].txt:\burstnet.com.a3218a37";"Found Tracking cookie.Burstnet";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@doubleclick[1].txt";"Found Tracking cookie.Doubleclick";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@doubleclick[1].txt:\doubleclick.net.bf396750";"Found Tracking cookie.Doubleclick";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@realmedia[1].txt";"Found Tracking cookie.Realmedia";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@realmedia[1].txt:\realmedia.com.125a868c";"Found Tracking cookie.Realmedia";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@realmedia[1].txt:\realmedia.com.68087763";"Found Tracking cookie.Realmedia";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@realmedia[1].txt:\realmedia.com.e14be39e";"Found Tracking cookie.Realmedia";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@statse.webtrendslive[2].txt";"Found Tracking cookie.Webtrendslive";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@statse.webtrendslive[2].txt:\statse.webtrendslive.com.b4ca7df0";"Found Tracking cookie.Webtrendslive";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@trafficmp[1].txt";"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@trafficmp[1].txt:\trafficmp.com.a00e30b4";"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@tribalfusion[2].txt";"Found Tracking cookie.Tribalfusion";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@tribalfusion[2].txt:\tribalfusion.com.dcc03271";"Found Tracking cookie.Tribalfusion";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@zedo[2].txt";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@zedo[2].txt:\zedo.com.27f1639b";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@zedo[2].txt:\zedo.com.6a4b36ab";"Found Tracking cookie.Zedo";"Moved to Virus Vault"

Logfile of random's system information tool 1.04 (written by random/random)
Run by HP_Administrator at 2008-12-09 23:28:32
Microsoft Windows XP Professional Service Pack 3
System drive C: has 125 GB (54%) free of 229 GB
Total RAM: 2046 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:28:47 PM, on 12/9/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SMART Technologies Inc\SMART Board Software\SMARTBoardService.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\nipalsm.exe
C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SMART Technologies Inc\SMART Board Software\SMARTBoardTools.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\SMART Technologies Inc\SMART Board Software\Aware.exe
C:\Program Files\SMART Technologies Inc\SMART Board Software\Marker.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Documents and Settings\HP_Administrator\Desktop\RSIT.exe
C:\Program Files\trend micro\HP_Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {678df4a6-cbbf-4b9b-a89c-53071e908957} - C:\WINDOWS\system32\peyewafi.dll
O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies Inc\Notebook Software\NotebookPlugin.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: HpWebHelper - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [fiveneseyi] Rundll32.exe "C:\WINDOWS\system32\dukokoyu.dll",s
O4 - HKLM\..\Run: [CPM33d5c803] Rundll32.exe "c:\windows\system32\yukisoga.dll",a
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [30e6fb9f] rundll32.exe "C:\WINDOWS\system32\zisilore.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-19\..\Run: [fiveneseyi] Rundll32.exe "C:\WINDOWS\system32\dukokoyu.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [fiveneseyi] Rundll32.exe "C:\WINDOWS\system32\dukokoyu.dll",s (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: SMART Board Tools.lnk = C:\Program Files\SMART Technologies Inc\SMART Board Software\SMARTBoardTools.exe
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - http://www.ritenour.k12.mo.us/dwa7W.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\rojibebu.dll,c:\windows\system32\yukisoga.dll,avgrsstx.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yukisoga.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yukisoga.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: nipxirmu - National Instruments Corporation - C:\WINDOWS\system32\nipalsm.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: SMART Board Service - SMART Technologies Inc. - C:\Program Files\SMART Technologies Inc\SMART Board Software\SMARTBoardService.exe
O23 - Service: SMART Web Server - Unknown owner - C:\Program Files\SMART Technologies Inc\SMART Board Software\WebServer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 15092 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-05-31 308856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-12-09 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{678df4a6-cbbf-4b9b-a89c-53071e908957}]
C:\WINDOWS\system32\peyewafi.dll [2008-09-05 64053]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
CIEDownload Object - C:\Program Files\SMART Technologies Inc\Notebook Software\NotebookPlugin.dll [2007-11-02 587016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AAAE832A-5FFF-4661-9C8F-369692D1DCB9}]
hpWebHelper Class - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-05-31 185896]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-09-29 155648]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-03-07 16010240]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2005-07-22 237568]
"PCDrProfiler"= []
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-03-21 69632]
"nwiz"=nwiz.exe /installquiet /keeploaded /nodetect []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-31 7634944]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2005-10-12 139264]
"HPHUPD08"=c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe [2005-06-01 49152]
"HPBootOp"=C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [2006-02-15 249856]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPwuSchd2.exe [2005-12-15 49152]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"DMAScheduler"=c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe [2006-03-20 90112]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2006-03-21 1191936]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-01-11 623992]
""= []
"KBD"=C:\HP\KBD\KBD.EXE [2005-02-02 61440]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"Adobe_ID0EYTHM"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"fiveneseyi"=C:\WINDOWS\system32\dukokoyu.dll [2008-09-05 64053]
"CPM33d5c803"=c:\windows\system32\yukisoga.dll [2008-12-08 92772]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-12-09 1235736]
"30e6fb9f"=C:\WINDOWS\system32\zisilore.dll [2008-12-09 87304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2008-03-05 417280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"comHost"=3
"Symantec Core LC"=2
"SPBBCSvc"=2
"SNDSrvc"=2
"SAVScan"=3
"LiveUpdate"=3
"ccSetMgr"=2
"ccProxy"=2
"ccISPwdSvc"=3
"ccEvtMgr"=2
"Automatic LiveUpdate Scheduler"=2

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
SMART Board Tools.lnk - C:\Program Files\SMART Technologies Inc\SMART Board Software\SMARTBoardTools.exe
Updates From HP.lnk - C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\system32\rojibebu.dll,c:\windows\system32\yukisoga.dll,avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616]
SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yukisoga.dll [2008-12-08 92772]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yukisoga.dll [2008-12-08 92772]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\WINDOWS\system32\rojibebu.dll

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe"="C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe"="C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe"="C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\Robolab 2.5.4\Robolab254.exe"="C:\Robolab 2.5.4\Robolab254.exe:*:Enabled:LabVIEW 7.0 Robolab"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Disabled:Files and Settings Transfer Wizard"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP Rhapsody\rhapsody.exe"="C:\Program Files\HP Rhapsody\rhapsody.exe:*:Enabled:Rhapsody"
"C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe"="C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe"="C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\Program Files\Photo Story 3 for Windows\PhotoStory3.exe"="C:\Program Files\Photo Story 3 for Windows\PhotoStory3.exe:*:Enabled:Photo Story 3 for Windows"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe"="C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Explorer"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour"
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe"="C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Disabled:Updates from HP"
"C:\WINDOWS\system32\wuauclt.exe"="C:\WINDOWS\system32\wuauclt.exe:*:Enabled:wuauclt"
"C:\Program Files\iPod\bin\iPodService.exe"="C:\Program Files\iPod\bin\iPodService.exe:*:Enabled:iPodService"
"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe:*:Enabled:AppleMobileDeviceService"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:lsass"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"="C:\Program Files\Common Files\LightScribe\LSSrvc.exe:*:Enabled:LSSrvc"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe"="C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"

======List of files/folders created in the last 1 months======

2008-12-09 22:30:15 ----D---- C:\Program Files\trend micro
2008-12-09 22:30:14 ----D---- C:\rsit
2008-12-09 20:06:40 ----SH---- C:\WINDOWS\system32\tutepega.dll
2008-12-09 20:06:35 ----SH---- C:\WINDOWS\system32\relugane.dll
2008-12-09 20:06:18 ----SH---- C:\WINDOWS\system32\erolisiz.ini
2008-12-09 19:07:07 ----HD---- C:\$AVG8.VAULT$
2008-12-09 18:04:05 ----D---- C:\Sandbox
2008-12-09 18:00:41 ----D---- C:\WINDOWS\system32\LogFiles
2008-12-09 17:53:36 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-12-09 17:53:18 ----A---- C:\WINDOWS\system32\avgfwdx.dll
2008-12-09 17:53:17 ----D---- C:\Program Files\AVG
2008-12-09 17:53:17 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-12-09 17:47:01 ----D---- C:\Program Files\DVDFab 5
2008-12-09 17:44:54 ----D---- C:\Program Files\Registry Genius
2008-12-09 17:40:13 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Vso
2008-12-09 17:40:13 ----A---- C:\Documents and Settings\HP_Administrator\Application Data\inst.exe
2008-12-09 17:35:02 ----A---- C:\WINDOWS\Sandboxie.ini
2008-12-09 17:34:54 ----D---- C:\Program Files\Sandboxie
2008-12-09 17:33:02 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\WinRAR
2008-12-09 17:32:38 ----D---- C:\Program Files\WinRAR
2008-12-08 07:35:46 ----SH---- C:\WINDOWS\system32\ubonukof.ini
2008-12-07 19:35:46 ----SH---- C:\WINDOWS\system32\asarigub.ini
2008-12-07 07:35:33 ----SH---- C:\WINDOWS\system32\epinufun.ini
2008-12-06 19:35:27 ----SH---- C:\WINDOWS\system32\umafijas.ini
2008-12-06 09:57:20 ----D---- C:\WINDOWS\Prefetch
2008-12-06 09:54:36 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-06 09:54:28 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-06 09:54:23 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-06 09:54:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-06 09:54:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-06 09:53:58 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-06 09:53:52 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-06 09:53:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-06 09:53:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-06 09:53:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-12-06 09:53:24 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-06 09:53:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-06 09:53:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-12-06 09:53:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-06 09:52:57 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-06 09:52:51 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-06 09:52:44 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-06 09:52:38 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-06 09:47:54 ----D---- C:\WINDOWS\system32\scripting
2008-12-06 09:47:54 ----D---- C:\WINDOWS\system32\en
2008-12-06 09:47:54 ----D---- C:\WINDOWS\system32\bits
2008-12-06 09:47:54 ----D---- C:\WINDOWS\l2schemas
2008-12-06 09:46:20 ----D---- C:\WINDOWS\ServicePackFiles
2008-12-06 09:41:43 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-06 07:35:25 ----SH---- C:\WINDOWS\system32\isawalub.ini
2008-12-02 08:17:02 ----SH---- C:\WINDOWS\system32\otivibig.ini
2008-12-01 20:16:58 ----SH---- C:\WINDOWS\system32\onusabey.ini
2008-12-01 07:11:44 ----SH---- C:\WINDOWS\system32\ewunigar.ini
2008-11-30 19:11:36 ----SH---- C:\WINDOWS\system32\aromisok.ini
2008-11-30 07:11:28 ----SH---- C:\WINDOWS\system32\otujubaw.ini
2008-11-29 19:11:24 ----SH---- C:\WINDOWS\system32\izakugid.ini
2008-11-29 07:10:54 ----SH---- C:\WINDOWS\system32\ojokemas.ini
2008-11-28 19:10:43 ----SH---- C:\WINDOWS\system32\uhuzedov.ini
2008-11-28 07:10:16 ----SH---- C:\WINDOWS\system32\avuwirug.ini
2008-11-27 19:09:58 ----SH---- C:\WINDOWS\system32\ayamerif.ini
2008-11-27 07:09:49 ----SH---- C:\WINDOWS\system32\ajohorid.ini
2008-11-26 19:09:48 ----SH---- C:\WINDOWS\system32\awowahiz.ini
2008-11-26 07:09:43 ----SH---- C:\WINDOWS\system32\afumurit.ini
2008-11-25 19:09:27 ----SH---- C:\WINDOWS\system32\adohawav.ini
2008-11-25 07:09:13 ----SH---- C:\WINDOWS\system32\omayokef.ini
2008-11-24 19:08:50 ----SH---- C:\WINDOWS\system32\ozudowaj.ini
2008-11-24 07:08:37 ----SH---- C:\WINDOWS\system32\ihaparof.ini
2008-11-23 19:08:30 ----SH---- C:\WINDOWS\system32\usovoseh.ini
2008-11-23 07:08:26 ----SH---- C:\WINDOWS\system32\ewulebik.ini
2008-11-12 03:00:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2008-11-12 03:00:47 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$

======List of files/folders modified in the last 1 months======

2008-12-09 23:28:47 ----D---- C:\WINDOWS\Temp
2008-12-09 23:02:56 ----AD---- C:\WINDOWS
2008-12-09 22:59:33 ----D---- C:\Program Files\Mozilla Firefox
2008-12-09 22:54:00 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla
2008-12-09 22:52:34 ----D---- C:\WINDOWS\Registration
2008-12-09 22:51:53 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-09 22:50:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-09 22:30:15 ----D---- C:\Program Files
2008-12-09 22:12:55 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Intuit
2008-12-09 22:12:54 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-12-09 21:14:48 ----D---- C:\WINDOWS\system32
2008-12-09 20:06:14 ----ASH---- C:\WINDOWS\system32\zisilore.dll
2008-12-09 17:53:36 ----D---- C:\WINDOWS\system32\drivers
2008-12-09 17:53:19 ----HD---- C:\WINDOWS\inf
2008-12-09 17:53:13 ----SHD---- C:\WINDOWS\Installer
2008-12-09 17:52:10 ----HD---- C:\Config.Msi
2008-12-09 17:11:22 ----SD---- C:\WINDOWS\Tasks
2008-12-09 17:10:11 ----D---- C:\Program Files\DVD Decrypter
2008-12-09 17:05:26 ----D---- C:\WINDOWS\system32\Lang
2008-12-08 07:35:47 ----ASH---- C:\WINDOWS\system32\yukisoga.dll
2008-12-08 07:35:45 ----N---- C:\WINDOWS\system32\fokunobu.dll
2008-12-07 19:35:41 ----N---- C:\WINDOWS\system32\bugirasa.dll
2008-12-07 19:35:39 ----ASH---- C:\WINDOWS\system32\behalave.dll
2008-12-07 18:07:08 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-12-07 07:35:33 ----ASH---- C:\WINDOWS\system32\wevagofo.dll
2008-12-07 07:35:32 ----N---- C:\WINDOWS\system32\nufunipe.dll
2008-12-06 19:35:27 ----ASH---- C:\WINDOWS\system32\wazuvoja.dll
2008-12-06 11:16:26 ----D---- C:\WINDOWS\Help
2008-12-06 11:01:58 ----D---- C:\Python22
2008-12-06 10:59:57 ----D---- C:\Program Files\HP Games
2008-12-06 10:32:44 ----D---- C:\Program Files\Common Files
2008-12-06 10:31:52 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-06 10:23:11 ----D---- C:\Program Files\Google
2008-12-06 10:23:11 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-12-06 10:11:59 ----D---- C:\Program Files\Bonjour
2008-12-06 10:07:59 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Adobe
2008-12-06 10:02:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-06 09:58:47 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-06 09:57:24 ----A---- C:\WINDOWS\setuplog.txt
2008-12-06 09:56:48 ----D---- C:\WINDOWS\system32\wbem
2008-12-06 09:56:48 ----D---- C:\WINDOWS\system32\Setup
2008-12-06 09:56:48 ----D---- C:\WINDOWS\ime
2008-12-06 09:56:48 ----D---- C:\WINDOWS\AppPatch
2008-12-06 09:56:48 ----D---- C:\Program Files\Messenger
2008-12-06 09:56:47 ----SD---- C:\WINDOWS\Fonts
2008-12-06 09:56:01 ----D---- C:\WINDOWS\security
2008-12-06 09:54:37 ----RSHD---- C:\WINDOWS\system32\dllcache
2008-12-06 09:54:37 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-06 09:51:19 ----RSD---- C:\WINDOWS\assembly
2008-12-06 09:48:06 ----D---- C:\WINDOWS\WinSxS
2008-12-06 09:47:59 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-06 09:47:59 ----D---- C:\WINDOWS\network diagnostic
2008-12-06 09:47:55 ----D---- C:\WINDOWS\system32\usmt
2008-12-06 09:47:55 ----D---- C:\WINDOWS\system32\en-US
2008-12-06 09:47:54 ----D---- C:\WINDOWS\PeerNet
2008-12-06 09:47:54 ----D---- C:\Program Files\Movie Maker
2008-12-06 09:46:13 ----D---- C:\WINDOWS\system32\Restore
2008-12-06 09:46:13 ----D---- C:\WINDOWS\system32\npp
2008-12-06 09:46:13 ----D---- C:\WINDOWS\mui
2008-12-06 09:46:13 ----D---- C:\WINDOWS\msagent
2008-12-06 09:46:12 ----D---- C:\WINDOWS\srchasst
2008-12-06 09:46:12 ----D---- C:\Program Files\NetMeeting
2008-12-06 09:46:11 ----D---- C:\WINDOWS\system32\Com
2008-12-06 09:46:10 ----D---- C:\Program Files\Windows NT
2008-12-06 09:46:10 ----D---- C:\Program Files\Outlook Express
2008-12-06 09:46:09 ----D---- C:\Program Files\Common Files\System
2008-12-06 09:46:02 ----D---- C:\WINDOWS\system32\oobe
2008-12-06 09:46:01 ----D---- C:\WINDOWS\system
2008-12-06 09:41:40 ----AD---- C:\WINDOWS\ehome
2008-12-06 07:35:25 ----ASH---- C:\WINDOWS\system32\satukivu.dll
2008-12-05 23:14:44 ----ASH---- C:\WINDOWS\system32\mebugimi.dll
2008-12-01 20:16:58 ----A---- C:\WINDOWS\WININIT.INI
2008-11-12 03:00:56 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-12-09 97928]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-12-09 26824]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 ELhid;ELhid; C:\WINDOWS\System32\DRIVERS\ELhid.sys [2005-11-08 10112]
R1 ELkbd;ELkbd; C:\WINDOWS\System32\DRIVERS\ELkbd.sys [2005-11-08 6912]
R1 ELmon;ELmon; C:\WINDOWS\System32\DRIVERS\ELmon.sys [2005-11-08 7040]
R1 ELmou;ELmou; C:\WINDOWS\System32\DRIVERS\ELmou.sys [2005-11-08 6400]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R2 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-12-09 76040]
R2 nidimk;nidimk; C:\WINDOWS\system32\drivers\nidimk.dll [2003-04-23 107102]
R2 nipxirmk;nipxirmk; C:\WINDOWS\system32\drivers\nipxirmk.dll [2003-04-18 36463]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-01-25 1149888]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-12-09 23296]
R3 CXFALCON;Conexant Falcon II NTSC Video Capture; C:\WINDOWS\system32\drivers\cxfalcon.sys [2006-04-20 82048]
R3 E100B;Intel® PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2005-06-13 162816]
R3 ELacpi;ELacpi; C:\WINDOWS\system32\DRIVERS\ELacpi.sys [2005-11-08 7808]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-03-08 4246016]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 niorbk;niorbk; C:\WINDOWS\system32\drivers\niorbk.dll [2003-04-17 28254]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-31 3964256]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-12-09 47360]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WN5301;LIteon Wireless PCI Network Adapter Service; C:\WINDOWS\system32\DRIVERS\wn5301.sys [2005-10-05 468768]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-12-09 23296]
S3 Bridge;MAC Bridge; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;MAC Bridge Miniport; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FANTOM;LEGO MINDSTORMS NXT Driver; C:\WINDOWS\system32\DRIVERS\fantom.sys [2006-03-10 39424]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
S3 HidIr;Microsoft Infrared HID Driver; C:\WINDOWS\system32\DRIVERS\hidir.sys [2008-04-13 19200]
S3 IrBus;Infrared bus filter driver for eHome remote controls; C:\WINDOWS\system32\DRIVERS\IrBus.sys [2008-04-13 46592]
S3 LTower;LEGO USB Tower Driver; C:\WINDOWS\System32\Drivers\LTower.sys [2004-01-22 39936]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-09 11008]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NiViPxiK;NiViPxiK; C:\WINDOWS\system32\drivers\NiViPxiK.sys [2003-06-24 17920]
S3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2005-12-12 19072]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sonypvs1;Sony Digital Imaging Video2; C:\WINDOWS\system32\DRIVERS\sonypvs1.sys [2002-10-15 102220]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20071020.002\symidsco.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-12-09 231704]
R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2008-12-09 1220888]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2005-12-15 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 ELService;Intel® Quick Resume Technology Drivers; C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe [2005-11-08 180224]
R2 IAANTMon;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe [2005-10-12 86140]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-03-23 73728]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 nipxirmu;nipxirmu; C:\WINDOWS\system32\nipalsm.exe [2003-05-12 20480]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-31 155715]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE [2007-08-09 73728]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2008-03-05 47104]
R2 SMART Board Service;SMART Board Service; C:\Program Files\SMART Technologies Inc\SMART Board Software\SMARTBoardService.exe [2007-11-02 1283336]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-11-04 654848]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 Adobe Version Cue CS3;Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SMART Web Server;SMART Web Server; C:\Program Files\SMART Technologies Inc\SMART Board Software\WebServer.exe [2007-11-02 767240]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-03 38912]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.04 2008-12-09 22:30:46

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Add or Remove Adobe Creative Suite 3 Design Premium-->C:\Program Files\Common Files\Adobe\Installers\498b43b77cac072081a5692bfc52804\Setup.exe
Adobe Acrobat 8.1.2 Professional-->msiexec /I {AC76BA86-1033-0000-7760-000000000003}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B7F560B3-6EFF-4026-A982-843895A41149}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102}
Adobe Creative Suite 3 Design Premium-->MsiExec.exe /I{1BDC1AB0-2677-4593-8F94-329F7CA8F670}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3-->MsiExec.exe /I{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Flash CS3-->MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 9 Plugin-->MsiExec.exe /X{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Video Encoder-->MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Center 2.1-->MsiExec.exe /I{25569723-DC5A-4467-A639-79535BF01B71}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3-->MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Premiere Elements 3.0.2 Templates-->MsiExec.exe /I{6EACDDF4-4220-49A3-9204-984C86852C3D}
Adobe Premiere Elements 3.0.2-->msiexec /I {530AFAFF-6F0A-48BB-88D0-04F9658322D3}
Adobe Premiere Elements 3.0.2-->MsiExec.exe /I{530AFAFF-6F0A-48BB-88D0-04F9658322D3}
Adobe Reader 7.0.5-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70500000002}
Adobe Setup-->MsiExec.exe /I{C8BA6802-38DA-43F9-8ACB-73161C277C9A}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Version Cue CS3 Server-->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Agere Systems PCI-SV92PP Soft Modem-->agrsmdel
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x9
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
AVG 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
BIONICLE Heroes-->C:\Program Files\InstallShield Installation Information\{09961A16-DA99-4F15-BBE1-E7755A3BA8E3}\setup.exe -runfromtemp -l0x0409
Canon MP Navigator 3.0-->"C:\Program Files\Canon\MP Navigator 3.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 3.0\uninst.ini
Canon MP810 User Registration-->C:\Program Files\Canon\IJEREG\MP810\UNINST.EXE
Canon MP810-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP810\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP810 /L0x0009
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
Color@Home-->C:\WINDOWS\iun6002.exe "C:\Program Files\Glidden\Color@Home\irunin.ini"
Command & Conquer 3-->MsiExec.exe /I{B0C30E93-D3D9-4F04-A2AC-54749B573275}
Command & Conquer Generals-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
Command & Conquer Renegade-->C:\Westwood\Renegade\Uninstll.exe
Command and ConquerTM Generals Zero Hour-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}
Disney Mix It Plug-in-->MsiExec.exe /I{222285C2-037F-4AF9-83B3-B33A7288EC9D}
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.1.1.5 Be-->"C:\Program Files\DVDFab 5\unins000.exe"
Easy-WebPrint-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x9 -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x9 -removeonly
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Home-Plan Finder™ 5.0-->C:\WINDOWS\uninst.exe -f"C:\Program Files\AbbiSoft House Plans Inc.\Home-Plan Finder™ 5.0\DeIsL1.isu" -c"C:\Program Files\AbbiSoft House Plans Inc.\Home-Plan Finder™ 5.0\_ISREG32.DLL"
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Boot Optimizer-->MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP Deskjet Printer Preload-->MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}
HP DigitalMedia Archive-->MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920}
HP Document Viewer 6.1-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP DVD Play 2.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Photosmart 330,380,420,470,7800,8000,8200 Series-->C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat
HP Photosmart Cameras 6.0-->C:\Program Files\HP\Digital Imaging\{5D61626A-BD55-4e42-82EE-4AE89D8FD050}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP Photosmart for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
HP Photosmart Premier Software 6.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP PSC & OfficeJet 6.1.A-->"C:\Program Files\HP\Digital Imaging\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\setup\hpzscr01.exe" -datfile hposcr08.dat
HP Rhapsody-->C:\PROGRA~1\HPRHAP~1\Unwise32.exe /A C:\PROGRA~1\HPRHAP~1\install.log
HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center and Imaging Support Tools 6.1-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Web Helper-->regsvr32 /u /s "C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll"
ImageMixer VCD2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F8C6BABF-0837-4EA0-AD6C-8E5A392A7538}\setup.exe" -l0x9 UNINSTALL
Insaniquarium Deluxe-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
Intel Matrix Storage Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}\Setup.exe" -l0409 -INTELUNINST
Intel® PRO Network Connections Drivers-->Prounstl.exe
Intel® Quick Resume Technology Drivers-->MsiExec.exe /I{8C22F265-DE76-44D1-8A79-A71D819137DA}
Intel® Quick Resume Technology Drivers-->MsiExec.exe /X{8C22F265-DE76-44D1-8A79-A71D819137DA} /qb!
Intel® Viiv™ Software-->MsiExec.exe /X{27E395E5-EB04-4BFD-96C3-C9A102E97E1B}
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
Jasc Paint Shop Pro 8-->MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
JPGAvi 1.07.0.68-->"C:\Program Files\NDW\JPGAvi\unins000.exe"
JumpStart Spanish-->C:\WINDOWS\IsUninst.exe -fC:\KA\JSSPAN\DeIsL1.isu
LDraw-->C:\WINDOWS\iun6002.exe "C:\LDraw\Uninstall\irunin.ini"
LEGO MINDSTORMS Edu NXT - English Language Pack-->MsiExec.exe /X{825FD625-F68D-44F7-9E4C-BA9FC6B77123}
LEGO MINDSTORMS Edu NXT Software v1.0-->MsiExec.exe /X{EA114186-2EA0-4DDD-8B9B-954F20C5AD88}
LEGO MINDSTORMS NXT Driver-->MsiExec.exe /I{2BD2A1A8-2AF2-460E-AAC3-E823884EB306}
LEGO® MINDSTORMS® NXT - English Language Pack-->MsiExec.exe /I{3E4153AF-3D74-4062-8812-B1FDCE6B1F37}
LEGO® MINDSTORMS® NXT Software v1.0-->MsiExec.exe /I{4246326C-E861-43CA-B47D-2357454385F9}
Macromedia Contribute 3.11-->MsiExec.exe /I{4B9535BF-CC90-4158-AF32-CAF57A8820CA}
Macromedia Dreamweaver 8-->MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9}
Macromedia Extension Manager-->MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Fireworks 8-->MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}
Macromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash 8-->MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Macromedia Flash Player-->MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
Magic School Bus - Earth-->C:\Program Files\Microsoft Kids\MSB Earth\System\MSBEUNST.EXE /L"C:\Program Files\Microsoft Kids\MSB Earth\System\MSB Earth.log"
Mah Jong Quest-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Money 2006-->"C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2003 Edition 60 Days Trial Welcome Tour-->MsiExec.exe /I{A01FC76F-CC09-4658-9E37-5C2F635EE708}
Microsoft Office Standard Edition 2003-->MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Text-to-Speech Engine 4.0 (English)-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msTTSa22.inf, Uninstall
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
MicroWorlds EX Robotics-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82027218-1192-43CB-ACF6-E6C04250E396}\setup.exe" -l0x9 -removeonly
MobileMe Control Panel-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}
Mozilla Firefox (2.0.0.17)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee autoProducer 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{27428D1B-8CBA-4EEA-B9C0-A23CA7B4FCC1}\setup.exe" -l0x9
muvee autoProducer unPlugged 2.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FDD0538-C67A-4F67-B3F8-09D1AAF04D99}\setup.exe" -l0x9
Mystery Case Files-->"C:\Program Files\HP Games\Mystery Case Files\Uninstall.exe"
National Instruments Software-->"C:\Program Files\National Instruments\Shared\NIUninstaller\uninst.exe"
Netscape Browser (remove only)-->"C:\Program Files\Netscape\Netscape Browser\NSUninst.exe"
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Photo Story 3 for Windows-->MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}
Picture Package-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}\setup.exe" -l0x9 UNINSTALL
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Quicken 2006-->MsiExec.exe /X{2818095F-FB6C-42C8-827E-0A406CC9AFF5}
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Registry Genius v3.0-->"C:\Program Files\Registry Genius\unins000.exe"
Ricochet Lost Worlds-->"C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
Robotics Engineering Vol. 1-->MsiExec.exe /I{3B8FAAF2-D6EC-44D7-ACA3-27DD6D985195}
Sandboxie 3.24-->"C:\WINDOWS\Installer\SandboxieInstall.exe" /remove
ScanSoft OmniPage SE 4.0-->MsiExec.exe /I{29D851C2-048C-4B5E-8D1F-25D473342BB5}
SCRABBLE-->"C:\Program Files\HP Games\SCRABBLE\Uninstall.exe"
Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Encoder (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sid Meier's Civilization 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x9 -removeonly
SMART Board Software-->MsiExec.exe /I{46486451-E60F-42C3-92D7-796D8594688A}
SMART Essentials for Educators-->MsiExec.exe /X{2348B97D-C991-438F-BC44-294C931E7B8B}
Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Sony USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
TurboTax Deluxe 2007-->C:\Program Files\TurboTax\Deluxe 2007\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2007\Uninstall.log" -NoGui
TurboTax Deluxe Deduction Maximizer 2006-->C:\Program Files\TurboTax\Deluxe 2006\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2006\Uninstall.log" -NoGui
TurboTax ItsDeductible 2006-->MsiExec.exe /X{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}
Typing Tutor Platinum-->F:\setup.exe -funttplat.ins
Ulead COOL 3D 3.0-->C:\WINDOWS\Ulead.dat\uninstall\setup.exe
Ulead VideoStudio 8.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4F1DA6BF-3614-48A1-9970-9E90F646789E}\setup.exe" -l0x9
UME-36 Content Manager 1.0.26-->"C:\Program Files\Cellebrite Mobile Synchronization\UME-36 Content Manager\unins000.exe"
Update for Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Updates from HP (remove only)-->C:\WINDOWS\HPCPCUninstall-9972322\HPBWSetup.exe -appid 9972322 -uninstall
ViewSonic Monitor Drivers-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B4FEA924-630D-11D4-B78E-005004566E4D}\Setup.exe" -l0x9
WildTangent Web Driver-->C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB912067-->"C:\WINDOWS\$NtUninstallKB912067$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinVDIG 1.0-->"C:\Program Files\WinVDIG\unins000.exe"

======Security center information======

AV: AVG Internet Security
FW: Norton Internet Worm Protection (disabled)
FW: AVG Firewall

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\VXIPNP\WinNT\Bin;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0604
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Common Files\Sonic Shared\Sonic Central\
"VXIPNPPATH"=C:\VXIPNP\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------


Malwarebytes' Anti-Malware 1.31
Database version: 1456
Windows 5.1.2600 Service Pack 3

12/10/2008 11:34:55 AM
mbam-log-2008-12-10 (11-34-38).txt

Scan type: Quick Scan
Objects scanned: 58308
Time elapsed: 3 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 2
Registry Keys Infected: 5
Registry Values Infected: 5
Registry Data Items Infected: 5
Folders Infected: 0
Files Infected: 13

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
c:\WINDOWS\system32\yukisoga.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\rojibebu.dll (Trojan.Vundo.H) -> No action taken.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{678df4a6-cbbf-4b9b-a89c-53071e908957} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{678df4a6-cbbf-4b9b-a89c-53071e908957} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\30e6fb9f (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fiveneseyi (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm33d5c803 (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> No action taken.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\yukisoga.dll -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\yukisoga.dll -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\rojibebu.dll -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\rojibebu.dll -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\rojibebu.dll -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\bugirasa.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\asarigub.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\fokunobu.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ubonukof.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hoganova.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\avonagoh.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nufunipe.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\epinufun.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\dukokoyu.dll (Trojan.Vundo.H) -> No action taken.
c:\WINDOWS\system32\yukisoga.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\peyewafi.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\rojibebu.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\mebugimi.dll (Trojan.Vundo.H) -> No action taken.


Logfile of random's system information tool 1.04 (written by random/random)
Run by Administrator at 2008-12-10 11:41:41
Microsoft Windows XP Professional Service Pack 3
System drive C: has 127 GB (55%) free of 229 GB
Total RAM: 2046 MB (84% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:41:46 AM, on 12/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Desktop\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {678df4a6-cbbf-4b9b-a89c-53071e908957} - C:\WINDOWS\system32\peyewafi.dll (file missing)
O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies Inc\Notebook Software\NotebookPlugin.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: HpWebHelper - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [CPM33d5c803] Rundll32.exe "c:\windows\system32\yukisoga.dll",a
O4 - HKLM\..\Run: [fiveneseyi] Rundll32.exe "C:\WINDOWS\system32\dukokoyu.dll",s
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [fiveneseyi] Rundll32.exe "C:\WINDOWS\system32\dukokoyu.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [fiveneseyi] Rundll32.exe "C:\WINDOWS\system32\dukokoyu.dll",s (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: SMART Board Tools.lnk = C:\Program Files\SMART Technologies Inc\SMART Board Software\SMARTBoardTools.exe
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - http://www.ritenour.k12.mo.us/dwa7W.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll,C:\WINDOWS\system32\rojibebu.dll c:\windows\system32\yukisoga.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yukisoga.dll (file missing)
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yukisoga.dll (file missing)
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: nipxirmu - National Instruments Corporation - C:\WINDOWS\system32\nipalsm.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: SMART Board Service - SMART Technologies Inc. - C:\Program Files\SMART Technologies Inc\SMART Board Software\SMARTBoardService.exe
O23 - Service: SMART Web Server - Unknown owner - C:\Program Files\SMART Technologies Inc\SMART Board Software\WebServer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 11260 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-05-31 308856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-12-09 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{678df4a6-cbbf-4b9b-a89c-53071e908957}]
C:\WINDOWS\system32\peyewafi.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
CIEDownload Object - C:\Program Files\SMART Technologies Inc\Notebook Software\NotebookPlugin.dll [2007-11-02 587016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AAAE832A-5FFF-4661-9C8F-369692D1DCB9}]
hpWebHelper Class - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-05-31 185896]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-09-29 155648]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-03-07 16010240]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2005-07-22 237568]
"PCDrProfiler"= []
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-03-21 69632]
"nwiz"=nwiz.exe /installquiet /keeploaded /nodetect []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-31 7634944]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2005-10-12 139264]
"HPHUPD08"=c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe [2005-06-01 49152]
"HPBootOp"=C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [2006-02-15 249856]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPwuSchd2.exe [2005-12-15 49152]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"DMAScheduler"=c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe [2006-03-20 90112]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2006-03-21 1191936]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-01-11 623992]
""= []
"KBD"=C:\HP\KBD\KBD.EXE [2005-02-02 61440]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"Adobe_ID0EYTHM"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-12-09 1235736]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-13 169984]
"CPM33d5c803"=c:\windows\system32\yukisoga.dll []
"fiveneseyi"=C:\WINDOWS\system32\dukokoyu.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-12-03 399504]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2008-12-03 1265296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"comHost"=3
"Symantec Core LC"=2
"SPBBCSvc"=2
"SNDSrvc"=2
"SAVScan"=3
"LiveUpdate"=3
"ccSetMgr"=2
"ccProxy"=2
"ccISPwdSvc"=3
"ccEvtMgr"=2
"Automatic LiveUpdate Scheduler"=2

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
SMART Board Tools.lnk - C:\Program Files\SMART Technologies Inc\SMART Board Software\SMARTBoardTools.exe
Updates From HP.lnk - C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll,C:\WINDOWS\system32\rojibebu.dll c:\windows\system32\yukisoga.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616]
SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yukisoga.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yukisoga.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\WINDOWS\system32\rojibebu.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe"="C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe"="C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe"="C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\Robolab 2.5.4\Robolab254.exe"="C:\Robolab 2.5.4\Robolab254.exe:*:Enabled:LabVIEW 7.0 Robolab"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Disabled:Files and Settings Transfer Wizard"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP Rhapsody\rhapsody.exe"="C:\Program Files\HP Rhapsody\rhapsody.exe:*:Enabled:Rhapsody"
"C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe"="C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe"="C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\Program Files\Photo Story 3 for Windows\PhotoStory3.exe"="C:\Program Files\Photo Story 3 for Windows\PhotoStory3.exe:*:Enabled:Photo Story 3 for Windows"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe"="C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Explorer"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour"
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe"="C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Disabled:Updates from HP"
"C:\WINDOWS\system32\wuauclt.exe"="C:\WINDOWS\system32\wuauclt.exe:*:Enabled:wuauclt"
"C:\Program Files\iPod\bin\iPodService.exe"="C:\Program Files\iPod\bin\iPodService.exe:*:Enabled:iPodService"
"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe:*:Enabled:AppleMobileDeviceService"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:lsass"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"="C:\Program Files\Common Files\LightScribe\LSSrvc.exe:*:Enabled:LSSrvc"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe"="C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480


======File associations======

.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"

======List of files/folders created in the last 1 months======

2008-12-10 11:36:23 ----D---- C:\Avenger
2008-12-10 11:36:23 ----A---- C:\avenger.txt
2008-12-10 11:29:42 ----D---- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2008-12-10 11:29:35 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-10 11:29:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-10 08:25:32 ----D---- C:\Documents and Settings\Administrator\Application Data\Macromedia
2008-12-10 08:18:43 ----D---- C:\Documents and Settings\Administrator\Application Data\Mozilla
2008-12-10 08:14:35 ----SHD---- C:\WINDOWS\CSC
2008-12-10 08:06:17 ----AH---- C:\WINDOWS\system32\BITE1.tmp
2008-12-10 08:06:16 ----SH---- C:\WINDOWS\system32\jodenosi.dll
2008-12-10 08:06:16 ----AH---- C:\WINDOWS\system32\BITE0.tmp
2008-12-09 22:30:15 ----D---- C:\Program Files\trend micro
2008-12-09 22:30:14 ----D---- C:\rsit
2008-12-09 20:06:40 ----SH---- C:\WINDOWS\system32\tutepega.dll
2008-12-09 20:06:35 ----SH---- C:\WINDOWS\system32\relugane.dll
2008-12-09 20:06:18 ----SH---- C:\WINDOWS\system32\erolisiz.ini
2008-12-09 19:07:07 ----HD---- C:\$AVG8.VAULT$
2008-12-09 18:04:05 ----D---- C:\Sandbox
2008-12-09 18:00:41 ----D---- C:\WINDOWS\system32\LogFiles
2008-12-09 17:53:36 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-12-09 17:53:18 ----A---- C:\WINDOWS\system32\avgfwdx.dll
2008-12-09 17:53:17 ----D---- C:\Program Files\AVG
2008-12-09 17:53:17 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-12-09 17:47:01 ----D---- C:\Program Files\DVDFab 5
2008-12-09 17:44:54 ----D---- C:\Program Files\Registry Genius
2008-12-09 17:35:02 ----A---- C:\WINDOWS\Sandboxie.ini
2008-12-09 17:34:54 ----D---- C:\Program Files\Sandboxie
2008-12-09 17:32:38 ----D---- C:\Program Files\WinRAR
2008-12-06 19:35:27 ----SH---- C:\WINDOWS\system32\umafijas.ini
2008-12-06 09:57:20 ----D---- C:\WINDOWS\Prefetch
2008-12-06 09:54:36 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-06 09:54:28 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-06 09:54:23 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-06 09:54:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-06 09:54:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-06 09:53:58 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-06 09:53:52 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-06 09:53:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-06 09:53:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-06 09:53:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-12-06 09:53:24 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-06 09:53:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-06 09:53:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-12-06 09:53:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-06 09:52:57 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-06 09:52:51 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-06 09:52:44 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-06 09:52:38 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-06 09:47:54 ----D---- C:\WINDOWS\system32\scripting
2008-12-06 09:47:54 ----D---- C:\WINDOWS\system32\en
2008-12-06 09:47:54 ----D---- C:\WINDOWS\system32\bits
2008-12-06 09:47:54 ----D---- C:\WINDOWS\l2schemas
2008-12-06 09:46:20 ----D---- C:\WINDOWS\ServicePackFiles
2008-12-06 09:41:43 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-06 07:35:25 ----SH---- C:\WINDOWS\system32\isawalub.ini
2008-12-02 08:17:02 ----SH---- C:\WINDOWS\system32\otivibig.ini
2008-12-01 20:16:58 ----SH---- C:\WINDOWS\system32\onusabey.ini
2008-12-01 07:11:44 ----SH---- C:\WINDOWS\system32\ewunigar.ini
2008-11-30 19:11:36 ----SH---- C:\WINDOWS\system32\aromisok.ini
2008-11-30 07:11:28 ----SH---- C:\WINDOWS\system32\otujubaw.ini
2008-11-29 19:11:24 ----SH---- C:\WINDOWS\system32\izakugid.ini
2008-11-29 07:10:54 ----SH---- C:\WINDOWS\system32\ojokemas.ini
2008-11-28 19:10:43 ----SH---- C:\WINDOWS\system32\uhuzedov.ini
2008-11-28 07:10:16 ----SH---- C:\WINDOWS\system32\avuwirug.ini
2008-11-27 19:09:58 ----SH---- C:\WINDOWS\system32\ayamerif.ini
2008-11-27 07:09:49 ----SH---- C:\WINDOWS\system32\ajohorid.ini
2008-11-26 19:09:48 ----SH---- C:\WINDOWS\system32\awowahiz.ini
2008-11-26 07:09:43 ----SH---- C:\WINDOWS\system32\afumurit.ini
2008-11-25 19:09:27 ----SH---- C:\WINDOWS\system32\adohawav.ini
2008-11-25 07:09:13 ----SH---- C:\WINDOWS\system32\omayokef.ini
2008-11-24 19:08:50 ----SH---- C:\WINDOWS\system32\ozudowaj.ini
2008-11-24 07:08:37 ----SH---- C:\WINDOWS\system32\ihaparof.ini
2008-11-23 19:08:30 ----SH---- C:\WINDOWS\system32\usovoseh.ini
2008-11-23 07:08:26 ----SH---- C:\WINDOWS\system32\ewulebik.ini
2008-11-12 03:00:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2008-11-12 03:00:47 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$

======List of files/folders modified in the last 1 months======

2008-12-10 11:37:29 ----D---- C:\Program Files\Mozilla Firefox
2008-12-10 11:36:24 ----D---- C:\WINDOWS\system32
2008-12-10 11:29:38 ----D---- C:\WINDOWS\system32\drivers
2008-12-10 11:29:34 ----D---- C:\Program Files
2008-12-10 08:14:35 ----AD---- C:\WINDOWS
2008-12-10 08:13:37 ----D---- C:\WINDOWS\Temp
2008-12-10 08:13:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-10 08:13:12 ----RASH---- C:\boot.ini
2008-12-10 08:13:12 ----A---- C:\WINDOWS\win.ini
2008-12-10 08:13:12 ----A---- C:\WINDOWS\system.ini
2008-12-09 22:52:34 ----D---- C:\WINDOWS\Registration
2008-12-09 22:51:53 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-09 22:13:19 ----D---- C:\temp
2008-12-09 22:12:54 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-12-09 17:53:19 ----HD---- C:\WINDOWS\inf
2008-12-09 17:53:13 ----SHD---- C:\WINDOWS\Installer
2008-12-09 17:52:10 ----HD---- C:\Config.Msi
2008-12-09 17:51:39 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-12-09 17:11:22 ----SD---- C:\WINDOWS\Tasks
2008-12-09 17:10:11 ----D---- C:\Program Files\DVD Decrypter
2008-12-09 17:05:26 ----D---- C:\WINDOWS\system32\Lang
2008-12-07 19:35:39 ----ASH---- C:\WINDOWS\system32\behalave.dll
2008-12-07 18:07:08 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-12-07 07:35:33 ----ASH---- C:\WINDOWS\system32\wevagofo.dll
2008-12-06 19:35:27 ----ASH---- C:\WINDOWS\system32\wazuvoja.dll
2008-12-06 11:16:26 ----D---- C:\WINDOWS\Help
2008-12-06 11:01:58 ----D---- C:\Python22
2008-12-06 10:59:57 ----D---- C:\Program Files\HP Games
2008-12-06 10:32:44 ----D---- C:\Program Files\Common Files
2008-12-06 10:31:52 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-06 10:23:11 ----D---- C:\Program Files\Google
2008-12-06 10:23:11 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-12-06 10:11:59 ----D---- C:\Program Files\Bonjour
2008-12-06 10:02:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-06 09:58:47 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-06 09:57:24 ----A---- C:\WINDOWS\setuplog.txt
2008-12-06 09:56:48 ----D---- C:\WINDOWS\system32\wbem
2008-12-06 09:56:48 ----D---- C:\WINDOWS\system32\Setup
2008-12-06 09:56:48 ----D---- C:\WINDOWS\ime
2008-12-06 09:56:48 ----D---- C:\WINDOWS\AppPatch
2008-12-06 09:56:48 ----D---- C:\Program Files\Messenger
2008-12-06 09:56:47 ----SD---- C:\WINDOWS\Fonts
2008-12-06 09:56:01 ----D---- C:\WINDOWS\security
2008-12-06 09:54:37 ----RSHD---- C:\WINDOWS\system32\dllcache
2008-12-06 09:54:37 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-06 09:51:19 ----RSD---- C:\WINDOWS\assembly
2008-12-06 09:48:06 ----D---- C:\WINDOWS\WinSxS
2008-12-06 09:47:59 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-06 09:47:59 ----D---- C:\WINDOWS\network diagnostic
2008-12-06 09:47:55 ----D---- C:\WINDOWS\system32\usmt
2008-12-06 09:47:55 ----D---- C:\WINDOWS\system32\en-US
2008-12-06 09:47:54 ----D---- C:\WINDOWS\PeerNet
2008-12-06 09:47:54 ----D---- C:\Program Files\Movie Maker
2008-12-06 09:46:13 ----D---- C:\WINDOWS\system32\Restore
2008-12-06 09:46:13 ----D---- C:\WINDOWS\system32\npp
2008-12-06 09:46:13 ----D---- C:\WINDOWS\mui
2008-12-06 09:46:13 ----D---- C:\WINDOWS\msagent
2008-12-06 09:46:12 ----D---- C:\WINDOWS\srchasst
2008-12-06 09:46:12 ----D---- C:\Program Files\NetMeeting
2008-12-06 09:46:11 ----D---- C:\WINDOWS\system32\Com
2008-12-06 09:46:10 ----D---- C:\Program Files\Windows NT
2008-12-06 09:46:10 ----D---- C:\Program Files\Outlook Express
2008-12-06 09:46:09 ----D---- C:\Program Files\Common Files\System
2008-12-06 09:46:02 ----D---- C:\WINDOWS\system32\oobe
2008-12-06 09:46:01 ----D---- C:\WINDOWS\system
2008-12-06 09:41:40 ----AD---- C:\WINDOWS\ehome
2008-12-06 07:35:25 ----ASH---- C:\WINDOWS\system32\satukivu.dll
2008-12-01 20:16:58 ----A---- C:\WINDOWS\WININIT.INI
2008-11-12 03:00:56 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 ELhid;ELhid; C:\WINDOWS\System32\DRIVERS\ELhid.sys [2005-11-08 10112]
R1 ELkbd;ELkbd; C:\WINDOWS\System32\DRIVERS\ELkbd.sys [2005-11-08 6912]
R1 ELmou;ELmou; C:\WINDOWS\System32\DRIVERS\ELmou.sys [2005-11-08 6400]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-12-09 23296]
R3 E100B;Intel® PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2005-06-13 162816]
R3 ELacpi;ELacpi; C:\WINDOWS\system32\DRIVERS\ELacpi.sys [2005-11-08 7808]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WN5301;LIteon Wireless PCI Network Adapter Service; C:\WINDOWS\system32\DRIVERS\wn5301.sys [2005-10-05 468768]
S1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-12-09 97928]
S1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-12-09 26824]
S1 ELmon;ELmon; C:\WINDOWS\System32\DRIVERS\ELmon.sys [2005-11-08 7040]
S1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
S2 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-12-09 76040]
S2 nidimk;nidimk; C:\WINDOWS\system32\drivers\nidimk.dll [2003-04-23 107102]
S2 nipxirmk;nipxirmk; C:\WINDOWS\system32\drivers\nipxirmk.dll [2003-04-18 36463]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-01-25 1149888]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-12-09 23296]
S3 Bridge;MAC Bridge; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;MAC Bridge Miniport; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CXFALCON;Conexant Falcon II NTSC Video Capture; C:\WINDOWS\system32\drivers\cxfalcon.sys [2006-04-20 82048]
S3 FANTOM;LEGO MINDSTORMS NXT Driver; C:\WINDOWS\system32\DRIVERS\fantom.sys [2006-03-10 39424]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
S3 HidIr;Microsoft Infrared HID Driver; C:\WINDOWS\system32\DRIVERS\hidir.sys [2008-04-13 19200]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-03-08 4246016]
S3 IrBus;Infrared bus filter driver for eHome remote controls; C:\WINDOWS\system32\DRIVERS\IrBus.sys [2008-04-13 46592]
S3 LTower;LEGO USB Tower Driver; C:\WINDOWS\System32\Drivers\LTower.sys [2004-01-22 39936]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-09 11008]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 niorbk;niorbk; C:\WINDOWS\system32\drivers\niorbk.dll [2003-04-17 28254]
S3 NiViPxiK;NiViPxiK; C:\WINDOWS\system32\drivers\NiViPxiK.sys [2003-06-24 17920]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-31 3964256]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-12-09 47360]
S3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2005-12-12 19072]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sonypvs1;Sony Digital Imaging Video2; C:\WINDOWS\system32\DRIVERS\sonypvs1.sys [2002-10-15 102220]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20071020.002\symidsco.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
S2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-12-09 231704]
S2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2008-12-09 1220888]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
S2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2005-12-15 237568]
S2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
S2 ELService;Intel® Quick Resume Technology Drivers; C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe [2005-11-08 180224]
S2 IAANTMon;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe [2005-10-12 86140]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-03-23 73728]
S2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S2 nipxirmu;nipxirmu; C:\WINDOWS\system32\nipalsm.exe [2003-05-12 20480]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-31 155715]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE [2007-08-09 73728]
S2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2008-03-05 47104]
S2 SMART Board Service;SMART Board Service; C:\Program Files\SMART Technologies Inc\SMART Board Software\SMARTBoardService.exe [2007-11-02 1283336]
S2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152]
S3 Adobe Version Cue CS3;Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-11-04 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SMART Web Server;SMART Web Server; C:\Program Files\SMART Technologies Inc\SMART Board Software\WebServer.exe [2007-11-02 767240]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-03 38912]

-----------------EOF-----------------

Edited by thcbytes, 10 December 2008 - 12:51 PM.

Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,805 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:09:50 PM

Posted 14 December 2008 - 09:36 PM

As the friend has now posted for him/herself here: http://www.bleepingcomputer.com/forums/t/186372/malware-help/ this topic will now be closed to avoid confusion. ~ OB
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users