Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

cleannt, bndmss, skp66, conmgr


  • This topic is locked This topic is locked
3 replies to this topic

#1 aznriceboi13

aznriceboi13

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:10 AM

Posted 13 December 2008 - 04:07 PM

I have Norton Internet security, one day it just says bndmss.exe found, then it deleted it. I rebotted when prompted but then i got another message after then reboot saying skp66.exe was found, then it was conmgr, then cleannt.exe. Then when i loaded up windows task manager it had somehow activated command prompt though i couldn't see it. This whatever it is put files in my C:\WINDOWS\Prefetch, C:\WINDOWS\system32, and in C:\Documents and Settings\HP_Administrator. Well here is my RSIT.exe data.


log.txt

Logfile of random's system information tool 1.04 (written by random/random)
Run by HP_Administrator at 2008-12-13 15:04:46
Microsoft Windows XP Professional Service Pack 2
System drive C: has 111 GB (49%) free of 230 GB
Total RAM: 2046 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:04:48 PM, on 12/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Free Download Manager\fdm.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel Quick Resume Technology Drivers\Elservice.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\NetZero\exec.exe
C:\Program Files\NetZero\exec.exe
C:\Program Files\NetZero\qsacc\x1exec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\HP_Administrator\Desktop\RSIT.exe
C:\Program Files\trend micro\HijackThis\HP_Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://my.netzero.net/s/sp?r=al&cf=sp&...amp;O=I&UT=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\NetZero\SearchEnh1.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SearchPerks! Perk Counter - {2787EA8E-8D87-48af-88AD-B30246C917AB} - C:\Program Files\SearchPerks! Perk Counter\Bmbho.dll
O2 - BHO: Popup-Blocker Class - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files\NetZero\qsacc\X1IEBHO.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: SearchPerks! Perk Counter - {2787EA8E-8D87-48af-88AD-B30246C917AB} - C:\Program Files\SearchPerks! Perk Counter\Bmbho.dll
O4 - HKLM\..\Run: [cleannt] C:\Documents and Settings\HP_Administrator\cleannt.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\RunOnce: [untd_recovery] "C:\Program Files\NetZero\qsacc\x1exec.exe"
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{927E7F02-39F3-4F48-85E6-C90360B53A3C}: NameServer = 64.136.44.74 64.136.52.74
O20 - AppInit_DLLs:
O23 - Service: Norton2009 Reset (.norton2009Reset) - Unknown owner - C:\Program Files\Norton2009Reset.exe
O23 - Service: Windows Network Data Management System Service (BNDMSS) - Unknown owner - C:\WINDOWS\system32\bndmss.exe (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Intel Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Quick Resume Technology Drivers\Elservice.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 9317 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-04-26 438848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2787EA8E-8D87-48af-88AD-B30246C917AB}]
SearchPerks! Perk Counter - C:\Program Files\SearchPerks! Perk Counter\Bmbho.dll [2008-09-30 514096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{52706EF7-D7A2-49AD-A615-E903858CF284}]
Popup-Blocker Class - C:\Program Files\NetZero\qsacc\X1IEBHO.dll [2006-07-05 175600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll [2008-10-07 340848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL [2008-10-07 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10 184423]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AAAE832A-5FFF-4661-9C8F-369692D1DCB9}]
hpWebHelper Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2007-11-26 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-04-26 438848]
{F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - ZeroBar - C:\Program Files\NetZero\Toolbar.dll [2008-05-07 325120]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll [2008-10-07 340848]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
{2787EA8E-8D87-48af-88AD-B30246C917AB} - SearchPerks! Perk Counter - C:\Program Files\SearchPerks! Perk Counter\Bmbho.dll [2008-09-30 514096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"cleannt"=C:\Documents and Settings\HP_Administrator\cleannt.exe [2008-12-13 18568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2008-05-20 2474031]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"untd_recovery"=C:\Program Files\NetZero\qsacc\x1exec.exe [2005-06-27 241664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=4294967295

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\WINDOWS\system32\bndmss.exe"="C:\WINDOWS\system32\bndmss.exe:*:Enabled:BNDMSS"
"C:\Documents and Settings\HP_Administrator\skp66.exe"="C:\Documents and Settings\HP_Administrator\skp66.exeskp66.exe:*:Enabled:BNDMSS"
"skp66.exe"="skp66.exe:*:Enabled:BNDMSS"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe"="C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1352dcda-4a1d-11dd-a0e3-00c0a8c09b2f}]
shell\AutoRun\command - M:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1033\conmgr.exe
shell\open\command - M:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1033\conmgr.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1352dcde-4a1d-11dd-a0e3-00c0a8c09b2f}]
shell\AutoRun\command - O:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1033\conmgr.exe
shell\open\command - O:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1033\conmgr.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db940d60-bda4-11dd-a206-00c0a8c09b2f}]
shell\AutoRun\command - I:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1033\conmgr.exe
shell\open\command - I:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1033\conmgr.exe


======List of files/folders created in the last 1 months======

2008-12-13 14:49:44 ----A---- C:\WINDOWS\system32\msvcrt2.dll
2008-12-13 08:54:30 ----D---- C:\Program Files\trend micro
2008-12-13 08:54:29 ----D---- C:\rsit
2008-12-13 08:53:24 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\HPQ
2008-12-10 15:45:40 ----D---- C:\Documents and Settings\All Users\Application Data\PrevxCSI
2008-12-07 20:05:03 ----D---- C:\WINDOWS\Sun
2008-12-05 20:33:44 ----D---- C:\WINDOWS\Minidump
2008-12-05 18:08:51 ----A---- C:\WINDOWS\system32\msvcr90.dll
2008-12-05 18:08:51 ----A---- C:\WINDOWS\system32\msvcr80d.dll
2008-12-05 18:08:51 ----A---- C:\WINDOWS\system32\msvcr80.dll
2008-12-05 18:08:51 ----A---- C:\WINDOWS\system32\msvcp90.dll
2008-12-05 18:08:51 ----A---- C:\WINDOWS\system32\msvcp80.dll
2008-12-05 18:08:50 ----A---- C:\WINDOWS\system32\msvcm90.dll
2008-12-05 18:08:49 ----A---- C:\WINDOWS\system32\Vista.Emulation.dll
2008-12-05 18:08:49 ----A---- C:\WINDOWS\system32\msvcm80.dll
2008-12-05 18:08:48 ----A---- C:\WINDOWS\system32\M2000Twn.dll
2008-12-05 18:08:47 ----A---- C:\WINDOWS\system32\d3dx9_40.dll
2008-12-05 18:08:47 ----A---- C:\WINDOWS\system32\d3dx9_39.dll
2008-12-05 18:08:47 ----A---- C:\WINDOWS\system32\d3dx9_38.dll
2008-12-05 18:08:47 ----A---- C:\WINDOWS\system32\d3dx9_37.dll
2008-12-05 18:08:47 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2008-12-05 18:08:46 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-12-05 18:08:46 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2008-12-05 18:08:46 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-12-05 18:08:46 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-12-05 18:08:46 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2008-12-05 18:08:46 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2008-12-05 18:08:46 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2008-12-05 18:08:45 ----A---- C:\WINDOWS\system32\D3DX10d_39.dll
2008-12-05 18:08:45 ----A---- C:\WINDOWS\system32\d3dx10.dll
2008-12-05 18:08:45 ----A---- C:\WINDOWS\system32\D3D10SDKLayers.DLL
2008-12-05 18:08:45 ----A---- C:\WINDOWS\system32\d2d1.dll
2008-12-05 18:08:45 ----A---- C:\WINDOWS\system32\CompressATI2.dll
2008-12-05 18:08:45 ----A---- C:\WINDOWS\system32\avrt.dll
2008-12-03 17:57:00 ----HD---- C:\WINDOWS\PIF
2008-12-02 17:02:45 ----D---- C:\Program Files\Best Buy Rhapsody
2008-11-29 16:35:36 ----D---- C:\MTV_OUTPUT
2008-11-28 17:59:15 ----D---- C:\WINDOWS\UMStor
2008-11-28 17:59:12 ----D---- C:\Program Files\USB Disk Win98 Driver
2008-11-28 10:11:02 ----D---- C:\Program Files\Adobe Media Player
2008-11-28 10:09:14 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-11-23 13:44:09 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\WinRAR
2008-11-22 07:50:56 ----D---- C:\WINDOWS\system32\appmgmt
2008-11-21 21:12:12 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Sonic
2008-11-19 21:50:07 ----D---- C:\Documents and Settings\All Users\Application Data\muvee Technologies
2008-11-19 21:42:55 ----D---- C:\Program Files\DVD Decrypter
2008-11-19 21:21:30 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-11-19 21:21:28 ----D---- C:\Program Files\DVD Shrink
2008-11-15 14:37:23 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Pmcc

======List of files/folders modified in the last 1 months======

2008-12-13 15:03:29 ----A---- C:\WINDOWS\ModemLog_Data Fax SoftModem with SmartCP.txt
2008-12-13 15:03:05 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Free Download Manager
2008-12-13 15:01:35 ----D---- C:\WINDOWS\Prefetch
2008-12-13 14:57:12 ----D---- C:\WINDOWS\Temp
2008-12-13 14:55:19 ----D---- C:\Program Files\Mozilla Firefox
2008-12-13 14:54:38 ----AD---- C:\WINDOWS
2008-12-13 14:54:09 ----D---- C:\WINDOWS\Registration
2008-12-13 14:54:06 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-13 14:53:54 ----D---- C:\WINDOWS\system32
2008-12-13 14:52:27 ----N---- C:\WINDOWS\SchedLgU.Txt
2008-12-13 08:54:30 ----D---- C:\Program Files
2008-12-13 08:10:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-13 08:10:45 ----D---- C:\WINDOWS\Media
2008-12-13 08:10:41 ----D---- C:\WINDOWS\Cursors
2008-12-13 08:10:31 ----D---- C:\WINDOWS\system32\drivers
2008-12-13 08:10:26 ----D---- C:\WINDOWS\Help
2008-12-13 08:10:16 ----D---- C:\Program Files\Windows NT
2008-12-13 08:10:09 ----D---- C:\WINDOWS\addins
2008-12-13 08:10:05 ----RSD---- C:\WINDOWS\assembly
2008-12-12 21:55:13 ----D---- C:\WINDOWS\Debug
2008-12-12 21:51:07 ----HD---- C:\WINDOWS\inf
2008-12-12 21:51:00 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-12 21:50:55 ----D---- C:\WINDOWS\system32\en-US
2008-12-12 21:45:47 ----SHD---- C:\WINDOWS\CSC
2008-12-12 20:31:22 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\ZoomBrowser EX
2008-12-11 21:00:39 ----D---- C:\Downloads
2008-12-09 16:49:40 ----D---- C:\Program Files\Common Files
2008-12-05 17:58:39 ----D---- C:\Program Files\SpiderMan Web of Shadows
2008-12-02 17:03:08 ----SHD---- C:\WINDOWS\Installer
2008-12-02 17:02:26 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Real
2008-12-02 17:00:26 ----SHD---- C:\RECYCLER
2008-12-01 16:24:00 ----D---- C:\Documents and Settings
2008-11-30 21:19:59 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-11-28 17:59:15 ----D---- C:\WINDOWS\system
2008-11-28 17:59:13 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-28 13:41:05 ----D---- C:\Program Files\Common Files\Adobe
2008-11-28 11:22:01 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Adobe
2008-11-28 10:27:38 ----D---- C:\Program Files\Adobe
2008-11-28 10:10:41 ----RSD---- C:\WINDOWS\Fonts
2008-11-28 10:09:15 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-11-28 10:05:58 ----D---- C:\WINDOWS\WinSxS
2008-11-26 16:59:43 ----SD---- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft
2008-11-24 15:08:45 ----D---- C:\Program Files\DISC
2008-11-23 21:18:01 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\LimeWire
2008-11-22 07:23:20 ----D---- C:\WINDOWS\SoftwareDistribution
2008-11-22 07:23:18 ----D---- C:\WINDOWS\system32\spool
2008-11-21 19:59:49 ----D---- C:\WINDOWS\system32\wbem
2008-11-21 19:52:17 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Macromedia
2008-11-21 19:48:10 ----D---- C:\WINDOWS\system32\config
2008-11-21 17:22:20 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla
2008-11-20 19:08:07 ----D---- C:\WINDOWS\system32\Macromed
2008-11-19 21:45:31 ----A---- C:\WINDOWS\win.ini
2008-11-15 15:57:45 ----D---- C:\WINDOWS\ime
2008-11-15 14:42:09 ----D---- C:\WINDOWS\AppPatch
2008-11-15 14:42:09 ----D---- C:\Program Files\WinRAR
2008-11-15 14:42:09 ----D---- C:\Program Files\UniKey
2008-11-15 14:42:09 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\uTorrent
2008-11-15 14:41:43 ----D---- C:\WINDOWS\system32\oobe
2008-11-15 14:41:43 ----D---- C:\WINDOWS\system32\mui
2008-11-15 14:41:42 ----D---- C:\WINDOWS\security
2008-11-15 14:41:41 ----D---- C:\WINDOWS\pchealth
2008-11-15 14:41:40 ----AD---- C:\WINDOWS\CREATOR
2008-11-15 14:41:37 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-15 14:41:35 ----D---- C:\Program Files\Windows Media Player
2008-11-15 14:41:32 ----D---- C:\Program Files\Paint.NET
2008-11-15 14:41:32 ----D---- C:\Program Files\NetZero
2008-11-15 14:41:30 ----D---- C:\Program Files\LimeWire
2008-11-15 14:41:30 ----D---- C:\Program Files\Internet Explorer
2008-11-15 14:41:28 ----D---- C:\Program Files\DivX
2008-11-15 14:41:20 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Orbit
2008-11-15 14:41:20 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Bioshock
2008-11-15 14:41:19 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-11-15 14:41:19 ----D---- C:\Documents and Settings\All Users\Application Data\WildTangent
2008-11-15 14:41:19 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2008-11-15 14:41:18 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 BHDrvx86;Symantec Heuristics Driver; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\ccHPx86.sys []
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 ELhid;EL hid Service; \??\C:\WINDOWS\System32\Drivers\Elhid.sys []
R1 ELkbd;EL KB Service; \??\C:\WINDOWS\System32\Drivers\Elkbd.sys []
R1 ELmon;EL Monitor Service; \??\C:\WINDOWS\System32\Drivers\Elmon.sys []
R1 ELmou;EL Mouse Service; \??\C:\WINDOWS\System32\Drivers\Elmou.sys []
R1 FsVga;FsVga; C:\WINDOWS\system32\DRIVERS\fsvga.sys [2004-08-10 12160]
R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20081009.001\IDSxpx86.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R1 SRTSP;SRTSP; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSP.SYS []
R1 SRTSPX;SRTSPX; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSPX.SYS []
R1 SYMTDI;SYMTDI; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMTDI.SYS []
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-10 60800]
R3 e1express;Intel PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2006-05-16 229376]
R3 ELacpi;ELacpi; C:\WINDOWS\system32\DRIVERS\ELacpi.sys [2006-05-09 9728]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 hcwPP2;Hauppauge WinTV PVR PCI II ([23|25|26]xxx); C:\WINDOWS\system32\DRIVERS\hcwPP2.sys [2006-04-13 168064]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-08 138752]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 HSX_DP;HSX_DP; C:\WINDOWS\system32\DRIVERS\HSX_DP.sys [2005-12-06 936448]
R3 HSXHWBS2;HSXHWBS2; C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys [2005-12-06 241664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-14 4299264]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081009.024\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081009.024\NAVEX15.SYS []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-10 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-10-04 6854464]
R3 SYMDNS;SYMDNS; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMDNS.SYS []
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMFW.SYS []
R3 SYMIDS;SYMIDS; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMIDS.SYS []
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-10-07 35888]
R3 SYMNDIS;SYMNDIS; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMNDIS.SYS []
R3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2005-03-31 27008]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-09 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 winachsx;winachsx; C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys [2005-12-06 670208]
R3 WN5301;LIteon Wireless PCI Network Adapter Service; C:\WINDOWS\system32\DRIVERS\wn5301.sys [2005-10-05 468768]
S3 a7g6nn6y;a7g6nn6y; C:\WINDOWS\system32\drivers\a7g6nn6y.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 CXFALCON;Conexant Falcon II NTSC Video Capture; C:\WINDOWS\system32\drivers\cxfalcon.sys [2006-04-20 82048]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2005-12-12 19072]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-10-07 35888]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-08-04 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2005-12-15 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 ELService;Intel Quick Resume technology; C:\Program Files\Intel\IntelDH\Intel Quick Resume Technology Drivers\Elservice.exe [2006-06-02 180224]
R2 IAANTMON;Intel Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2006-07-06 90112]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-06-21 49152]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [2008-10-07 115560]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-10-04 155716]
S2 .norton2009Reset;Norton2009 Reset; C:\Program Files\Norton2009Reset.exe [2008-09-17 549159]
S2 BNDMSS;Windows Network Data Management System Service; C:\WINDOWS\system32\bndmss.exe []
S2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
S2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-04 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-28 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-09 14336]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------




my info.txt

info.txt logfile of random's system information tool 1.04 2008-12-13 09:15:39

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Acrobat 9 Pro - English, Fran?is, Deutsch-->msiexec /I {AC76BA86-1033-F400-7760-000000000004}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->C:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
AusLogics Disk Defrag-->"C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe"
Best Buy Digital Music Store-->C:\PROGRA~1\Best Buy Rhapsody\Unwise32.exe /A C:\PROGRA~1\Best Buy Rhapsody\install.log
Canon Camera Access Library-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Canon Camera Window DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Camera Window DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Camera Window MC 6 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini"
Canon EOS 5D WIA Driver-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BB3AB664-D92B-4CB5-8B3E-D841841F4E68} /l1033
Canon EOS Kiss_N REBEL_XT 350D WIA Driver-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{33CF7CDF-9805-4500-9CC7-D19D52AD63C4} /l1033
Canon EOS-1Ds Mark II WIA Driver-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{652C4ADF-0A29-4B02-9211-EE61675847DE}
Canon MF Toolbox 4.9.1.1.mf02-->MsiExec.exe /I{132CA5D9-C745-4B0B-A3B2-8C7A6EC3EE7E}
Canon MF3200 Series-->"C:\WINDOWS\system32\CanonMF Uninstaller Information\{269DBC9C-CAFC-472d-B1F1-0D327C2FFA76}\misc\DelDrv.exe" /U:{269DBC9C-CAFC-472d-B1F1-0D327C2FFA76} /L0x0000
Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
Canon RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities Digital Photo Professional 3.0-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\Digital Photo Professional\Uninst.ini"
Canon Utilities EOS Utility-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
Canon Utilities Original Data Security Tools-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\Original Data Security Tools\Uninst.ini"
Canon Utilities PhotoStitch-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
Canon Utilities WFT-E1/E2 Utility-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\WFT Utility\Uninst.ini"
Canon Utilities ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
Customer Experience Enhancement-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033
Data Fax SoftModem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\HXFSETUP.EXE -U -ITrx200Ck.inf
Defraggler (remove only)-->"C:\Program Files\Defraggler\uninst.exe"
DISCover-->"C:\Program Files\DISC\uninstall.exe"
DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
Easy Internet Sign-up-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
ƒ}ƒWƒJƒ‹ƒoƒgƒ‹ƒAƒŠ[ƒiE–‚–@—•“-->C:\WINDOWS\eiunin21.exe "C:\Program Files\”ƒVƒXƒeƒ€\INSTALL.DAT"
Fable - The Lost Chapters-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}
Free Download Manager 2.5 - Softpedia Edition-->"C:\Program Files\Free Download Manager\unins000.exe"
GemMaster Mystic-->"C:\Program Files\GemMaster\uninstallgemmaster.exe"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Player 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB893357)-->"C:\WINDOWS\$NtUninstallKB893357$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB906569)-->"C:\WINDOWS\$NtUninstallKB906569$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB912024)-->"C:\WINDOWS\$NtUninstallKB912024$\spuninst\spuninst.exe"
HP Boot Optimizer-->MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP DigitalMedia Archive-->MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920}
HP DVD Play 2.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
HP Photosmart Premier Software 6.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Web Helper-->regsvr32 /u /s "C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll"
Intel Matrix Storage Manager-->C:\WINDOWS\System32\Imsmudlg.exe
Intel PRO Network Connections Drivers-->Prounstl.exe
Intel Quick Resume Technology Drivers-->C:\WINDOWS\System32\Elusetup.exe
Intel Viiv™ Software-->MsiExec.exe /X{EEFEBB48-329E-46F6-AEB8-929A5BAFDB2F}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
K-Lite Mega Codec Pack 3.5.7-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
LimeWire PRO 4.12.6-->"C:\Program Files\LimeWire\uninstall.exe"
Macromedia Flash Player 8-->C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe
MegaTrainer XL V1.3.3.0-->"C:\Program Files\CRS-MegaDev\MegaTrainer XL\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft AppLocale-->MsiExec.exe /I{394BE3D9-7F57-4638-A8D1-1D88671913B7}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Windows Application Compatibility Database-->C:\WINDOWS\system32\sdbinst.exe -u "C:\WINDOWS\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb"
Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
muvee autoProducer 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB4740B3-2530-452D-A825-F7AB246CA7DF}\setup.exe" -l0x9
muvee autoProducer unPlugged 2.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FDD0538-C67A-4F67-B3F8-09D1AAF04D99}\setup.exe" -l0x9
Netscape Browser (remove only)-->"C:\Program Files\Netscape\Netscape Browser\NSUninst.exe"
NetZero Internet-->"C:\Program Files\NetZero\NetZeroUninstaller.exe"
Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\562C4DD5\16.0.0.125\InstStub.exe /X
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Ocular Ink-->"C:\Program Files\Pistachio Productions\Ocular Ink\uninstall.exe"
OmniPage SE 2.0-->MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}
Paint.NET v3.35-->MsiExec.exe /X{20AC583C-A6FB-410A-807D-25308225C201}
PC-Doctor 5 for Windows-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Rhapsody Player Engine-->MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Rhapsody-->C:\PROGRA~1\Rhapsody\Unwise32.exe /A C:\PROGRA~1\Rhapsody\install.log
SearchPerks! Perk Counter-->MsiExec.exe /X{0980C810-4CEF-465A-8064-1EC4DC6572D2}
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Security Update for Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
Security Update for Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Security Update for Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Security Update for Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Security Update for Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SpeechRedist-->MsiExec.exe /X{8795CBED-55E2-4693-9F14-84EC446935BE}
SpiderMan Web of Shadows-->"C:\Program Files\SpiderMan Web of Shadows\unins000.exe"
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
TimeShift-->C:\Program Files\InstallShield Installation Information\{1367FA2F-2B3D-430F-872F-588B93420BFC}\setup.exe -runfromtemp -l0x0009 -removeonly
UniKey 3.63-->C:\Program Files\UniKey\uninst.exe
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Update for Windows XP (KB912945)-->"C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe"
Update for Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Update for Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Update for Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Updates from HP (remove only)-->C:\WINDOWS\HPCPCUninstall-9972322\HPBWSetup.exe -appid 9972322 -uninstall
USB Disk Win98 Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF5EE349-90CD-4422-A43B-661778180173}\Setup.exe"
Utawarerumono English v1.1-->C:\Program Files\Leaf\a\uninstall.exe
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 8 Beta 1-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB883667-->C:\WINDOWS\$NtUninstallKB883667$\spuninst\spuninst.exe
Windows XP Hotfix - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Windows XP Hotfix - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Windows XP Hotfix - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Windows XP Hotfix - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Windows XP Hotfix - KB892050-->"C:\WINDOWS\$NtUninstallKB892050$\spuninst\spuninst.exe"
Windows XP Hotfix - KB893066-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB912067-->"C:\WINDOWS\$NtUninstallKB912067$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Yahoo! Toolbar for Internet Explorer-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
????????~????????~-->MsiExec.exe /I{39A1D3CC-7534-43CC-A0C7-72EF2883C963}
?????2 ????????-->C:\Program Files\GuiltyPLUS\?????2\UNINST.EXE

======Hosts File======

127.0.0.1 activate.adobe.com

======Security center information======

AV: Norton Internet Security (outdated)
FW: Norton Internet Security

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Common Files\Sonic Shared\Sonic Central\

-----------------EOF-----------------

Edited by aznriceboi13, 13 December 2008 - 05:33 PM.


BC AdBot (Login to Remove)

 


#2 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:03:10 AM

Posted 20 December 2008 - 07:15 PM

Welcome to the BleepingComputer Forums.

Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • After it has finished, two logs will open. Please post the contents of both. log.txt will be maximized and info.txt will be minimized.
Thank you for your patience.

Please see Preparation Guide for use before posting about your potential Malware problem. Thank you for your patience.

If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped.

While we are working on your HijackThis log, please:
  • Reply to this thread; do not start another!
  • Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so.
  • Do not run any other tool until instructed to do so!
  • Let me know if any of the links do not work or if any of the tools do not work.
  • Tell me about problems or symptoms that occur during the fix.
  • Do not run any other programs or open any other windows while doing a fix.
  • Ask any questions that you have regarding the fix(es), the infection(s), the performance of your computer, etc.
Thanks.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#3 aznriceboi13

aznriceboi13
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:10 AM

Posted 23 December 2008 - 09:40 AM

i cannot get to my computer since i'm in florida now and won't be able to scan it until i'm come back around jan. 1-3 2009
i shall submit the scan results as soon as possible, till then you guys can help other people

#4 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:03:10 AM

Posted 24 December 2008 - 03:28 PM

Thank you for letting me know. I will close this thread. Please open a new thread when you are ready.

This subject is now closed. If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request. If you should have a new issue, please start a new topic. This applies only to the original topic starter. Everyone else please begin a New Topic.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users