Thanks for the reply! I hope I did this all right:
Malwarebytes' Anti-Malware 1.34
Database version: 1813
Windows 5.1.2600 Service Pack 2
3/1/2009 8:23:37 PM
mbam-log-2009-03-01 (20-23-37).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 210863
Time elapsed: 1 hour(s), 3 minute(s), 28 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8b124429-d460-4c60-8b2b-828637569a92} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\suoxntek (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{8b124429-d460-4c60-8b2b-828637569a92} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\qieotpsv (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\qieotpsv (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\qieotpsv (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8b124429-d460-4c60-8b2b-828637569a92} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\WINDOWS\system32\pnkyswz.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\zewxftp.dll (Trojan.Vundo.H) -> Delete on reboot.
=========================--=-=-=-=-=-=-=-=-=-=-
info.txt logfile of random's system information tool 1.05 2009-03-01 20:30:42
======Uninstall list======
-->MsiExec /X{AC54E544-3E42-443C-A91D-A00A6974C592}
-->MsiExec.exe /X{7B4AB13C-1A5C-4BC5-ABA6-762F8198444C}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x9
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Premiere Pro CS3 Functional Content-->MsiExec.exe /I{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}
Adobe Premiere Pro CS3-->C:\Program Files\Common Files\Adobe\Installers\32fdd767b4383606e8168e834af5d90\Setup.exe
Adobe Premiere Pro CS3-->MsiExec.exe /I{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}
Adobe Reader 7.0.5-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Adobe Setup-->MsiExec.exe /I{BB81360F-041C-4CF7-B15E-71380D154244}
Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}
AIM 6-->C:\Program Files\AIM6\uninst.exe
Apple Mobile Device Support-->MsiExec.exe /I{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Audiosurf-->"C:\Program Files\Steam\steam.exe" steam://uninstall/12900
Auto Gordian Knot 2.40-->C:\Program Files\AutoGK\uninst.exe
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{B7F54262-AB66-44B3-88BF-9FC69941B643}
CDisplayEx 1.4-->"C:\Program Files\CDisplayEx\unins000.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240
Creative EAX Settings-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x9 /remove
Creative Speaker Settings-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9 /remove
Day of Defeat: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/300
Device Control-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x9 /remove
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
Easy Hi-Q Recorder 2.0-->"C:\Program Files\Easy Hi-Q Recorder\unins000.exe"
EAX Unified-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\EAX Unified\Uninst.isu"
FaceGen Modeller 3.1-->MsiExec.exe /I{332B1B33-D0EE-4A0A-AB2F-12BF56BCE1C3}
ffdshow [rev 1579] [2007-10-26]-->"C:\Program Files\ffdshow\unins000.exe"
Folding@Home-->C:\WINDOWS\system32\GKSUI18.EXE C:\Program Files\Folding@Home\UninstallDB9A.DAT
Free 3GP Video Converter version 3.1-->"C:\Program Files\DVDVideoSoft\Free 3GP Video Converter\unins000.exe"
FREE Hi-Q Recorder 1.92-->"C:\Program Files\FREE Hi-Q Recorder\unins000.exe"
Freelancer-->"D:\Program Files\Microsoft Games\Freelancer\UNINSTAL.EXE" /runtemp /addremove
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Half-Life 2: Episode Two-->"C:\Program Files\Steam\steam.exe" steam://uninstall/420
Heart Of Darkness-->D:\PROGRA~1\HEARTO~1\UNWISE.EXE D:\PROGRA~1\HEARTO~1\INSTALL.LOG
HighMAT Extension to Microsoft Windows XP CD Writing Wizard-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{3A316611-45D1-429C-AA26-B71259C44689}\setup\hpzscr01.exe -datfile hposcr11.dat
ImgBurn-->"C:\Program Files\ImgBurn\uninstall.exe"
IONCROSS Freelancer Character Editor-->"C:\Program Files\IONCROSS Freelancer Character Editor\uninstall.exe"
IsoBuster 2.4-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
iTunes-->MsiExec.exe /I{3DE0053C-FD9A-483E-B7C9-B06E4392206E}
Japanese Language Support-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\ja.inf, Uninstall
Java™ 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java™ 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
KeyHoleTV-->"C:\Program Files\KeyHoleTV\uninstall.exe"
Left 4 Dead-->"C:\Program Files\Steam\steam.exe" steam://uninstall/500
LimeWire PRO 4.12.3-->"C:\Program Files\LimeWire\uninstall.exe"
Linksys WUSB100 RangePlus Wireless USB Adapter-->C:\Program Files\InstallShield Installation Information\{E00A6137-2D82-4386-88EF-9AD4DFFF148A}\setup.exe -runfromtemp -l0x0409
LiveUpdate 3.3 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Mafia Game-->C:\WINDOWS\system32\MafiaSetup.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Mirar-->mshta.exe
http://remove.getmirar.com/ Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Netflix Movie Viewer-->MsiExec.exe /X{BCE72AED-3332-4863-9567-C5DCB9052CA2}
Network Stumbler 0.4.0 (remove only)-->"C:\Program Files\Network Stumbler\uninst.exe"
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX v8.10.13-->MsiExec.exe /X{AC54E544-3E42-443C-A91D-A00A6974C592}
NVIDIA PureVideo Decoder-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055FEF8E-4B86-400F-A5C6-8FAC0042DCD9}\setup.exe" -l0x9 -uninstall
Oblivion - Construction Set-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23D683DD-93C6-48E6-B84E-78B57778F126}\setup.exe" -l0x9 -removeonly
Oblivion mod manager 1.1.9-->"C:\Program Files\Bethesda Softworks\Oblivion\obmm\uninstall\unins000.exe"
Oblivion-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x9 -removeonly
PC DUAL SHOCK-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BA12FD6C-169A-11D7-A6A9-00C026281E5B}\setup.exe" -l0x9
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Peggle Extreme-->"C:\Program Files\Steam\steam.exe" steam://uninstall/3483
Power Tab Editor 1.7-->MsiExec.exe /I{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}
PowerDVD Ultra-->"C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -l0x000409 /z-uninstall
Project64 1.6-->MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727}
QuickTime Alternative 2.7.0-->"C:\Program Files\QuickTime Alternative\unins000.exe"
Real Alternative 1.60-->"C:\Program Files\Real Alternative\unins000.exe"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Security Update for Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Security Update for Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Security Update for Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Security Update for Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Security Update for Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Security Update for Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Security Update for Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Sony Ericsson Device Data-->MsiExec.exe /I{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}
Sony Ericsson Drivers-->MsiExec.exe /I{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}
Sony Ericsson PC Suite-->C:\WINDOWS\Installer\{D6BF6477-8369-489F-8DE6-3731F4B88560}\Setup.exe /uninstall
Sony Ericsson PC Suite-->MsiExec.exe /I{25BEC3AB-5CD4-481D-9143-215C1BBB189E}
Sony Ericsson Themes Creator 3.19-->C:\Program Files\Sony Ericsson\Themes Creator\Uninstall.exe
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.exe" -l0x9 -removeonly
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Symantec Endpoint Protection-->MsiExec.exe /I{3BAB4914-9CC1-4CC2-A3DA-56EF62DFD373}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
The Typing of The Dead-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B2E92CF8-8D2F-4203-B5C4-177174472C9A}\setup.exe"
Tweaper 1.2-->"C:\Program Files\Tweaper\unins000.exe"
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Unofficial Oblivion Patch v2.2.0-->"C:\Program Files\Bethesda Softworks\Oblivion\Unofficial Oblivion Patch\unins000.exe"
Unofficial Shivering Isles Patch v1.2.0-->"C:\Program Files\Bethesda Softworks\Oblivion\Unofficial Shivering Isles Patch\unins000.exe"
Update for Windows Internet Explorer 8 (KB961813)-->"C:\WINDOWS\ie8updates\KB961813-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Update for Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Update for Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Update for Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Update for Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Update for Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Update for Windows XP (KB925720)-->"C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
Update for Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Update for Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Update for Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Update for Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Update for Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
VobSub v2.23 (Remove Only)-->"C:\Program Files\Gabest\VobSub\uninstall.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
WinAVI Video Converter-->"C:\Program Files\WinAVI Video Converter\unins000.exe"
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 8 Release Candidate 1-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
XviD MPEG4 Video Codec (remove only)-->"C:\WINDOWS\system32\xvid-uninstall.exe"
YASA MP4 Video Converter v3.2 (build 0051)-->C:\PROGRA~1\YASAMP~1\UNWISE.EXE C:\PROGRA~1\YASAMP~1\INSTALL.LOG
======Hosts File======
195.245.119.131 browser-security.microsoft.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
======Security center information======
AV: Symantec Endpoint Protection
FW: Symantec Endpoint Protection
System event log
Computer Name: ANGE
Event Code: 10005
Message: DCOM got error "%1058" attempting to start the service SENS with arguments ""
in order to run the server:
{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}
Record Number: 5
Source Name: DCOM
Time Written: 20090219162946.000000-480
Event Type: error
User: NT AUTHORITY\SYSTEM
Computer Name: ANGE
Event Code: 10005
Message: DCOM got error "%1058" attempting to start the service SENS with arguments ""
in order to run the server:
{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}
Record Number: 4
Source Name: DCOM
Time Written: 20090219162946.000000-480
Event Type: error
User: NT AUTHORITY\SYSTEM
Computer Name: ANGE
Event Code: 4
Message: Driver detected an internal error in its data structures for .
Record Number: 3
Source Name: sptd
Time Written: 20090219155809.000000-480
Event Type: error
User:
Computer Name: ANGE
Event Code: 6005
Message: The Event log service was started.
Record Number: 2
Source Name: EventLog
Time Written: 20090219155741.000000-480
Event Type: information
User:
Computer Name: ANGE
Event Code: 6009
Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Multiprocessor Free.
Record Number: 1
Source Name: EventLog
Time Written: 20090219155741.000000-480
Event Type: information
User:
Application event log
Computer Name: ANGE
Event Code: 6
Message:
Could not scan 2 files inside c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterRegistryTools2.zip due to extraction errors encountered by the Decomposer Engines.Application has encountered an error.
For more information, please go to:
http://www.symantec.com/techsupp/servlet/P...ld=symantec_entRecord Number: 129
Source Name: Symantec AntiVirus
Time Written: 20090220023243.000000-480
Event Type: warning
User:
Computer Name: ANGE
Event Code: 6
Message:
Could not scan 2 files inside c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterRegistryTools1.zip due to extraction errors encountered by the Decomposer Engines.Application has encountered an error.
For more information, please go to:
http://www.symantec.com/techsupp/servlet/P...ld=symantec_entRecord Number: 128
Source Name: Symantec AntiVirus
Time Written: 20090220023243.000000-480
Event Type: warning
User:
Computer Name: ANGE
Event Code: 6
Message:
Could not scan 2 files inside c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterRegistryTools.zip due to extraction errors encountered by the Decomposer Engines.Application has encountered an error.
For more information, please go to:
http://www.symantec.com/techsupp/servlet/P...ld=symantec_entRecord Number: 127
Source Name: Symantec AntiVirus
Time Written: 20090220023243.000000-480
Event Type: warning
User:
Computer Name: ANGE
Event Code: 6
Message:
Could not scan 2 files inside c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterFirewallOverride1.zip due to extraction errors encountered by the Decomposer Engines.Application has encountered an error.
For more information, please go to:
http://www.symantec.com/techsupp/servlet/P...ld=symantec_entRecord Number: 126
Source Name: Symantec AntiVirus
Time Written: 20090220023243.000000-480
Event Type: warning
User:
Computer Name: ANGE
Event Code: 6
Message:
Could not scan 2 files inside c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterFirewallOverride.zip due to extraction errors encountered by the Decomposer Engines.Application has encountered an error.
For more information, please go to:
http://www.symantec.com/techsupp/servlet/P...ld=symantec_entRecord Number: 125
Source Name: Symantec AntiVirus
Time Written: 20090220023243.000000-480
Event Type: warning
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Smart Projects\IsoBuster
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0403
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
-----------------EOF-----------------
Logfile of random's system information tool 1.05 (written by random/random)
Run by ange at 2009-03-01 20:30:13
Microsoft Windows XP Professional Service Pack 2
System drive C: has 21 GB (28%) free of 76 GB
Total RAM: 1022 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:30:37 PM, on 3/1/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Smc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\ange\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Symantec AntiVirus\SmcGui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\ange\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\ange\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Documents and Settings\ange\Desktop\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\ange.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://central.informatica.com/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: 195.245.119.131 browser-security.microsoft.com
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {8B124429-D460-4C60-8B2B-828637569A92} - c:\windows\system32\pnkyswz.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: Mirar - {E51F80B8-5573-4DD6-980F-2DFCE033E7BC} - C:\WINDOWS\system32\winok77.dll (file missing)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] -
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [qoqw] C:\PROGRA~1\COMMON~1\qoqw\qoqwm.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\ange\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [tezrtsjhfr84iusjfo84f] C:\WINDOWS\TEMP\csrssc.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [rxxxppcx.exe] C:\WINDOWS\rxxxppcx.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [rzjbicyk.exe] C:\WINDOWS\rzjbicyk.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [bnvxxran.exe] C:\WINDOWS\bnvxxran.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [dbubimip.exe] C:\WINDOWS\dbubimip.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [tezrtsjhfr84iusjfo84f] C:\WINDOWS\TEMP\csrssc.exe (User 'Default user')
O4 - Startup: Folding@Home 5.03.lnk = ?
O4 - Global Startup: Wireless Network Monitor.lnk = C:\Program Files\Linksys\WUSB100\WUSB100.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/...b?1130785168873O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) -
http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdat...b?1130792793890O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) -
http://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cabO16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} (Pearson MathXL Player) -
http://asp.mathxl.com/books/_Players/MathPlayer.cabO20 - Winlogon Notify: suoxntek - C:\WINDOWS\SYSTEM32\pnkyswz.dll
O20 - Winlogon Notify: vtUonnoL - C:\WINDOWS\
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: SMS Agent Host (CcmExec) - Unknown owner - C:\WINDOWS\System32\CCM\CcmExec.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: FLEXnet Licensing Service - Unknown owner - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\SNAC.EXE
O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
--
End of file - 9373 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-269536213-2167395947-3405039426-1011.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B124429-D460-4C60-8B2B-828637569A92}]
c:\windows\system32\pnkyswz.dll [2001-08-23 104960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-12 657904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{E51F80B8-5573-4DD6-980F-2DFCE033E7BC} - Mirar - C:\WINDOWS\system32\winok77.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-02-11 1404928]
"P17Helper"=Rundll32 P17.dll []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-12-26 13680640]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-12-26 86016]
"ccApp"=- []
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2009-02-11 167936]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
"Aim6"= []
"qoqw"=C:\PROGRA~1\COMMON~1\qoqw\qoqwm.exe []
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"Google Update"=C:\Documents and Settings\ange\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-03 133104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
C:\Program Files\AIM6\aim6.exe [2008-03-25 50528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\ange\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-03 133104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-07-30 289064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-03-14 54832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17Helper]
Rundll32 P17.dll []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe -atboottime []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2009-02-11 528384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files\steam\steam.exe [2008-10-15 1410296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=2
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Wireless Network Monitor.lnk - C:\Program Files\Linksys\WUSB100\WUSB100.exe
C:\Documents and Settings\ange\Start Menu\Programs\Startup
Folding@Home 5.03.lnk - C:\Program Files\Folding@Home\winFAH.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\suoxntek]
C:\WINDOWS\system32\pnkyswz.dll [2001-08-23 104960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vtUonnoL]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vsphozrr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccEvtMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccSetMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antvirus]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsphozrr.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\Steam\steamapps\angethedude\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\angethedude\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\KeyHoleTV\KeyHoleTV.exe"="C:\Program Files\KeyHoleTV\KeyHoleTV.exe:*:Enabled:KeyHole TV Main Application"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Steam\steamapps\angethedude\day of defeat source\hl2.exe"="C:\Program Files\Steam\steamapps\angethedude\day of defeat source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Steam\steamapps\angethedude\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\angethedude\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\angethedude\zombie panic! source\hl2.exe"="C:\Program Files\Steam\steamapps\angethedude\zombie panic! source\hl2.exe:*:Enabled:hl2"
"D:\Program Files\Microsoft Games\Freelancer\EXE\Freelancer.exe"="D:\Program Files\Microsoft Games\Freelancer\EXE\Freelancer.exe:*:Enabled:Freelancer"
"D:\Program Files\Microsoft Games\Freelancer\EXE\flserver.exe"="D:\Program Files\Microsoft Games\Freelancer\EXE\flserver.exe:*:Enabled:Freelancer"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\Steam\steamapps\angethedude\insurgency\hl2.exe"="C:\Program Files\Steam\steamapps\angethedude\insurgency\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe"="C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe:*:Enabled:left4dead"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\WINDOWS\system32\wbem\wmiprvse.exe"="C:\WINDOWS\system32\wbem\wmiprvse.exe:*:Enabled:wmiprvse"
"C:\Program Files\iPod\bin\iPodService.exe"="C:\Program Files\iPod\bin\iPodService.exe:*:Enabled:iPodService"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
shell\AutoRun\command - E:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{153edf66-24bd-11dd-bea7-0010c6b13f2b}]
shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7fc76668-fee8-11dd-9d6a-a92706811488}]
shell\AutoRun\command - E:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a19a4d2e-c4c0-11dc-be75-0010c6b13f2b}]
shell\AutoRun\command - F:\LaunchU3.exe -a
======List of files/folders created in the last 1 months======
2009-03-01 20:30:13 ----D---- C:\rsit
2009-02-26 19:42:20 ----D---- C:\Program Files\Trend Micro
2009-02-26 19:32:29 ----D---- C:\32788R22FWJFW
2009-02-26 13:15:56 ----A---- C:\Bug.txt
2009-02-26 13:15:55 ----A---- C:\WINDOWS\system32\cmd.execf
2009-02-25 16:01:07 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-25 00:31:29 ----D---- C:\Documents and Settings\ange\Application Data\Malwarebytes
2009-02-25 00:31:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-25 00:31:18 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-02-21 02:51:29 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2009-02-21 02:51:16 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$
2009-02-21 02:51:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-02-21 02:50:55 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
2009-02-21 02:50:43 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-02-21 02:50:31 ----HDC---- C:\WINDOWS\$NtUninstallKB943460$
2009-02-21 02:50:18 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-02-21 02:50:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-02-21 02:49:59 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
2009-02-21 02:49:47 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2009-02-21 02:49:34 ----HDC---- C:\WINDOWS\$NtUninstallKB937894$
2009-02-21 02:49:18 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$
2009-02-21 02:49:05 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2009-02-21 02:48:53 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2009-02-21 02:48:42 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2009-02-21 02:48:31 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-02-21 02:48:19 ----HDC---- C:\WINDOWS\$NtUninstallKB933729$
2009-02-21 02:48:07 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2009-02-21 02:47:55 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2009-02-21 02:47:43 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$
2009-02-21 02:47:31 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2009-02-21 02:47:20 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2009-02-21 02:47:09 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$
2009-02-21 02:46:57 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$
2009-02-21 02:46:45 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2009-02-21 02:46:33 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$
2009-02-21 02:46:18 ----HDC---- C:\WINDOWS\$NtUninstallKB924270$
2009-02-21 02:46:07 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2009-02-21 02:45:56 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2009-02-21 02:45:44 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$
2009-02-21 02:45:33 ----HDC---- C:\WINDOWS\$NtUninstallKB936357$
2009-02-21 02:45:21 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-02-21 02:45:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-02-21 02:45:03 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-02-21 02:44:52 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2009-02-21 02:44:41 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$
2009-02-21 02:44:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-02-21 02:44:13 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2009-02-21 02:43:07 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2009-02-21 02:42:01 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2009-02-21 02:41:49 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-02-21 02:41:43 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
2009-02-21 02:41:30 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$
2009-02-21 02:41:19 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2009-02-21 02:41:09 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
2009-02-21 02:40:57 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
2009-02-21 02:40:42 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2009-02-21 02:40:27 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2009-02-21 02:40:17 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$
2009-02-21 02:40:06 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$
2009-02-21 02:39:52 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2009-02-21 02:39:42 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-02-21 02:38:46 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2009-02-21 02:38:35 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2009-02-21 02:38:25 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-02-21 02:38:16 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
2009-02-21 02:38:05 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-02-21 02:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2009-02-21 02:37:48 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-21 02:37:40 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-02-21 02:36:39 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-02-21 02:36:30 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2009-02-21 02:36:19 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-02-21 02:36:10 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
2009-02-21 02:35:55 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$
2009-02-21 02:35:44 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
2009-02-21 02:35:34 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2009-02-21 02:35:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-02-21 02:35:13 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2009-02-21 02:35:00 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$
2009-02-21 02:34:49 ----HDC---- C:\WINDOWS\$NtUninstallKB935840$
2009-02-21 02:34:39 ----HDC---- C:\WINDOWS\$NtUninstallKB943485$
2009-02-21 02:34:28 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
2009-02-21 02:34:18 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
2009-02-21 02:34:07 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
2009-02-21 02:33:56 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$
2009-02-21 02:33:44 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-02-21 02:33:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
2009-02-21 02:33:19 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-02-21 02:33:08 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2009-02-21 02:32:57 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2009-02-21 02:32:46 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-02-21 02:32:37 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-02-21 02:32:26 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2009-02-21 02:32:14 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-02-21 02:32:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-02-21 02:31:55 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2009-02-21 02:31:45 ----HDC---- C:\WINDOWS\$NtUninstallKB935839$
2009-02-21 02:31:34 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$
2009-02-21 02:31:23 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$
2009-02-21 02:31:11 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2009-02-21 02:31:01 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2009-02-21 02:30:50 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2009-02-21 02:30:39 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$
2009-02-21 02:30:27 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2009-02-21 02:29:15 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$
2009-02-20 13:39:17 ----D---- C:\WINDOWS\ie8updates
2009-02-20 13:36:53 ----HDC---- C:\WINDOWS\ie8
2009-02-20 13:07:03 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-02-20 13:06:42 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-20 13:06:21 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2009-02-20 02:00:34 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2009-02-19 16:59:35 ----D---- C:\Program Files\Symantec AntiVirus
2009-02-19 16:57:01 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-02-19 16:39:31 ----D---- C:\WINDOWS\Prefetch
2009-02-19 16:28:56 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-02-19 16:28:08 ----A---- C:\WINDOWS\system32\fltmc.exe
2009-02-19 16:27:57 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-02-19 16:26:14 ----A---- C:\WINDOWS\system32\write.exe
2009-02-19 16:26:13 ----A---- C:\WINDOWS\system32\winmine.exe
2009-02-19 16:26:13 ----A---- C:\WINDOWS\system32\sol.exe
2009-02-19 16:26:13 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-02-19 16:26:13 ----A---- C:\WINDOWS\system32\charmap.exe
2009-02-19 16:26:13 ----A---- C:\WINDOWS\system32\calc.exe
2009-02-19 16:26:12 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-02-19 16:26:12 ----A---- C:\WINDOWS\system32\tskill.exe
2009-02-19 16:26:12 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-02-19 16:26:12 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-02-19 16:26:12 ----A---- C:\WINDOWS\system32\reset.exe
2009-02-19 16:26:12 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-02-19 16:26:12 ----A---- C:\WINDOWS\system32\freecell.exe
2009-02-19 16:26:11 ----A---- C:\WINDOWS\system32\regini.exe
2009-02-19 16:26:11 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-02-19 16:26:11 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-02-19 16:26:11 ----A---- C:\WINDOWS\system32\msg.exe
2009-02-19 16:26:11 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-02-19 16:26:08 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-02-19 16:26:07 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-02-19 16:26:06 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-02-19 16:26:06 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-02-19 16:26:05 ----A---- C:\WINDOWS\system32\spider.exe
2009-02-19 16:26:04 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-02-19 16:26:04 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-02-19 16:26:04 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-02-19 16:26:04 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-02-19 16:26:03 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-02-19 16:26:01 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-02-19 15:58:53 ----RA---- C:\WINDOWS\SET94.tmp
2009-02-19 15:58:50 ----RA---- C:\WINDOWS\SET85.tmp
2009-02-19 15:58:48 ----RA---- C:\WINDOWS\SET82.tmp
2009-02-19 15:42:23 ----RA---- C:\WINDOWS\SET8D.tmp
2009-02-19 15:42:18 ----RA---- C:\WINDOWS\SET81.tmp
2009-02-19 15:42:15 ----RA---- C:\WINDOWS\SET7E.tmp
2009-02-19 15:36:12 ----D---- C:\WINDOWS\NV896220.TMP
2009-02-19 15:30:30 ----RA---- C:\WINDOWS\SET8C.tmp
2009-02-19 15:30:27 ----RA---- C:\WINDOWS\SET80.tmp
2009-02-19 15:30:24 ----RA---- C:\WINDOWS\SET7D.tmp
2009-02-19 15:11:00 ----RA---- C:\WINDOWS\SET8B.tmp
2009-02-19 15:10:56 ----RA---- C:\WINDOWS\SET7F.tmp
2009-02-19 15:10:54 ----RA---- C:\WINDOWS\SET7C.tmp
2009-02-19 14:34:16 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-02-19 14:34:16 ----A---- C:\WINDOWS\system32\irclass.dll
2009-02-19 14:33:56 ----RA---- C:\WINDOWS\SETDF.tmp
2009-02-19 14:33:51 ----RA---- C:\WINDOWS\SETD3.tmp
2009-02-19 14:33:48 ----RA---- C:\WINDOWS\SETD0.tmp
2009-02-09 11:14:42 ----A---- C:\WINDOWS\system32\1E.tmp
2009-02-09 11:13:46 ----A---- C:\WINDOWS\system32\18.tmp
2009-02-09 11:13:45 ----A---- C:\WINDOWS\system32\17.tmp
2009-02-09 11:13:34 ----A---- C:\WINDOWS\system32\14.tmp
2009-02-09 11:13:20 ----A---- C:\WINDOWS\system32\12.tmp
2009-02-07 13:14:59 ----A---- C:\WINDOWS\system32\61.tmp
2009-02-07 12:33:50 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-03 17:51:34 ----A---- C:\WINDOWS\adobe.bat
2009-02-03 13:28:43 ----A---- C:\wgqjqf.exe
2009-02-03 13:28:38 ----A---- C:\nwurjr.exe
2009-02-03 13:28:37 ----A---- C:\ywdhlny.exe
2009-02-03 13:28:25 ----A---- C:\irvgoan.exe
======List of files/folders modified in the last 1 months======
2009-03-01 20:27:09 ----SHD---- C:\System Volume Information
2009-03-01 20:27:09 ----D---- C:\WINDOWS\system32\Restore
2009-03-01 20:26:50 ----AD---- C:\WINDOWS\Temp
2009-03-01 20:25:22 ----D---- C:\WINDOWS\system32\drivers
2009-03-01 20:24:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-01 20:20:25 ----D---- C:\Program Files\Mozilla Firefox
2009-03-01 00:57:08 ----D---- C:\WINDOWS\system32
2009-03-01 00:56:37 ----HD---- C:\WINDOWS\inf
2009-03-01 00:56:16 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-26 19:42:20 ----RD---- C:\Program Files
2009-02-26 03:14:20 ----D---- C:\WINDOWS
2009-02-25 19:53:18 ----SD---- C:\WINDOWS\Tasks
2009-02-25 16:01:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-25 00:25:59 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-21 17:37:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-21 17:34:48 ----SHD---- C:\WINDOWS\CSC
2009-02-21 12:56:06 ----D---- C:\Documents and Settings
2009-02-21 12:31:25 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-21 02:58:01 ----D---- C:\WINDOWS\Minidump
2009-02-21 02:57:44 ----D---- C:\WINDOWS\msagent
2009-02-21 02:51:34 ----A---- C:\WINDOWS\imsins.BAK
2009-02-21 02:50:21 ----D---- C:\Program Files\Messenger
2009-02-21 02:42:59 ----D---- C:\Program Files\Windows Media Player
2009-02-21 02:41:33 ----D---- C:\Program Files\Outlook Express
2009-02-21 02:41:33 ----D---- C:\Program Files\Common Files\System
2009-02-21 02:40:48 ----D---- C:\WINDOWS\system32\Com
2009-02-20 23:37:28 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-02-20 14:07:54 ----D---- C:\WINDOWS\system32\en-US
2009-02-20 14:07:54 ----D---- C:\WINDOWS\Media
2009-02-20 14:07:54 ----D---- C:\WINDOWS\Help
2009-02-20 14:07:54 ----D---- C:\Program Files\Internet Explorer
2009-02-20 13:50:10 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-20 09:41:27 ----D---- C:\Program Files\Folding@Home
2009-02-20 02:14:58 ----HD---- C:\Config.Msi
2009-02-20 02:02:51 ----SHD---- C:\WINDOWS\Installer
2009-02-20 02:02:40 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-02-20 02:02:08 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-02-20 02:00:56 ----D---- C:\Program Files\Symantec
2009-02-20 02:00:23 ----D---- C:\WINDOWS\WinSxS
2009-02-20 02:00:13 ----D---- C:\WINDOWS\SoftwareDistribution
2009-02-19 16:55:52 ----D---- C:\Documents and Settings\ange\Application Data\U3
2009-02-19 16:45:13 ----D---- C:\WINDOWS\Registration
2009-02-19 16:38:37 ----D---- C:\WINDOWS\system32\inetsrv
2009-02-19 16:38:37 ----D---- C:\WINDOWS\system32\config
2009-02-19 16:38:36 ----D---- C:\WINDOWS\nview
2009-02-19 16:37:33 ----A---- C:\WINDOWS\setuplog.txt
2009-02-19 16:30:32 ----D---- C:\WINDOWS\security
2009-02-19 16:30:11 ----A---- C:\WINDOWS\OEWABLog.txt
2009-02-19 16:30:03 ----AC---- C:\WINDOWS\ODBCINST.INI
2009-02-19 16:29:36 ----D---- C:\WINDOWS\system32\ias
2009-02-19 16:29:00 ----RD---- C:\WINDOWS\Web
2009-02-19 16:28:47 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-02-19 16:28:31 ----A---- C:\WINDOWS\win.ini
2009-02-19 16:28:26 ----D---- C:\WINDOWS\system32\oobe
2009-02-19 16:28:25 ----D---- C:\Program Files\NetMeeting
2009-02-19 16:28:24 ----D---- C:\WINDOWS\srchasst
2009-02-19 16:28:16 ----D---- C:\Program Files\Movie Maker
2009-02-19 16:26:13 ----D---- C:\Program Files\Windows NT
2009-02-19 16:26:10 ----D---- C:\WINDOWS\system32\wbem
2009-02-19 16:11:11 ----SH---- C:\boot.ini
2009-02-19 15:59:15 ----A---- C:\WINDOWS\system.ini
2009-02-19 15:58:58 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-02-19 14:34:16 ----D---- C:\WINDOWS\system
2009-02-19 06:29:40 ----D---- C:\WINDOWS\system32\Setup
2009-02-19 06:29:32 ----D---- C:\WINDOWS\system32\usmt
2009-02-19 06:29:24 ----D---- C:\WINDOWS\AppPatch
2009-02-19 06:29:17 ----D---- C:\WINDOWS\mui
2009-02-19 06:29:17 ----D---- C:\WINDOWS\ehome
2009-02-19 06:29:16 ----D---- C:\WINDOWS\ime
2009-02-19 06:29:15 ----RSD---- C:\WINDOWS\Fonts
2009-02-19 06:29:04 ----D---- C:\WINDOWS\PeerNet
2009-02-19 06:28:52 ----D---- C:\WINDOWS\system32\npp
2009-02-19 06:27:00 ----D---- C:\WINDOWS\twain_32
2009-02-19 06:26:49 ----D---- C:\WINDOWS\system32\icsxml
2009-02-19 06:26:24 ----D---- C:\WINDOWS\system32\1033
2009-02-19 06:25:32 ----D---- C:\WINDOWS\Driver Cache
2009-02-11 16:45:26 ----A---- C:\WINDOWS\DUMP6baa.tmp
2009-02-11 02:06:47 ----A---- C:\WINDOWS\uninst.exe
2009-02-11 02:06:28 ----A---- C:\WINDOWS\system32\GkSui18.EXE
2009-02-11 02:05:59 ----RA---- C:\WINDOWS\system32\xmlinst.exe
2009-02-11 02:05:47 ----A---- C:\WINDOWS\system32\setupn.exe
2009-02-11 02:05:42 ----D---- C:\WINDOWS\system32\CCM
2009-02-11 02:05:32 ----A---- C:\WINDOWS\system32\Process.exe
2009-02-11 02:05:08 ----A---- C:\WINDOWS\system32\verclsid.exe
2009-02-11 02:04:35 ----A---- C:\WINDOWS\system32\wmpstub.exe
2009-02-11 02:04:13 ----A---- C:\WINDOWS\system32\swxcacls.exe
2009-02-11 02:04:12 ----A---- C:\WINDOWS\system32\swsc.exe
2009-02-11 02:04:12 ----A---- C:\WINDOWS\system32\swreg.exe
2009-02-11 02:04:00 ----A---- C:\WINDOWS\system32\slrundll.exe
2009-02-11 02:03:31 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-02-11 02:03:06 ----RA---- C:\WINDOWS\system32\MafiaSetup.exe
2009-02-11 02:03:01 ----A---- C:\WINDOWS\system32\javaws.exe
2009-02-11 02:03:00 ----A---- C:\WINDOWS\system32\javaw.exe
2009-02-11 02:03:00 ----A---- C:\WINDOWS\system32\java.exe
2009-02-11 02:02:55 ----A---- C:\WINDOWS\system32\HPZipm12.exe
2009-02-11 02:02:55 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2009-02-11 02:02:00 ----A---- C:\WINDOWS\system32\dumphive.exe
2009-02-11 02:01:58 ----A---- C:\WINDOWS\system32\DSndUp.exe
2009-02-11 02:01:29 ----A---- C:\WINDOWS\system32\dns-sd.exe
2009-02-11 02:00:53 ----HDC---- C:\WINDOWS\$NtUninstallKB839645$
2009-02-11 02:00:51 ----A---- C:\WINDOWS\system32\Copy of GkSui18.EXE
2009-02-11 02:00:47 ----HDC---- C:\WINDOWS\$NtUninstallKB837001$
2009-02-11 02:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB835732_RTM$
2009-02-11 02:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB835732$
2009-02-11 02:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB833998$
2009-02-11 02:00:31 ----A---- C:\WINDOWS\system32\AegisI5.exe
2009-02-11 02:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB828741_RTM$
2009-02-11 02:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB828741$
2009-02-11 02:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB828035$
2009-02-11 02:00:12 ----HDC---- C:\WINDOWS\$NtUninstallKB826942$
2009-02-11 02:00:07 ----HDC---- C:\WINDOWS\$NtUninstallKB826939$
2009-02-11 01:59:58 ----A---- C:\WINDOWS\system32\CleanUp.exe
2009-02-11 01:59:57 ----HDC---- C:\WINDOWS\$NtUninstallQ828026$
2009-02-11 01:59:30 ----A---- C:\WINDOWS\MIDIDEF.EXE
2009-02-11 01:58:41 ----A---- C:\WINDOWS\P17DEF.EXE
2009-02-11 01:58:40 ----A---- C:\WINDOWS\OALInst.exe
2009-02-11 01:55:14 ----HDC---- C:\WINDOWS\ie7
2009-02-11 01:54:31 ----A---- C:\WINDOWS\Property.exe
2009-02-11 01:52:50 ----A---- C:\WINDOWS\setdebug.exe
2009-02-11 01:47:22 ----SHD---- C:\RECYCLER
2009-02-11 01:46:37 ----A---- C:\WINDOWS\GetWinVer.exe
2009-02-11 01:37:26 ----D---- C:\Program Files\YASAMP4Converter
2009-02-11 01:36:31 ----D---- C:\Program Files\Windows Media Connect 2
2009-02-11 00:56:16 ----DC---- C:\I386
2009-02-10 15:35:24 ----A---- C:\WINDOWS\SMSCFG.ini
2009-02-03 14:30:58 ----A---- C:\WINDOWS\WININIT.INI
2009-02-03 14:20:15 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-02-03 13:31:44 ----D---- C:\Documents and Settings\ange\Application Data\Identities
2009-02-03 13:27:21 ----A---- C:\WINDOWS\system32\638ae4b4-.txt
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-03 36096]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
R1 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2008-10-13 279600]
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2008-10-13 43824]
R1 WPS;WPS; \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys []
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-05-10 21419]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-12-16 271360]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-12-16 18048]
R2 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2006-11-28 27072]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\System32\DRIVERS\b57xp32.sys [2005-03-17 132608]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-23 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090220.004\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090220.004\NAVEX15.SYS []
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-12-26 6301344]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;SB Live! 24-bit; C:\WINDOWS\system32\drivers\P17.sys [2007-06-15 1127936]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-02-08 9856]
R3 rt2870;Linksys 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2007-07-28 517632]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 Teefer2;Teefer2 Miniport; C:\WINDOWS\system32\DRIVERS\teefer2.sys [2008-10-14 49536]
R3 TPM;Winbond Trusted Platform Module; C:\WINDOWS\system32\DRIVERS\tpm.sys [2005-10-09 17792]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 WpsHelper;WpsHelper; \??\C:\WINDOWS\system32\drivers\WpsHelper.sys []
R4 SYMTDI;SYMTDI; - []
S1 ethbloms;ethbloms; C:\WINDOWS\system32\drivers\ethbloms.sys [2009-02-10 137600]
S2 npkcrypt;npkcrypt; \??\C:\Nexon\MapleStory\npkcrypt.sys []
S3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-10-23 100384]
S3 COH_Mon;COH_Mon; \??\C:\WINDOWS\system32\Drivers\COH_Mon.sys []
S3 FXDrv32;FXDrv32; \??\E:\FXDrv32.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]
S3 mdxgthkn;mdxgthkn; \??\C:\DOCUME~1\ange\LOCALS~1\Temp\mdxgthkn.sys []
S3 npkcusb;npkcusb; \??\C:\Nexon\MapleStory\npkcusb.sys []
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\NSNDIS5.SYS []
S3 Passthru;Service; C:\WINDOWS\system32\DRIVERS\ndisio.sys [2009-02-03 53248]
S3 prepdrvr;SMS Process Event Driver; \??\C:\WINDOWS\System32\CCM\prepdrv.sys []
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\WINDOWS\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\WINDOWS\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\WINDOWS\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-09-17 732928]
S3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-04-09 612352]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2008-10-13 319664]
S3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2008-08-21 27696]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-07-22 32000]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 SysPlant;SysPlant for NT; C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys [2008-12-08 92488]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2009-02-11 229376]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-08-14 108392]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-12-26 163908]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2009-02-11 69632]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-01-19 70968]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-02-11 182099]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-05-14 272024]
R2 SmcService;Symantec Management Client; C:\Program Files\Symantec AntiVirus\Smc.exe [2008-12-08 1795400]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2009-02-11 24576]
S2 CcmExec;SMS Agent Host; C:\WINDOWS\System32\CCM\CcmExec.exe []
S2 qieotpsv;Intel Processor Helper; C:\WINDOWS\System32\svchost.exe [2004-08-03 14336]
S2 Symantec AntiVirus;Symantec Endpoint Protection; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2008-12-08 2440120]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe []
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2009-02-11 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2009-02-11 864256]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-07-30 532264]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2008-06-30 3093872]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SNAC;Symantec Network Access Control; C:\Program Files\Symantec AntiVirus\SNAC.EXE [2008-12-08 320840]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-03 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe []
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
S4 ccEvtMgr;Symantec Event Manager; - []
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-12 168432]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
-----------------EOF-----------------
This topic is locked
Back to top
