Hello,
Thanks for replying and for your assistance. The issuses have not been resloved. I ran the scan as requested. Here are the logs:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2009-06-07 09:34:09
Microsoft Windows XP Professional Service Pack 3
System drive C: has 46 GB (42%) free of 109 GB
Total RAM: 1535 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:34:10 AM, on 6/7/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\program files\usb storage rw\shwicon.exe
c:\windows\system32\cthelper.exe
c:\program files\bitdefender\bitdefender 2008\bdagent.exe
c:\program files\itunes\ituneshelper.exe
c:\windows\system32\ctfmon.exe
c:\program files\hp center\137903\program\backweb-137903.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\windows\system32\rundll32.exe
c:\documents and settings\administrator\desktop\rsit.exe
c:\program files\trend micro\hijackthis\administrator.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://srch-us6.hpwis.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:7171
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;localhost;<local>
O1 - Hosts: ::1 localhost
O1 - Hosts: 209.44.111.57 alarm-security.microsoft.com
O1 - Hosts: 209.44.111.57 inetantivir.com
O1 - Hosts: 209.44.111.57 www.inetantivir.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file)
O2 - BHO: (no name) - {4321A997-5748-4B69-A76A-B7927E7AF8A2} - (no file)
O2 - BHO: (no name) - {6ADFDA1B-502F-4DD0-889D-2A8BFA21B08F} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {F241BAA6-9BA8-42B9-B82C-266DB1FE0B07} - (no file)
O2 - BHO: (no name) - {B42BF63C-5354-4C5C-A789-66EFEEC5E1B0} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ShowIcon_KYE Electronics Corp._USB Storage R/W v1.14e057] "C:\Program Files\USB Storage RW\shwicon.exe" -t"KYE Electronics Corp.\USB Storage R/W v1.14e057"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: hp center.lnk = C:\Program Files\hp center\137903\Program\BackWeb-137903.exe
O4 - Global Startup: Personal Coach.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Aces Up! by pogo -
http://game3.pogo.com/v/9.1.1.8/applet/aces/aces-en_US.cabO16 - DPF: Addiction by pogo -
http://game3.pogo.com/v/9.0.3.12/applet/ad...ction-en_US.cabO16 - DPF: Backgammon by pogo -
http://game1.pogo.com/applet-8.0.9.41/back...ammon-en_US.cabO16 - DPF: Bingo Luau by pogo -
http://game1.pogo.com/v/8.1.7.44/applet/fr...bingo-en_US.cabO16 - DPF: Blackjack by pogo -
http://game3.pogo.com/v/9.0.9.8/applet/bla...kjack-en_US.cabO16 - DPF: Blackjack Carnival by pogo -
http://game3.pogo.com/v/9.0.5.4/applet/vbj...jack2-en_US.cabO16 - DPF: Blooop by pogo -
http://game3.pogo.com/v/9.0.1.14/applet/ca...scade-en_US.cabO16 - DPF: Bowling by pogo -
http://game3.pogo.com/v/9.0.2.1/applet/bow...wling-en_US.cabO16 - DPF: Checkers by pogo -
http://game1.pogo.com/v/8.1.1.13/applet/ch...ckers-en_US.cabO16 - DPF: Chess by pogo -
http://game3.pogo.com/v/8.1.7.44/applet/ch...hess2-en_US.cabO16 - DPF: Command and Conquer Attack Copter by pogo -
http://game1.pogo.com/applet-8.0.1.23/ccst...trike-en_US.cabO16 - DPF: Dice City Roller by pogo -
http://game3.pogo.com/v/9.0.1.7/applet/ytz/ytz-en_US.cabO16 - DPF: Dice Derby by pogo -
http://game1.pogo.com/v/8.1.6.3/applet/che...dflag-en_US.cabO16 - DPF: Dominoes v2 by pogo -
http://game3.pogo.com/v/9.1.8.1/applet/dom...mino2-en_US.cabO16 - DPF: Double Deuce Poker by pogo -
http://game3.pogo.com/v/9.0.1.7/applet/vid...deuce-en_US.cabO16 - DPF: First Class Solitaire by pogo -
http://game3.pogo.com/v/9.0.1.7/applet/fir...lass2-en_US.cabO16 - DPF: Fortune Bingo by pogo -
http://game3.pogo.com/v/9.0.1.7/applet/sup...bingo-en_US.cabO16 - DPF: Golf Solitaire by pogo -
http://game3.pogo.com/v/9.1.8.1/applet/gol...taire-en_US.cabO16 - DPF: Hangman Hijinks by pogo -
http://game3.pogo.com/v/9.0.8.20/applet/ha...ngman-en_US.cabO16 - DPF: Harvest Mania by pogo -
http://game1.pogo.com/v/8.1.6.21/applet/ha...rvest-en_US.cabO16 - DPF: Hearts by pogo -
http://game1.pogo.com/v/8.1.1.13/applet/he...earts-en_US.cabO16 - DPF: High Stakes Poker by pogo -
http://game1.pogo.com/v/8.1.2.24/applet/dr...poker-en_US.cabO16 - DPF: High Stakes Pool by pogo -
http://game3.pogo.com/v/9.2.4.6/applet/pool2/pool-en_US.cabO16 - DPF: Hog Heaven Slots by pogo -
http://game1.pogo.com/v/8.1.1.1/applet/fancy/fancy-en_US.cabO16 - DPF: Jungle Gin by pogo -
http://game3.pogo.com/v/9.1.1.1/applet/gin2/gin2-en_US.cabO16 - DPF: KenoPop! by pogo -
http://game3.pogo.com/v/8.2.1.12/applet/sp...dkeno-en_US.cabO16 - DPF: Lost Temple Poker by pogo -
http://game1.pogo.com/v/8.1.1.1/applet/mhp...poker-en_US.cabO16 - DPF: Lottso by pogo -
http://game3.pogo.com/v/9.0.6.14/applet/lo...ottso-en_US.cabO16 - DPF: Mah Jong Garden by pogo -
http://game3.pogo.com/v/9.0.8.20/applet/ma...jong2-en_US.cabO16 - DPF: Mahjong Safari by Pogo -
http://game3.pogo.com/v/9.0.6.14/applet/sa...afari-en_US.cabO16 - DPF: Makeover Madness by pogo -
http://game3.pogo.com/v/9.1.1.1/applet/shoes/shoes-en_US.cabO16 - DPF: No-Limit Texas Hold'em by pogo -
http://game1.pogo.com/v/8.1.0.25/applet/al...allin-en_US.cabO16 - DPF: Pai Gow by pogo -
http://game1.pogo.com/v/8.1.1.1/applet/pai...aigow-en_US.cabO16 - DPF: Payday Freecell Solitaire by pogo -
http://game3.pogo.com/v/9.1.6.34/applet/fr...cell2-en_US.cabO16 - DPF: Penguin Blocks by pogo -
http://game1.pogo.com/applet-8.0.9.33/peng...guins-en_US.cabO16 - DPF: Perfect Pair Solitaire by pogo -
http://game3.pogo.com/v/9.2.0.14/applet/wa...wheel-en_US.cabO16 - DPF: Phlinx by pogo -
http://game3.pogo.com/v/9.1.3.19/applet/fl...inger-en_US.cabO16 - DPF: Pop Fu by pogo -
http://game3.pogo.com/v/9.0.8.20/applet/po...popfu-en_US.cabO16 - DPF: PoppaZoppa by pogo -
http://game3.pogo.com/v/9.0.8.20/applet/po...zoppa-en_US.cabO16 - DPF: Poppit by pogo -
http://game1.pogo.com/v/8.1.2.12/applet/po...ppit2-en_US.cabO16 - DPF: Pseudoku by pogo -
http://game3.pogo.com/v/8.1.9.22/applet/ps...udoku-en_US.cabO16 - DPF: Quick Quack by pogo -
http://game3.pogo.com/v/9.0.9.8/applet/hot...treak-en_US.cabO16 - DPF: QWERTY by pogo -
http://game1.pogo.com/v/8.1.6.3/applet/squ...uares-en_US.cabO16 - DPF: Ride The Tide by pogo -
http://game1.pogo.com/v/8.1.0.23/applet/ride/ride-en_US.cabO16 - DPF: Scrabble by pogo -
http://game3.pogo.com/v/9.0.9.8/applet/scr...abble-en_US.cabO16 - DPF: Shuffle Bump by pogo -
http://game3.pogo.com/v/8.1.9.1/applet/puck/puck-en_US.cabO16 - DPF: Spider Solitaire by pogo -
http://game3.pogo.com/v/8.1.9.1/applet/spi...pider-en_US.cabO16 - DPF: Spooky Slots -
http://game1.pogo.com/v/8.1.2.12/applet/sp...pooky-en_US.cabO16 - DPF: Squelchies by pogo -
http://game3.pogo.com/v/9.2.0.14/applet/sq...chies-en_US.cabO16 - DPF: Stax by pogo -
http://game3.pogo.com/v/8.1.9.1/applet/stax/stax-en_US.cabO16 - DPF: Stellar Sweeper by pogo -
http://game3.pogo.com/v/8.1.6.21/applet/sw...eeper-en_US.cabO16 - DPF: Super Dominoes by pogo -
http://game1.pogo.com/v/8.1.6.3/applet/sup...omino-en_US.cabO16 - DPF: Sweet Tooth 2 by Pogo -
http://game3.pogo.com/v/9.0.1.7/applet/swe...ooth2-en_US.cabO16 - DPF: Sweet Tooth TM by pogo -
http://game1.pogo.com/v/8.1.1.13/applet/sw...tooth-en_US.cabO16 - DPF: Thousand Island Solitaire by pogo -
http://game1.pogo.com/v/8.1.7.44/applet/mi...lbrae-en_US.cabO16 - DPF: Tri-Peaks by pogo -
http://game3.pogo.com/v/9.1.1.1/applet/peaks/peaks-en_US.cabO16 - DPF: Trivial Pursuit by pogo -
http://game3.pogo.com/v/9.1.5.22/applet/tr...ivial-en_US.cabO16 - DPF: Tumble Bees by pogo -
http://game1.pogo.com/v/8.1.6.21/applet/tu...mbee2-en_US.cabO16 - DPF: Turbo 21 v2 by pogo -
http://game3.pogo.com/v/9.1.7.20/applet/tu...rbo22-en_US.cabO16 - DPF: Vaults of Atlantis Slots by pogo -
http://game3.pogo.com/v/9.2.0.14/applet/ml...slots-en_US.cabO16 - DPF: Wonderland Memories by pogo -
http://game3.pogo.com/v/9.0.8.20/applet/me...ories-en_US.cabO16 - DPF: Word Whomp by pogo -
http://game3.pogo.com/v/9.0.7.14/applet/wo...homp2-en_US.cabO16 - DPF: Word Whomp Whackdown by pogo -
http://game3.pogo.com/v/9.1.7.20/applet/wh...kdown-en_US.cabO16 - DPF: WordJong by pogo -
http://game3.pogo.com/v/9.2.0.14/applet/wo...djong-en_US.cabO16 - DPF: World Class Solitaire by pogo -
http://game3.pogo.com/v/9.0.8.20/applet/wo...class-en_US.cabO16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) -
http://acs.pandasoftware.com/activescan/cabs/as2stubie.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) -
http://www.pogo.com/cdl/launcher/PogoWebLa...erInstaller.CABO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/...b?1230009687031O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) -
http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cabO16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) -
http://support.f-secure.com/ols/fscax.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cabO20 - AppInit_DLLs: c:\windows\system32\buzatobo.dll c:\windows\system32\ranemude.dll,C:\WINDOWS\system32\meyadapi.dll pgdqyt.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
--
End of file - 15071 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\sdovkyeb.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4321A997-5748-4B69-A76A-B7927E7AF8A2}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6ADFDA1B-502F-4DD0-889D-2A8BFA21B08F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-12-08 2554944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll [2007-12-08 654832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-24 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-24 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F241BAA6-9BA8-42B9-B82C-266DB1FE0B07}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B42BF63C-5354-4C5C-A789-66EFEEC5E1B0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2009-01-25 86016]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2004-08-04 50176]
"NvCplDaemon"=NvQTwk,NvCplDaemon initialize []
"nwiz"=nwiz.exe /install []
"ShowIcon_KYE Electronics Corp._USB Storage R/W v1.14e057"=C:\Program Files\USB Storage RW\shwicon.exe [2002-07-03 49152]
"WINDVDPatch"=C:\WINDOWS\system32\CTHELPER.EXE [2002-07-02 24576]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe []
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe [2009-01-25 368640]
"StorageGuard"=C:\Program Files\VERITAS Software\Update Manager\sgtray.exe [2002-05-09 155648]
"QuickTime Task"=c:\program files\quicktime\qttask.exe [2009-01-05 413696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-24 148888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
hp center.lnk - C:\Program Files\hp center\137903\Program\BackWeb-137903.exe
Personal Coach.lnk - C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 15\minimavis.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\windows\system32\buzatobo.dll c:\windows\system32\ranemude.dll,C:\WINDOWS\system32\meyadapi.dll pgdqyt.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-03-23 356352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\WINDOWS\system32\meyadapi.dll
mtexbd.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"EnableProfileQuota"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=
"NoDriveAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\hp center\137903\Program\BackWeb-137903.exe"="C:\Program Files\hp center\137903\Program\BackWeb-137903.exe:*:Disabled:BackWeb-137903"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Disabled:LEXPPS.EXE"
"C:\WINDOWS\system32\logonui.exe"="C:\WINDOWS\system32\logonui.exe:*:Enabled:logonui"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:rundll32"
"C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe:*:Enabled:bdagent"
"C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe:*:Enabled:TeaTimer"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\USB Storage RW\Shwicon.exe"="C:\Program Files\USB Storage RW\Shwicon.exe:*:Enabled:shwicon"
"C:\WINDOWS\system32\drivers\svchost.exe"="C:\WINDOWS\system32\drivers\svchost.exe:*:Disabled:Ssydudor Ufuguty"
"C:\WINDOWS\svcho.exe"="C:\WINDOWS\svcho.exe:*:Enabled:enable"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Soulseek\slsk.exe"="C:\Program Files\Soulseek\slsk.exe:*:Disabled:SoulSeek"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c713c0f3-494f-11dd-942a-0040ca44ed2a}]
shell\Auto\command - K:\winlogon.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL winlogon.exe
======List of files/folders created in the last 1 months======
2009-06-07 09:34:09 ----D---- C:\rsit
2009-06-05 18:41:10 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-06-04 22:01:38 ----D---- C:\WINDOWS\system32\XPSViewer
2009-06-04 22:01:25 ----D---- C:\Program Files\MSBuild
2009-06-04 22:00:54 ----D---- C:\Program Files\Reference Assemblies
2009-06-04 21:52:47 ----D---- C:\WINDOWS\ie8updates
2009-06-04 21:49:16 ----HDC---- C:\WINDOWS\ie8
2009-05-17 14:24:59 ----A---- C:\WINDOWS\system32\AcroIEHelpe15.txt
2009-05-12 06:46:55 ----A---- C:\WINDOWS\system32\AcroIEHelpe14.txt
2009-05-10 15:02:38 ----A---- C:\WINDOWS\system32\AcroIEHelpe12.txt
======List of files/folders modified in the last 1 months======
2009-06-07 09:33:53 ----D---- C:\WINDOWS\Prefetch
2009-06-06 20:12:49 ----D---- C:\WINDOWS\system32\xmldm
2009-06-06 18:23:49 ----D---- C:\WINDOWS\temp
2009-06-06 16:59:18 ----A---- C:\WINDOWS\ModemLog_Lucent Win Modem.txt
2009-06-06 15:56:21 ----A---- C:\WINDOWS\{00000002-00000000-00000000-00001102-00000004-005B1102}.BAK
2009-06-06 15:56:08 ----D---- C:\WINDOWS\system32
2009-06-06 15:53:17 ----D---- C:\WINDOWS
2009-06-06 15:52:10 ----A---- C:\WINDOWS\ntbtlog.txt
2009-06-06 13:59:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-06 13:59:40 ----A---- C:\WINDOWS\bdagent.INI
2009-06-05 22:06:35 ----D---- C:\WINDOWS\system32\UAs
2009-06-05 21:59:05 ----RD---- C:\Program Files
2009-06-05 21:59:05 ----D---- C:\WINDOWS\system32\drivers
2009-06-05 21:58:10 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-05 21:28:02 ----D---- C:\WINDOWS\Help
2009-06-05 18:44:15 ----D---- C:\WINDOWS\system32\CatRoot
2009-06-05 18:42:39 ----D---- C:\WINDOWS\inf
2009-06-05 18:41:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-06-04 23:56:07 ----D---- C:\WINDOWS\Microsoft.NET
2009-06-04 23:55:56 ----RSD---- C:\WINDOWS\assembly
2009-06-04 23:47:19 ----SHD---- C:\WINDOWS\Installer
2009-06-04 23:47:19 ----D---- C:\Config.Msi
2009-06-04 23:44:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-06-04 23:43:58 ----D---- C:\WINDOWS\WinSxS
2009-06-04 23:32:52 ----A---- C:\WINDOWS\system32\powrprof.dll
2009-06-04 23:32:52 ----A---- C:\WINDOWS\system32\nsysp.ini
2009-06-04 23:32:52 ----A---- C:\WINDOWS\system32\nsysk.ini
2009-06-04 23:32:52 ----A---- C:\WINDOWS\system32\kernel32.dll
2009-06-04 23:32:49 ----A---- C:\WINDOWS\system32\wininet.dll
2009-06-04 23:32:49 ----A---- C:\WINDOWS\system32\nsysw.ini
2009-06-04 23:32:08 ----D---- C:\WINDOWS\system32\en-US
2009-06-04 23:32:07 ----D---- C:\WINDOWS\Media
2009-06-04 23:32:07 ----D---- C:\Program Files\Internet Explorer
2009-06-04 22:03:07 ----D---- C:\Program Files\SUPERAntiSpyware
2009-06-04 22:01:06 ----D---- C:\WINDOWS\Fonts
2009-06-04 21:52:56 ----A---- C:\WINDOWS\imsins.BAK
2009-06-04 21:52:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-06-01 08:40:04 ----A---- C:\WINDOWS\system32\AcroIEHelpe.txt
2009-05-31 13:17:59 ----HD---- C:\Documents and Settings\Administrator\Application Data\Corel
2009-05-30 15:43:48 ----D---- C:\WINDOWS\system32\cock
2009-05-30 02:09:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-29 11:40:19 ----D---- C:\WINDOWS\system32\wbem
2009-05-29 10:31:34 ----A---- C:\WINDOWS\lexstat.ini
2009-05-28 23:16:22 ----D---- C:\WINDOWS\system32\FxsTmp
2009-05-25 10:50:08 ----A---- C:\WINDOWS\system32\sysp.tmp
2009-05-25 10:50:08 ----A---- C:\WINDOWS\system32\sysk.tmp
2009-05-23 14:38:24 ----D---- C:\WINDOWS\system32\Macromed
2009-05-20 23:12:01 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-05-17 04:23:03 ----D---- C:\WINDOWS\network diagnostic
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-10-07 35840]
R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 SASDIFSV;SASDIFSV; \??\c:\program files\superantispyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-08-29 12032]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\System32\PfModNT.sys []
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 bdfsfltr;bdfsfltr; 730079007300740065006D00330032005C0044005200490056004500520053005C00620064006600730066006C00740072002E007300790073000000 []
R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys []
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-19 127948]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-19 837548]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-19 11068]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-19 213860]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-19 156604]
R3 EvcapMaui;Emuzed EvcapMaui Device; C:\WINDOWS\System32\DRIVERS\EvcapMau.sys [2002-08-22 166784]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ltmodem5;LT Modem Driver; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [2003-03-31 625537]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2002-09-04 933850]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-19 195432]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-03-08 13780]
R3 Profos;Profos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys []
R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2001-06-04 14112]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 Trufos;Trufos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys []
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpuz129;cpuz129; \??\C:\Program Files\PC Wizard 2008\pcwiz32.sys []
S3 DCamUSBVeo532;Veo Stingray/Connect Web Camera; C:\WINDOWS\System32\Drivers\ubVeo532.sys [2002-07-01 95232]
S3 Jukebox3;Jukebox3; C:\WINDOWS\System32\DRIVERS\ctpdusb.sys [2006-01-19 17280]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-08-07 47360]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\System32\CTsvcCDA.exe [1999-12-13 44032]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\ehome\ehSched.exe [2008-04-13 84992]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-24 152984]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-03-28 303104]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2009-01-25 1179648]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2002-09-04 61440]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-28 38912]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe [2009-01-25 1261568]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [2000-06-26 53520]
R2 XCOMM;BitDefender Communicator; C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe [2009-01-25 86016]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
R3 scan;BitDefender Threat Scanner; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-08 138680]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
----------------------------------------------------------------------------------------------------------------------------------------------------------------
info.txt logfile of random's system information tool 1.06 2009-06-07 09:34:15
======Uninstall list======
-->"C:\Program Files\Creative\SBAudigy\Program\Ctzapxx.EXE" /U /S
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {09DA4F91-2A09-4232-AB8C-6BC740096DE3}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {8214CC02-6271-4DC8-B8DD-779933450264}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C080B57-0D1E-4C73-B03B-68A9EF9F23F3}\Setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A731533B-B325-4D9C-91A4-D93C8E294C19}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A731533B-B325-4D9C-91A4-D93C8E294C19}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9 /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 5.0 Sprint-->MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft ShowBiz-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Arcsoft\Showbiz\Uninst.isu"
ArcSoft Software Suite-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ArcSoft\Software Suite\Uninst.isu"
Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe
BitDefender Antivirus 2008-->MsiExec.exe /I{0DE20CB1-3E10-411F-A7ED-75C9E11D4CC8}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
BrainBooster (remove only)-->K:\\uninstall.exe
ConvertXtoDVD 3.4.7.121-->"C:\Program Files\VSO\ConvertX\3\unins000.exe"
Creative Jukebox Driver-->C:\Program Files\Creative\Jukebox 3 Drivers\DrvUnins.exe /s
Detto IntelliMover Demo-->MsiExec.exe /X{E62C706B-1352-4DCA-B4D4-81C24750B70F}
Diner Dash-->K:\PROGRA~1\PLAYFI~1\DINERD~1\UNWISE.EXE K:\PROGRA~1\PLAYFI~1\DINERD~1\INSTALL.LOG
Dominoes Deluxe-->C:\WINDOWS\uninst.exe -fC:\WinGames.Inc\DominoDX\DeIsL1.isu
FL Studio v7.0-->"K:\FL-7-xxl\unins000.exe"
Galapago-->"K:\Galapago\unins000.exe"
GemMaster 2-->"C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {4EDAE550-ACA5-4EF6-88BD-9F2B8BC2982D}
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
hp center-->C:\WINDOWS\BWUnin-6.1.0.170.exe -AppId 137903
HP Digital Imaging Album Printing 1.0-->MsiExec.exe /X{47D4AF7B-EDE6-4ADB-8D2F-0BDA25C7321F}
HP Instant Support-->C:\PROGRA~1\HPINST~1\UNWISE.EXE C:\PROGRA~1\HPINST~1\INSTALL.LOG
HP Memories Disc-->MsiExec.exe /X{FF384BDE-429B-45AD-A0C6-E593393D9D1C}
hp toolkit-->c:\Windows\HPTK\unhptkit.exe
Imikimi Plugin 0.3.0-->MsiExec.exe /I{3E99B1F8-61B7-4317-AB38-855810CCE5C3}
Inactive HP Printer Drivers (Remove only)-->RunDll32 hpuninst.dll,InstallHinfSection UninstDefault 132 prntunin.inf
InterVideo MP3 XPack-->"C:\Program Files\InstallShield Installation Information\{99755640-9633-11D5-AB3C-0050DAB311CC}\setup.exe" REMOVEALL
InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{C1939820-A945-11D4-86F6-0001031E5712}\setup.exe" REMOVEALL
iTunes-->MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}
iWin Games (remove only)-->"K:\iWin Games\Uninstall.exe"
J2SE Runtime Environment 5.0 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
Java™ 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Jewel Quest 2 (remove only)-->"K:\Jewel Quest 2\Uninstall.exe"
Jewel Quest Solitaire (remove only)-->"C:\Program Files\iWin.com\Jewel Quest Solitaire\Uninstall.exe"
KBD-->C:\HP\KBD\KBD.EXE uninstalled
Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall
Lexmark X1100 Series-->C:\WINDOWS\System32\spool\drivers\w32x86\3\LXBKUN5C.EXE -dLexmark X1100 Series
Mahjong Towers Eternity (remove only)-->"C:\Program Files\Mahjong Towers Eternity\Uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Mavis Beacon Teaches Typing 15-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1F2EF0E-1EE5-4F0B-8A31-EE875EBD3F01}\SETUP.EXE" -l0x9
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Age of Empires Gold-->"K:\AOE_Game\UNINSTAL.EXE" /runtemp
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
MyDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5E835305-63BB-4E55-BBB7-EEBBE67774DB}\Setup.exe" -l0x9 -L0x9 /SMAINT
Mystery Case Files: Madame Fate (remove only)-->"C:\Program Files\Mystery Case Files - Madame Fate\Uninstall.exe"
Nancy Drew: Danger on Deception Island-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "K:\setup.exe" -l0x9
Nancy Drew: The Curse of Blackmoor Manor-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "K:\Nancy Drew\The Curse of Blackmoor Manor\setup.exe" -l0x9
NOMAD Explorer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C080B57-0D1E-4C73-B03B-68A9EF9F23F3}\Setup.exe" -l0x9 /remove
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
Oasis-->K:\PROGRA~1\PLAYFI~1\DINERD~1\OASIS\UNWISE.EXE K:\PROGRA~1\PLAYFI~1\DINERD~1\OASIS\INSTALL.LOG
OTOY-->RunDll32 C:\WINDOWS\DOWNLO~1\OTOYAX.dll,_RemoveGroove@16
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PC-Doctor for Windows-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\PC-DOC~1\INSTALL.LOG
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions-->C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
Quicken Financial Center-->C:\PROGRA~1\QUICKE~1\rem\UNWISE.EXE /s C:\PROGRA~1\QUICKE~1\rem\INSTALL.LOG
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
RecordNow Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
RecordNow-->MsiExec.exe /I{8214CC02-6271-4DC8-B8DD-779933450264}
Scholastic's I SPY Fantasy-->K:\PROGRA~1\SCHOLA~1\ISPYFA~1\UNWISE.EXE K:\PROGRA~1\SCHOLA~1\ISPYFA~1\INSTALL.LOG
Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Encoder (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 8 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP8$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913433)-->C:\WINDOWS\System32\MacroMed\Flash\genuinst.exe C:\WINDOWS\System32\MacroMed\Flash\KB913433.inf
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Sound Blaster Audigy-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9115E7DB-3B29-445A-802D-11E0AA945B7F}\Setup.exe" -l0x9
Space Rocks-->"C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {9FA01E11-9015-4140-B10A-5C6AA949B2FC}
Super Collapse! from GameHouse-->K:\PROGRA~1\GAMEHO~1\COLLAPSE\UNWISE.EXE /U K:\PROGRA~1\GAMEHO~1\COLLAPSE\INSTALL.LOG
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Top Ten Solitaire-->"C:\Program Files\Top Ten Solitaire\Uninstall.exe"
Update for Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
USB Storage R/W v1.14e057-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C00EC1DE-8FB6-4099-925E-BB03EC9F4557}\Setup.exe" -l0x9
Wal-Mart Digital Photo Manager-->MsiExec.exe /X{E8E9A39C-6F70-4261-816F-2B2DE8F7BB13}
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WordPerfect Productivity Pack-->C:\WINDOWS\Corel\Uninst32.exe
WordPerfect Productivity Pack-->C:\WINDOWS\Corel\uninst32.exe
=====HijackThis Backups=====
O22 - SharedTaskScheduler: ceroxylon - {c96395b8-ab09-46a4-b539-7ddf6e061808} - (no file) [2008-08-02]
O3 - Toolbar: Internet Service - {38BF827A-D7C5-46E1-A9A2-47B1B5BB5438} - C:\Program Files\Applications\iebr.dll (file missing) [2008-08-02]
O15 - Trusted Zone: *.doginhispen.com [2008-08-02]
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) [2008-08-02]
O2 - BHO: SpyWarningBHO Class - {F58FF278-2198-403b-9170-C95022A194C6} - C:\Program Files\ASpyC\SpyWarning.dll (file missing) [2008-08-02]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://us6.hpwis.com/ [2008-08-02]
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://us6.hpwis.com/ [2008-08-02]
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Applications\wcs.exe [2008-08-02]
O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file) [2008-08-02]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://srch-us6.hpwis.com/ [2008-08-02]
O4 - HKCU\..\Run: [ASpyC] "C:\Program Files\ASpyC\ASpyC.exe" [2008-08-02]
O15 - Trusted Zone: *.whataboutadog.com [2008-08-02]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://srch-us6.hpwis.com/ [2008-08-02]
O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file) [2008-08-03]
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Applications\wcs.exe [2008-08-03]
O2 - BHO: (no name) - {F58FF278-2198-403b-9170-C95022A194C6} - (no file) [2008-08-03]
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) [2008-08-03]
O3 - Toolbar: (no name) - {38BF827A-D7C5-46E1-A9A2-47B1B5BB5438} - (no file) [2008-08-03]
======Hosts File======
127.0.0.1 localhost
::1 localhost
209.44.111.57 alarm-security.microsoft.com
209.44.111.57 inetantivir.com
209.44.111.57 www.inetantivir.com
======Security center information======
AV: Bitdefender Antivirus
======System event log======
Computer Name: ORTEGACLAN
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 14569
Source Name: Tcpip
Time Written: 20090321235323.000000-360
Event Type: warning
User:
Computer Name: ORTEGACLAN
Event Code: 8
Message: Printer Lexmark X1100 Series was purged.
Record Number: 14521
Source Name: Print
Time Written: 20090318110830.000000-360
Event Type: warning
User: ORTEGACLAN\Administrator
Computer Name: ORTEGACLAN
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 14520
Source Name: Tcpip
Time Written: 20090318104335.000000-360
Event Type: warning
User:
Computer Name: ORTEGACLAN
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 14519
Source Name: Tcpip
Time Written: 20090318101500.000000-360
Event Type: warning
User:
Computer Name: ORTEGACLAN
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 0040CA44ED2A. The following
error occurred:
The operation was canceled by the user.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Record Number: 14513
Source Name: Dhcp
Time Written: 20090317154622.000000-360
Event Type: warning
User:
=====Application event log=====
Computer Name: ORTEGACLAN
Event Code: 485
Message: wuauclt (2360) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8).
Record Number: 10991
Source Name: ESENT
Time Written: 20090118151822.000000-360
Event Type: error
User:
Computer Name: ORTEGACLAN
Event Code: 485
Message: wuauclt (2360) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8).
Record Number: 10990
Source Name: ESENT
Time Written: 20090118151822.000000-360
Event Type: error
User:
Computer Name: ORTEGACLAN
Event Code: 485
Message: wuauclt (2360) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8).
Record Number: 10989
Source Name: ESENT
Time Written: 20090118151822.000000-360
Event Type: error
User:
Computer Name: ORTEGACLAN
Event Code: 485
Message: wuauclt (2360) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8).
Record Number: 10988
Source Name: ESENT
Time Written: 20090118151822.000000-360
Event Type: error
User:
Computer Name: ORTEGACLAN
Event Code: 485
Message: wuauclt (2360) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8).
Record Number: 10987
Source Name: ESENT
Time Written: 20090118151822.000000-360
Event Type: error
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;c:\Python22;C:\Program files\PC-Doctor for Windows XP\WINDSAPI;C:\Program Files\QuickTime\QTSystem;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0207
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.5.0_03\lib\ext\QTJava.zip
-----------------EOF-----------------
This topic is locked
Back to top
