Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop-ups, slow and internet shutting down, possible virus on the computer, ran RSIT


  • This topic is locked This topic is locked
2 replies to this topic

#1 tut2734

tut2734

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 09 June 2009 - 09:32 AM

I can't post a HiJack This log as when I google it to download it, or try to download it from you guys, the internet shuts down. It also runs really slow. I have internet explorer 8 and upgraded the updates as my parents use this computer and when I returned from college there were many to update. I know there must be a virus on here to keep it running slow, shutting down web pages for hijackthis and possibly others. Sometimes when you click on a website link it will take you to a random page also. Thank you for any help and time.

I posted this and got a reply to run RSIT. I ran it and worked. I was also told to post the log file:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Clayton Tuttle at 2009-06-08 18:42:48
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 26 GB (68%) free of 38 GB
Total RAM: 255 MB (36% free)


======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\sbtccoee.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D216076-93C9-477F-9BC7-9C39AD31640B}]
VINMaker - C:\WINDOWS\system32\kdpini.dll [2009-05-31 206864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-19 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"tgcmd"=C:\Program Files\support.com\bin\tgcmd.exe [2003-02-28 1843200]
"NvCplDaemon"=NvQTwk,NvCplDaemon initialize []
"diagent"=C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe [2002-04-03 135264]
"DellTouch"=C:\WINDOWS\MMKeybd.exe [2001-09-05 163840]
"BCMSMMSG"=C:\WINDOWS\BCMSMMSG.exe [2003-08-29 122880]
"AdaptecDirectCD"=C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe [2002-05-20 679936]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-19 148888]
"pccguide.exe"=C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe [2007-01-23 3429904]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2005-05-27 98304]
"90050146"=C:\Documents and Settings\All Users\Application Data\90050146\90050146.exe []
"10126843"=C:\Documents and Settings\All Users\Application Data\10126843\10126843.exe []
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-05-29 518488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"Microsoft Works Update Detection"=C:\Program Files\Microsoft Works\WkDetect.exe []
"Aim6"=C:\Program Files\AIM6\aim6.exe [2009-05-19 49968]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
EPSON Status Monitor 3 Environment Check 2.lnk - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_SRCV02.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\eabdeccabbab]
C:\WINDOWS\system32\eabdeccabbab.dll [2005-06-15 280079]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvVNdee]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\khfDsrop
"notification packages"=
scecli
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll, digeste.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\Program Files\Common Files\AOL\1125717339\ee\AOLServiceHost.exe"="C:\Program Files\Common Files\AOL\1125717339\ee\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\Program Files\Common Files\AOL\1132761285\ee\aolsoftware.exe"="C:\Program Files\Common Files\AOL\1132761285\ee\aolsoftware.exe:*:Enabled:AOL Services"
"C:\Program Files\Common Files\AOL\1132761285\ee\aim6.exe"="C:\Program Files\Common Files\AOL\1132761285\ee\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\Common Files\AOL\1132761285\ee\AOLServiceHost.exe"="C:\Program Files\Common Files\AOL\1132761285\ee\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\WINDOWS\LMI26.tmp\rescue.exe"="C:\WINDOWS\LMI26.tmp\rescue.exe:*:Enabled:rescue.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\LMI96.tmp\rescue.exe"="C:\WINDOWS\LMI96.tmp\rescue.exe:*:Enabled:rescue.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\Program Files\Common Files\AOL\1125717339\ee\AOLServiceHost.exe"="C:\Program Files\Common Files\AOL\1125717339\ee\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\Common Files\AOL\1132761285\ee\AOLServiceHost.exe"="C:\Program Files\Common Files\AOL\1132761285\ee\AOLServiceHost.exe:*:Enabled:AOL Services"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - D:\mri.exe


======List of files/folders created in the last 3 months======

2009-06-08 18:42:48 ----D---- C:\rsit
2009-05-26 21:47:02 ----D---- C:\Documents and Settings\Clayton Tuttle\Application Data\acccore
2009-05-26 21:45:20 ----D---- C:\Documents and Settings\All Users\Application Data\acccore
2009-05-26 21:44:29 ----D---- C:\Documents and Settings\All Users\Application Data\AOL OCP
2009-05-26 21:42:06 ----D---- C:\Program Files\Common Files\AOL
2009-05-26 21:41:29 ----D---- C:\Program Files\AIM6
2009-05-23 16:49:11 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-05-23 16:49:10 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-05-22 22:38:05 ----D---- C:\WINDOWS\ie8updates
2009-05-22 22:31:00 ----HDC---- C:\WINDOWS\ie8
2009-05-22 22:24:46 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-05-22 21:24:54 ----RHD---- C:\Documents and Settings\Clayton Tuttle\Application Data\Geek Squad 24 Hour Computer Support
2009-05-22 21:04:46 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-05-22 17:21:05 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-05-22 17:18:54 ----HDC---- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-05-22 17:18:20 ----D---- C:\Program Files\Lavasoft
2009-05-22 17:18:20 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-05-22 16:39:59 ----A---- C:\WINDOWS\system32\kdpini.dll
2009-05-20 22:04:22 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-05-20 22:03:44 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-05-19 21:04:44 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-05-19 20:51:40 ----D---- C:\WINDOWS\Prefetch
2009-05-19 19:12:51 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-05-19 19:12:30 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-05-19 19:12:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-05-19 19:11:56 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-05-19 19:11:43 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-05-19 19:11:30 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-05-19 19:11:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-05-19 19:10:57 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-05-19 19:10:42 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-05-19 19:10:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-05-19 19:10:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-05-19 19:09:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-05-19 19:08:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-05-19 19:07:48 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-05-19 19:06:56 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-05-19 19:06:10 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-05-19 19:05:50 ----HDC---- C:\WINDOWS\$NtUninstallKB953155$
2009-05-19 19:05:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-05-19 19:05:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-05-19 19:04:54 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-05-19 19:04:36 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-05-19 19:04:13 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-05-19 19:03:57 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-05-19 19:03:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-05-19 19:03:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-05-19 19:03:06 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-05-19 19:02:42 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-05-19 19:02:30 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-05-19 19:01:50 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-05-19 18:53:43 ----A---- C:\WINDOWS\setuplog.txt
2009-05-19 18:48:49 ----D---- C:\WINDOWS\system32\scripting
2009-05-19 18:48:44 ----D---- C:\WINDOWS\l2schemas
2009-05-19 18:48:43 ----D---- C:\WINDOWS\system32\en
2009-05-19 18:14:27 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-05-19 18:14:26 ----A---- C:\WINDOWS\system32\javaws.exe
2009-05-19 18:14:26 ----A---- C:\WINDOWS\system32\javaw.exe
2009-05-19 18:14:25 ----A---- C:\WINDOWS\system32\java.exe
2009-04-29 11:16:12 ----D---- C:\Documents and Settings\All Users\Application Data\10126843
2009-04-28 14:47:33 ----D---- C:\Documents and Settings\All Users\Application Data\05004015
2009-04-21 12:34:42 ----D---- C:\Documents and Settings\All Users\Application Data\Solt Lake Software
2009-04-16 22:26:12 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2009-04-16 22:26:00 ----HDC---- C:\WINDOWS\$NtUninstallKB961373_0$
2009-04-16 22:21:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2009-04-16 22:20:50 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2009-04-16 22:20:36 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2009-04-16 22:20:10 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2009-04-16 20:26:14 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2009-04-10 12:04:05 ----A---- C:\WINDOWS\DCEBoot.exe
2009-04-02 06:36:06 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2009-04-02 06:34:46 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2009-04-01 11:59:17 ----HDC---- C:\WINDOWS\$NtUninstallKB958690_0$
2009-03-09 17:41:52 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$

======List of files/folders modified in the last 3 months======

2009-06-08 18:44:21 ----D---- C:\Program Files\Trend Micro
2009-06-08 18:42:56 ----D---- C:\WINDOWS\temp
2009-06-08 09:32:40 ----A---- C:\WINDOWS\MSIOSD.INI
2009-06-08 09:32:40 ----A---- C:\WINDOWS\MMKEYBD.INI
2009-06-08 06:50:25 ----D---- C:\WINDOWS\system32\NtmsData
2009-06-07 13:14:55 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-04 10:46:25 ----SHD---- C:\WINDOWS\SYSTEM32
2009-05-29 11:30:12 ----D---- C:\WINDOWS
2009-05-29 11:03:12 ----SHD---- C:\WINDOWS\Installer
2009-05-29 11:03:09 ----HD---- C:\Config.Msi
2009-05-29 10:14:39 ----D---- C:\WINDOWS\system32\CatRoot2
2009-05-28 10:43:05 ----D---- C:\WINDOWS\network diagnostic
2009-05-26 21:45:33 ----D---- C:\Program Files\Viewpoint
2009-05-26 21:45:31 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2009-05-26 21:44:32 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-05-26 21:42:06 ----AD---- C:\Program Files\Common Files
2009-05-26 21:41:29 ----RAD---- C:\Program Files
2009-05-23 18:16:10 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-05-23 16:49:00 ----HD---- C:\WINDOWS\INF
2009-05-22 22:42:55 ----D---- C:\WINDOWS\system32\en-US
2009-05-22 22:42:54 ----RSHDC---- C:\WINDOWS\system32\DLLCACHE
2009-05-22 22:42:54 ----D---- C:\WINDOWS\Media
2009-05-22 22:42:54 ----D---- C:\WINDOWS\Help
2009-05-22 22:42:54 ----D---- C:\Program Files\Internet Explorer
2009-05-22 22:36:51 ----HD---- C:\WINDOWS\$hf_mig$
2009-05-22 22:36:23 ----A---- C:\WINDOWS\imsins.BAK
2009-05-22 22:16:21 ----D---- C:\WINDOWS\system32\CatRoot
2009-05-22 17:23:29 ----SD---- C:\WINDOWS\Tasks
2009-05-22 17:22:10 ----D---- C:\WINDOWS\system32\DRIVERS
2009-05-22 17:17:57 ----D---- C:\WINDOWS\WinSxS
2009-05-19 20:56:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-05-19 20:55:46 ----A---- C:\WINDOWS\OEWABLog.txt
2009-05-19 20:50:56 ----D---- C:\WINDOWS\system32\Setup
2009-05-19 20:50:56 ----D---- C:\WINDOWS\AppPatch
2009-05-19 20:50:55 ----D---- C:\WINDOWS\system32\WBEM
2009-05-19 20:50:53 ----RSD---- C:\WINDOWS\Fonts
2009-05-19 19:06:42 ----D---- C:\WINDOWS\SECURITY
2009-05-19 19:02:43 ----D---- C:\Program Files\Messenger
2009-05-19 18:49:34 ----D---- C:\WINDOWS\ServicePackFiles
2009-05-19 18:49:25 ----D---- C:\WINDOWS\IME
2009-05-19 18:48:52 ----D---- C:\WINDOWS\system32\USMT
2009-05-19 18:48:42 ----D---- C:\WINDOWS\system32\bits
2009-05-19 18:48:41 ----D---- C:\WINDOWS\PeerNet
2009-05-19 18:48:41 ----D---- C:\Program Files\Movie Maker
2009-05-19 18:42:44 ----D---- C:\WINDOWS\system32\Restore
2009-05-19 18:42:44 ----D---- C:\WINDOWS\system32\NPP
2009-05-19 18:42:42 ----D---- C:\WINDOWS\MSAGENT
2009-05-19 18:42:39 ----D---- C:\WINDOWS\SRCHASST
2009-05-19 18:42:35 ----D---- C:\Program Files\NetMeeting
2009-05-19 18:42:32 ----D---- C:\WINDOWS\system32\Com
2009-05-19 18:42:27 ----D---- C:\Program Files\Windows Media Player
2009-05-19 18:42:25 ----D---- C:\Program Files\Windows NT
2009-05-19 18:42:25 ----D---- C:\Program Files\Outlook Express
2009-05-19 18:42:20 ----D---- C:\Program Files\Common Files\System
2009-05-19 18:41:48 ----D---- C:\WINDOWS\system32\OOBE
2009-05-19 18:41:44 ----D---- C:\WINDOWS\SYSTEM
2009-05-19 18:36:12 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-05-19 18:35:47 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-05-19 18:28:43 ----D---- C:\WINDOWS\ehome
2009-05-19 18:11:17 ----D---- C:\Program Files\Java
2009-05-16 22:16:51 ----SD---- C:\Documents and Settings\Clayton Tuttle\Application Data\Microsoft
2009-05-14 06:21:49 ----A---- C:\WINDOWS\system32\MRT.INI
2009-05-07 03:16:29 ----A---- C:\WINDOWS\system32\MRT.exe
2009-04-29 10:47:03 ----D---- C:\Documents and Settings\Clayton Tuttle\Application Data\AdobeUM
2009-04-29 10:46:44 ----D---- C:\Program Files\Common Files\Adobe
2009-04-20 12:30:23 ----D---- C:\Documents and Settings\Clayton Tuttle\Application Data\Adobe
2009-04-20 12:06:39 ----A---- C:\WINDOWS\win.ini
2009-04-14 10:34:10 ----D---- C:\Program Files\GetModule
2009-04-10 11:46:20 ----ASH---- C:\WINDOWS\system32\porsDfhk.ini
2009-04-10 11:44:11 ----ASH---- C:\WINDOWS\system32\porsDfhk.ini2
2009-04-10 10:32:26 ----A---- C:\WINDOWS\system32\27eea584-.txt
2009-03-21 10:06:58 ----A---- C:\WINDOWS\system32\kernel32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2002-05-20 63760]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2002-05-20 23868]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2002-05-20 237568]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 OMCI;OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [2001-08-22 13632]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2002-05-20 123290]
R1 tmtdi;Trend Micro TDI Driver; C:\WINDOWS\system32\DRIVERS\tmtdi.sys [2006-12-29 75088]
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2002-05-20 206336]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-06-25 12032]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\System32\PfModNT.sys []
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R2 tmmbd;Trend Micro MBD Driver; C:\WINDOWS\system32\DRIVERS\tm_mbd_c.sys [2006-12-29 111888]
R2 tmpreflt;tmpreflt; C:\WINDOWS\system32\DRIVERS\tmpreflt.sys [2008-11-26 36368]
R2 tmxpflt;tmxpflt; C:\WINDOWS\system32\DRIVERS\tmxpflt.sys [2008-11-26 205328]
R2 vsapint;vsapint; C:\WINDOWS\system32\DRIVERS\vsapint.sys [2008-11-26 1195384]
R3 BCMModem;BCM V.92 56K Modem; C:\WINDOWS\System32\DRIVERS\BCMSM.sys [2003-08-29 1101696]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\DRIVERS\ctsfm2k.sys [2003-09-22 130192]
R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2002-05-20 25162]
R3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2004-08-19 154112]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2002-04-17 927133]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\System32\DRIVERS\ctoss2k.sys [2003-09-22 178672]
R3 P16X;Creative SB Live! Series (WDM); C:\WINDOWS\system32\drivers\P16X.sys [2003-09-22 1330048]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-03-08 13780]
R3 tmcfw;Trend Micro Common Firewall Service; C:\WINDOWS\system32\DRIVERS\TM_CFW.sys [2006-12-29 288848]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-13 42752]
S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys []
S3 EPUSBSTOR;EPSON USB Storage Driver; C:\WINDOWS\System32\DRIVERS\epusbsto.sys [2001-09-09 17976]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2004-12-14 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2004-12-14 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2004-12-14 21744]
S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2002-05-20 29990]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 Msikbd2k;DellTouch; C:\WINDOWS\System32\DRIVERS\msikbd2k.sys [2000-10-03 6942]
S3 NETMDUSB;Net MD; C:\WINDOWS\System32\Drivers\NETMDUSB.sys [2001-12-11 37087]
S3 NMSCFG;NIC Management Service Configuration Driver; \??\C:\WINDOWS\System32\drivers\NMSCFG.SYS []
S3 nv4;nv4; C:\WINDOWS\System32\DRIVERS\nv4.sys [2001-08-17 731648]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\System32\DRIVERS\wanatw4.sys [2002-10-15 33588]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\System32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\System32\DRIVERS\cbidf2k.sys [2002-06-25 13952]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-06-02 86606]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\System32\CTsvcCDA.exe [1999-12-13 44032]
R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe [2001-08-09 90112]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-19 152984]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-05-29 1005904]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2002-04-17 61440]
R2 PcCtlCom;Trend Micro Central Control Component; C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe [2007-01-23 1922576]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2004-09-29 69632]
R2 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2007-09-18 1174152]
R2 Tmntsrv;Trend Micro Real-time Service; C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe [2006-12-29 480784]
R2 TmPfw;Trend Micro Personal Firewall; C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe [2006-12-29 943696]
R2 tmproxy;Trend Micro Proxy Service; C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe [2006-12-29 566872]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 WANMiniportService;WAN Miniport (ATW) Service; C:\WINDOWS\wanmpsvc.exe [2003-08-27 65536]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [2000-06-26 53520]
R3 PcScnSrv;Trend Micro Protection Against Spyware ; C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe [2006-12-29 214544]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NMSSvc;Intel® NMS; C:\WINDOWS\System32\NMSSvc.exe [2002-02-27 1118208]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2002-03-13 65536]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.06 2009-06-08 18:44:52

======Uninstall list======

-->"C:\Program Files\Creative\SBLive\Program\Ctzapxx.EXE" /X /U /S /R
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{33AE85D9-0386-41AD-BD99-FDF3ABC19DBB}\Setup.exe" -l0x9 anything
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51F5239C-197B-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51F5239C-197B-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0.8-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70500000002}
AIM 6-->C:\Program Files\AIM6\uninst.exe
AOL Instant Messenger-->C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
BCM V.92 56K Modem-->C:\WINDOWS\BCMSMU.exe quiet
Canon Camera Access Library-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{901F8ED7-13E8-43EF-B738-2FE89B0588EB} /l1033
Canon Camera Support Core Library-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A1D0D14A-B776-4907-BC00-5149F2298086} /l1033
Canon Camera Window DC_DV 6 for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D}
Canon Camera Window DSLR 5 for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{0A146245-DB79-4197-BF5D-FE1A699A2CC7}
Canon Camera Window MC 6 for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D}
Canon MovieEdit Task for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{4DBBF091-FACD-422C-B43C-786335BD5398}
Canon PhotoRecord-->MsiExec.exe /X{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}
Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4}
Canon Utilities PhotoStitch 3.1-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6}
Canon ZoomBrowser EX (E)-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
Classic PhoneTools-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3436EE2-D5CB-4249-840B-3A0140CC34C3}\setup.exe" -l0x9 ControlPanel
Dell | Support-->MsiExec.exe /X{91E8A85F-2960-40ED-BA84-7F4567BB00C0}
Dell Modem-On-Hold-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
Dell Picture Studio - Dell Image Expert-->MsiExec.exe /I{151C555A-A9E7-4A2E-B6D7-165D04A3C956}
Dell ResourceCD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\setup.exe"
Dell Solution Center-->MsiExec.exe /X{11F1920A-56A2-4642-B6E0-3B31A12C9288}
DellTouch-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{706D5382-7381-4680-9DD0-161832578252}\setup.exe"
Digital Line Detect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
Easy CD Creator 5 Basic-->MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0}
EPSON Printer Software-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r
eViewStream-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{734B05F4-9145-4749-896C-9BF8777C0B76}\setup.exe" -l0x9 -uninst
Geek Squad 24 Hour Computer Support-->MsiExec.exe /I{187B8EFC-810D-4D9F-AC0D-601D7C84665D}
HighMAT Extension to Microsoft Windows XP CD Writing Wizard-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Extended Capabilities 4.7-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Image Zone 4.7-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.7-->"C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzscr01.exe" -datfile hposcr05.dat
HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
Intel® PRO Network Connections Drivers-->Prounstl.exe
Intel® PROSet II-->MsiExec.exe /I{01A4AEDE-F219-49A2-B855-16A016EAF9A4}
Internet Speed Monitor-->C:\Program Files\iCheck\Uninstall.exe
Java™ 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java™ 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Macromedia Flash Player 8-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\swflash.inf,DefaultUninstall,5
Macromedia Shockwave Player-->C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\Install.log
Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Encarta Encyclopedia Standard 2002-->MsiExec.exe /I{01001202-823E-46CD-A70E-BEE818F97169}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Money 2002 System Pack-->MsiExec.exe /I{CF5193F7-6B37-11D5-B7D2-00AA00A204F1}
Microsoft Money 2002-->MsiExec.exe /I{E7298FD5-1386-11D5-8D6C-0050DAD32D95}
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Picture It! Photo 2002-->MsiExec.exe /I{C769A271-7E1C-48F9-B331-474600DD4C06}
Microsoft Streets and Trips 2002-->MsiExec.exe /I{12BDDF23-B1DB-49C8-92D3-3E6841CCED61}
Microsoft VC9 runtime libraries-->MsiExec.exe /I{C4124E95-5061-4776-8D5D-E3D931C778E1}
Microsoft Windows Journal Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Microsoft Word 2002-->MsiExec.exe /I{911B0409-6000-11D3-8CFE-0050048383C9}
Microsoft Works 2002 Setup Launcher-->C:\Program Files\Microsoft Works Suite 2002\Setup\Launcher.exe D:\
Microsoft Works 6.0-->MsiExec.exe /I{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}
Microsoft Works Suite Add-in for Microsoft Word-->MsiExec.exe /I{C3A439E4-7303-491F-A678-CEA36A87D517}
Modem Helper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\Setup.exe" -l0x9 ControlPanel
MSN Music Assistant-->rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
MyDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5E835305-63BB-4E55-BBB7-EEBBE67774DB}\SETUP.EXE" -l0x9 /SMAINT
Net MD Simple Burner-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{47E09785-B2FB-11D5-B8EE-00B0D0D26B88}\setup.exe" UNINSTALL
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvdd.inf
OpenMG Jukebox-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1C877DA0-5EFF-11D4-9254-0000F460E7A9}\setup.exe" -l0x9 UNINSTALL
OpenMG Secure Module 3.0.03-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E84D2015-4FEB-40CC-A2DD-1A6B8BAC2429}\setup.exe" UNINSTALL
Paint Shop Pro 7-->MsiExec.exe /I{D6DE02C7-1F47-11D4-9515-00105AE4B89A}
Quicklinks-->"C:\WINDOWS\system32\viptr76yg.exe" -aiUej
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
Road Runner Medic 5.2-->"C:\Program Files\Support.com\TWC\uninstall.exe" /c "Remove Road Runner Medic 5.2?"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953155)-->"C:\WINDOWS\$NtUninstallKB953155$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Sony Net MD Help-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6BECFE0-74CE-11D5-B8A3-00B0D0D26B88}\setup.exe" UNINSTALL
Sound Blaster Live!-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{96E16100-A77F-4B31-B9AD-FFBA040EE1BD}\setup.exe" -l0x9
Trend Micro PC-cillin Internet Security 2007-->C:\PROGRA~1\TRENDM~1\INTERN~1\remove.exe
Trend Micro PC-cillin Internet Security 2007-->MsiExec.exe /X{BB4B6355-D38A-492C-873B-A1B2CF6C3832}
Update for Windows Internet Explorer 8 (KB969497)-->"C:\WINDOWS\ie8updates\KB969497-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Windows Defender Signatures-->MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows XP Application Compatibility Update[Q319580]-->C:\WINDOWS\$NtUninstallQ319580$\spuninst\spuninst.exe
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

======Hosts File======

127.0.0.1 www.pacimedia.com
127.0.0.1 www.exactsearch.net
127.0.0.1 www.contextplus.net
127.0.0.1 www.contextplus.net
127.0.0.1 www.contextplus.net
127.0.0.1 www.contextplus.net
127.0.0.1 www.contextplus.net
127.0.0.1 www.contextplus.net
127.0.0.1 www.contextplus.net
127.0.0.1 www.contextplus.net

======Security center information======

AV: Trend Micro PC-cillin Internet Security 2007
FW: Trend Micro PC-cillin Internet Security (Firewall)

======System event log======

Computer Name: D7MH5021
Event Code: 4
Message: Adapter Intel® PRO/100 M Desktop Adapter: Adapter Link Down

Record Number: 214884
Source Name: E100B
Time Written: 20080630191548.000000-240
Event Type: warning
User:

Computer Name: D7MH5021
Event Code: 8003
Message: The master browser has received a server announcement from the computer LIZ-AL2TOT79VNT
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{12FB6166-5DB.
The master browser is stopping or an election is being forced.

Record Number: 214883
Source Name: MRxSmb
Time Written: 20080630054951.000000-240
Event Type: error
User:

Computer Name: D7MH5021
Event Code: 8003
Message: The master browser has received a server announcement from the computer LIZ-AL2TOT79VNT
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{12FB6166-5DB.
The master browser is stopping or an election is being forced.

Record Number: 214878
Source Name: MRxSmb
Time Written: 20080629083619.000000-240
Event Type: error
User:

Computer Name: D7MH5021
Event Code: 4
Message: Adapter Intel® PRO/100 M Desktop Adapter: Adapter Link Down

Record Number: 214807
Source Name: E100B
Time Written: 20080628211317.000000-240
Event Type: warning
User:

Computer Name: D7MH5021
Event Code: 4
Message: Adapter Intel® PRO/100 M Desktop Adapter: Adapter Link Down

Record Number: 214781
Source Name: E100B
Time Written: 20080509165540.000000-240
Event Type: warning
User:

=====Application event log=====

Computer Name: D7MH5021
Event Code: 1517
Message: Windows saved user D7MH5021\Linda Tuttle registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 26172
Source Name: Userenv
Time Written: 20090410105801.000000-240
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: D7MH5021
Event Code: 1517
Message: Windows saved user D7MH5021\Clayton Tuttle registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 25666
Source Name: Userenv
Time Written: 20090404145640.000000-240
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: D7MH5021
Event Code: 8193
Message: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040206.

Record Number: 25659
Source Name: VSS
Time Written: 20090404121218.000000-240
Event Type: error
User:

Computer Name: D7MH5021
Event Code: 4609
Message: The COM+ Event System detected a bad return code during its internal processing. HRESULT was 800706BA from line 44 of d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.
Record Number: 25658
Source Name: EventSystem
Time Written: 20090404121218.000000-240
Event Type: error
User:

Computer Name: D7MH5021
Event Code: 1517
Message: Windows saved user NT AUTHORITY\LOCAL SERVICE registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 25657
Source Name: Userenv
Time Written: 20090404121105.000000-240
Event Type: warning
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\WINDOWS\System32;C:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\Common Files\STOPzilla!
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0204
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"ChatSupport"="C:\Program Files\Geek Squad\Geek Squad 24 Hour Computer Support\Geek Squad 24 Hour Computer Support.exe"

-----------------EOF-----------------

He also said to post this : Important: Be sure to mention that you tried to follow the Prep Guide but were unable to get DDS to run.

Edited by Orange Blossom, 27 June 2009 - 01:42 PM.
Moved to appropriate forum. ~ OB


BC AdBot (Login to Remove)

 


m

#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,723 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:11:01 PM

Posted 27 June 2009 - 01:47 PM

Hello tut2734,

I'm sorry for the delayed response here. A mishap occurred that I just discovered and this topic for some reason was deleted as a duplicate. Please accept my apologies for that. I have now restored it.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.


Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread. If you are still unable to run the DDS scan, please post an updated RSIT scan.


Thanks and again my apologies for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results, click no to the Optional_Scan
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. You can find information on A/V control HERE

Orange Blossom :thumbup2:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,723 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:11:01 PM

Posted 03 July 2009 - 09:12 PM

Due to the lack of feedback, this Topic is now closed.

In case you still have problems, please start a new topic.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users