Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Police Pro Virus


  • This topic is locked This topic is locked
30 replies to this topic

#1 socalkellie

socalkellie

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:21 PM

Posted 27 September 2009 - 01:46 AM

Posted originally in the 'Am I Infected' forum. http://www.bleepingcomputer.com/forums/t/259122/infected-with-windows-police-pro/ Followed all the steps the moderator asked me to do. Now he requests I post the OTL log and seek further assistance here.

My computer programs won't open. At times I will be able to open web pages but most of the time I'm not able to. 'Prevalence Reporter' is asking my Firewall for permissions and I get a Windows message saying that my computer has recovered from a serious error.

See log below. Thank you.


OTL logfile created on: 9/25/2009 11:01:01 PM - Run 1
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = )
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.48 Mb Total Physical Memory | 148.99 Mb Available Physical Memory | 29.13% Memory free
1.22 Gb Paging File | 0.89 Gb Available in Paging File | 72.80% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.27 Gb Total Space | 33.02 Gb Free Space | 47.67% Space Free | Partition Type: NTFS
Drive D: | 5.27 Gb Total Space | 0.91 Gb Free Space | 17.32% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-6JNHHU0520
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2007/11/14 16:05:06 | 00,075,304 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe
PRC - [2004/08/04 00:56:49 | 01,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/09/21 20:36:06 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2002/10/01 00:39:00 | 00,061,440 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2007/08/29 14:14:12 | 00,131,072 | ---- | M] (Sprint Spectrum, L.L.C) -- C:\Program Files\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
PRC - [2009/09/21 20:36:11 | 00,907,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/09/21 20:37:43 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/09/21 20:36:08 | 00,594,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/09/21 20:36:30 | 00,692,504 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/09/21 20:36:30 | 00,692,504 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [1998/05/07 17:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) -- C:\windows\system\hpsysdrv.exe
PRC - [2002/04/17 18:42:56 | 00,069,632 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
PRC - [2002/06/18 00:11:24 | 00,069,632 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
PRC - [2001/07/06 22:56:56 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\HP\KBD\KBD.EXE
PRC - [2007/11/14 16:05:06 | 00,919,016 | ---- | M] (Zone Labs, LLC) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2009/09/21 20:36:19 | 01,948,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2007/08/29 14:12:12 | 00,233,472 | ---- | M] (Sierra Wireless) -- C:\Program Files\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSCM.exe
PRC - [2002/04/17 18:49:16 | 00,077,824 | ---- | M] () -- c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
PRC - [2009/09/10 06:38:41 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/09/25 22:58:31 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/09/21 20:36:11 | 00,907,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
SRV - [2009/09/21 20:36:06 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2009/09/03 11:51:46 | 00,048,368 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper [On_Demand | Stopped])
SRV - [2004/08/04 00:56:44 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2002/10/01 00:39:00 | 00,061,440 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2007/08/29 14:14:12 | 00,131,072 | ---- | M] (Sprint Spectrum, L.L.C) -- C:\Program Files\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe -- (SPCSUtilityService [Auto | Running])
SRV - [2007/11/14 16:05:06 | 00,075,304 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2004/10/01 10:24:02 | 02,279,424 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
DRV - [2009/09/21 20:37:43 | 00,335,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
DRV - [2009/09/21 20:37:33 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
DRV - [2009/07/12 19:39:58 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])
DRV - [2002/10/21 11:21:00 | 00,082,784 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\DRIVERS\drvmcdb.sys -- (drvmcdb [Boot | Running])
DRV - [2002/09/05 22:27:12 | 00,028,416 | R--- | M] (Zero-Knowledge Systems Inc.) -- C:\WINDOWS\System32\DRIVERS\FREEDOM.SYS -- (Freedom [On_Demand | Running])
DRV - [2002/09/05 22:27:18 | 00,045,760 | R--- | M] (Zero-Knowledge Systems Inc.) -- C:\WINDOWS\System32\Drivers\FreeTdi.sys -- (FreeTdi [Auto | Running])
DRV - [2008/01/24 14:22:06 | 00,049,920 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2008/01/24 14:22:07 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2008/01/24 14:22:08 | 00,021,568 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2002/09/16 20:04:10 | 00,079,323 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Stopped])
DRV - [2003/03/31 14:29:00 | 00,625,537 | ---- | M] (LT) -- C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys -- (ltmodem5 [On_Demand | Running])
DRV - [2002/10/28 11:59:22 | 00,028,164 | ---- | M] (MusicMatch, Inc.) -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k [On_Demand | Running])
DRV - [2002/10/01 00:39:00 | 01,001,018 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2002/10/28 00:01:48 | 00,009,856 | R--- | M] (Padus, Inc.) -- C:\WINDOWS\System32\drivers\pfc.sys -- (pfc [On_Demand | Running])
DRV - [2001/06/04 15:00:00 | 00,014,112 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\System32\DRIVERS\PS2.sys -- (Ps2 [On_Demand | Running])
DRV - [2002/08/29 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2002/10/21 10:02:00 | 00,016,416 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\DRIVERS\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2004/08/03 22:31:32 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running])
DRV - [2004/08/03 22:29:51 | 00,166,912 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\DRIVERS\s3gnbm.sys -- (S3Psddr [On_Demand | Stopped])
DRV - [2009/09/15 11:42:46 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2009/09/15 11:42:48 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])
DRV - [2009/09/15 11:42:44 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2002/08/29 05:00:00 | 00,027,440 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2002/07/17 20:25:18 | 00,028,160 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\DRIVERS\SISAGP.sys -- (SISAGP [Boot | Running])
DRV - [2007/10/18 20:18:44 | 00,051,176 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\System32\ZoneLabs\srescan.sys -- (srescan [Boot | Running])
DRV - [2007/08/10 11:08:48 | 00,024,456 | ---- | M] () -- C:\WINDOWS\System32\drivers\swmsflt.sys -- (swmsflt [On_Demand | Running])
DRV - [2007/06/27 10:42:32 | 00,073,856 | ---- | M] (Sierra Wireless Inc.) -- C:\WINDOWS\System32\DRIVERS\swmx00.sys -- (SWMX00 [On_Demand | Running])
DRV - [2007/06/27 10:41:46 | 00,101,248 | ---- | M] (Sierra Wireless Inc.) -- C:\WINDOWS\System32\DRIVERS\SWNC5E00.sys -- (SWNC5E00 [On_Demand | Running])
DRV - [2002/03/04 12:10:00 | 00,027,648 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1 [Boot | Running])
DRV - [2007/11/14 16:05:16 | 00,394,952 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\System32\vsdatant.sys -- (vsdatant [System | Running])
DRV - [2002/09/16 20:05:26 | 00,091,678 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\drivers\ialmsbw.sys -- ({6080A529-897E-4629-A488-ABA0C29B635E} [System | Stopped])
DRV - [2002/09/16 20:05:36 | 00,071,514 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\drivers\ialmkchw.sys -- ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91} [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4069429892-668027140-1197146121-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us7.hpwis.com/
IE - HKU\S-1-5-21-4069429892-668027140-1197146121-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us7.hpwis.com/
IE - HKU\S-1-5-21-4069429892-668027140-1197146121-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-4069429892-668027140-1197146121-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://srch-us7.hpwis.com/
IE - HKU\S-1-5-21-4069429892-668027140-1197146121-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us7.hpwis.com/
IE - HKU\S-1-5-21-4069429892-668027140-1197146121-1003\S-1-5-21-4069429892-668027140-1197146121-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[2008/12/08 15:28:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\mozilla\Extensions
[2008/12/08 15:28:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/09/22 11:23:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\mozilla\Firefox\Profiles\kelmom2five@lasercom.net\extensions
[2007/11/04 18:58:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\mozilla\Firefox\Profiles\kelmom2five@lasercom.net\extensions\{075538f3-a7a9-498a-8e0d-12f2e2ff862a}
[2009/09/02 18:09:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\mozilla\Firefox\Profiles\kelmom2five@lasercom.net\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/12/17 17:42:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\mozilla\Firefox\Profiles\kelmom2five@lasercom.net\extensions\{285da7e0-729d-11db-9fe1-0800200c9a66}
[2008/12/08 17:03:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\mozilla\Firefox\Profiles\kelmom2five@lasercom.net\extensions\{646f1212-bb24-11db-8314-0800200c9a66}
[2008/09/27 08:48:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\mozilla\Firefox\Profiles\kelmom2five@lasercom.net\extensions\{BB359C50-BFC9-4f40-8302-3FE5A499A859}
[2008/04/29 21:23:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\mozilla\Firefox\Profiles\kelmom2five@lasercom.net\extensions\moveplayer@movenetworks.com
[2009/03/16 10:11:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\mozilla\Firefox\Profiles\kelmom2five@lasercom.net\extensions\plugin@yontoo.com
[2006/06/03 14:00:41 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/09/10 06:38:55 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/09/10 06:38:39 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/09/10 06:38:40 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/09/10 06:38:48 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2007/05/10 23:52:34 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2006/12/20 20:40:23 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2009/08/16 16:48:41 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/08/16 16:48:41 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/08/16 16:48:42 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/08/16 16:48:42 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/08/16 16:48:42 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/08/16 16:48:42 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/08/16 16:48:42 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2006/12/20 20:40:41 | 00,024,576 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll
[2006/12/20 20:40:18 | 00,081,920 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2009/09/03 11:52:20 | 00,030,912 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\mozilla firefox\plugins\np_gp.dll
[2008/12/08 15:28:20 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/12/08 15:28:20 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/12/08 15:28:20 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/12/08 15:28:20 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/12/08 15:28:20 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/12/08 15:28:20 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (PopKill Class) - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Zero Knowledge\Freedom\pkR.dll (Zero-Knowledge Systems Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (ZKBho Class) - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll (Zero-Knowledge Systems Inc.)
O2 - BHO: (no name) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)
O3 - HKU\S-1-5-21-4069429892-668027140-1197146121-1003\..\Toolbar\ShellBrowser: (hp toolkit) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL (Hewlett-Packard Company)
O4 - HKLM..\Run: [AutoTBar] C:\hp\bin\autotbar.exe File not found
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe ()
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\HP\KBD\KBD.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\System32\ps2.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [StorageGuard] C:\Program Files\VERITAS Software\Update Manager\sgtray.exe (VERITAS Software, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [ [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4069429892-668027140-1197146121-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1253564186453 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1253564507953 (MUWebControl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/10/28 10:36:29 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2002/09/11 04:02:32 | 00,000,045 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\*.tmp files]
[1 C:\WINDOWS\System32\*.tmp files]
[6 C:\WINDOWS\*.tmp files]
[2009/09/25 22:59:07 | 00,868,323 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop\sreng2.zip
[2009/09/25 22:58:29 | 00,514,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop\OTL.exe
[2009/09/25 22:57:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/09/23 18:09:31 | 53,640,3968 | -HS- | C] () -- C:\hiberfil.sys
[2009/09/23 17:30:19 | 00,005,924 | ---- | C] () -- C:\WINDOWS\freedom.backup.dat
[2009/09/23 17:15:44 | 00,000,000 | -HSD | C] -- C:\found.000
[2009/09/23 16:43:42 | 01,193,414 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/09/23 16:43:38 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/09/23 16:37:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Freedom
[2009/09/22 11:25:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/09/22 11:25:30 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/09/22 11:25:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\SUPERAntiSpyware.com
[2009/09/22 11:24:38 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/09/21 20:37:42 | 00,001,518 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 8.5.lnk
[2009/09/21 18:32:34 | 00,001,434 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop\Hoyle Board Games.lnk
[2009/09/21 17:38:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/09/21 16:43:30 | 00,007,208 | ---- | C] () -- C:\WINDOWS\System32\secupd.sig
[2009/09/21 16:43:30 | 00,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/09/21 16:42:41 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2009/09/21 16:42:41 | 00,023,024 | ---- | C] () -- C:\WINDOWS\System32\ieuinit.inf
[2009/09/21 13:28:24 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2009/09/21 13:28:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/09/21 13:25:57 | 00,351,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winhttp.dll
[2009/09/21 13:25:57 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2009/09/21 12:18:46 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009/09/21 12:18:32 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys
[2009/09/21 12:11:30 | 00,017,920 | ---- | C] (Sierra Wireless America, Inc.) -- C:\WINDOWS\System32\apintfnt.dll
[2009/09/21 12:10:45 | 00,001,081 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Sprint Mobile Broadband (Sierra).lnk
[2009/09/21 11:33:38 | 00,001,647 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop\Mozilla Firefox (Safe Mode).lnk
[2009/09/21 11:31:46 | 00,000,864 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop\Ad-Aware SE Personal.lnk
[2009/09/21 11:31:27 | 00,001,625 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop\Mozilla Firefox.lnk
[2009/09/21 01:05:03 | 00,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/09/21 01:01:00 | 00,000,000 | ---D | C] -- C:\Program Files\ZoneAlarmSB
[2009/09/21 00:58:53 | 00,075,248 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\zllsputility.exe
[2009/09/21 00:58:33 | 00,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2009/09/21 00:58:33 | 00,071,144 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\vsregexp.dll
[2009/09/21 00:58:31 | 00,083,432 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\zlcomm.dll
[2009/09/21 00:58:31 | 00,071,144 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\zlcommdb.dll
[2009/09/21 00:58:23 | 00,046,568 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\vswmi.dll
[2009/09/21 00:58:22 | 01,086,952 | ---- | C] (Python Software Foundation) -- C:\WINDOWS\System32\zpeng24.dll
[2009/09/21 00:58:22 | 00,099,816 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\vsxml.dll
[2009/09/21 00:58:21 | 00,275,944 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\vspubapi.dll
[2009/09/21 00:58:21 | 00,103,912 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\vsmonapi.dll
[2009/09/21 00:58:20 | 00,394,952 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\vsdatant.sys
[2009/09/21 00:58:20 | 00,353,366 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2009/09/21 00:57:46 | 00,472,552 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\vsutil.dll
[2009/09/21 00:57:46 | 00,157,160 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\vsinit.dll
[2009/09/21 00:57:46 | 00,083,432 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\vsdata.dll
[2009/09/21 00:50:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\My Documents\Unzipped
[2009/09/21 00:48:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\WinZip
[2009/09/21 00:46:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/09/21 00:46:01 | 00,000,000 | ---D | C] -- C:\Program Files\WinZip
[2009/09/21 00:42:21 | 00,001,905 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2009/09/21 00:42:21 | 00,001,905 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2009/09/21 00:41:28 | 00,000,000 | ---D | C] -- C:\swsetup
[2009/09/21 00:40:55 | 00,000,797 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop\Windows Media Player.lnk
[2009/09/21 00:37:04 | 00,000,064 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\dm.ini
[2009/09/21 00:34:27 | 04,194,441 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\sdi.db
[2009/09/21 00:29:58 | 00,006,144 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/21 00:29:58 | 00,000,128 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\fusioncache.dat
[2009/09/21 00:29:57 | 00,037,032 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/09/21 00:29:42 | 01,992,106 | -H-- | C] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\IconCache.db
[2009/09/21 00:01:21 | 00,000,638 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\My Documents\WW.rtf
[2009/09/21 00:01:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\ArcSoft
[2009/09/21 00:01:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Apple Computer
[2009/09/21 00:01:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\AdobeUM
[2009/09/21 00:01:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\AdobeAUM
[2009/09/21 00:01:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Adobe
[2009/09/21 00:01:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Leadertech
[2009/09/21 00:01:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Lavasoft
[2009/09/21 00:01:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Isotope 244
[2009/09/21 00:01:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Intuit
[2009/09/21 00:01:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\InterVideo
[2009/09/21 00:01:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\InterTrust
[2009/09/21 00:01:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\InstallShield
[2009/09/21 00:01:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Identities
[2009/09/21 00:01:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\HPAppData
[2009/09/21 00:01:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\HP
[2009/09/21 00:01:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\HotSync
[2009/09/21 00:01:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Help
[2009/09/21 00:01:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Express
[2009/09/21 00:01:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Download Manager
[2009/09/21 00:01:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\AVG8
[2009/09/21 00:00:50 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Microsoft
[2009/09/21 00:00:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Move Networks
[2009/09/21 00:00:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Motive
[2009/09/21 00:00:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Malwarebytes
[2009/09/21 00:00:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Macromedia
[2009/09/21 00:00:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Nova Development
[2009/09/21 00:00:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\NCH Swift Sound
[2009/09/21 00:00:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Mozilla
[2009/09/21 00:00:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\Apple
[2009/09/21 00:00:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\Adobe
[2009/09/21 00:00:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\ACDPhotoEditor
[2009/09/21 00:00:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop\Unused Desktop Shortcuts
[2009/09/21 00:00:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Yahoo!
[2009/09/21 00:00:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\VERITAS
[2009/09/21 00:00:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Thunderbird
[2009/09/21 00:00:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Sun
[2009/09/21 00:00:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Stamps.com Internet Postage
[2009/09/21 00:00:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Snapfish
[2009/09/21 00:00:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Sierra Wireless
[2009/09/21 00:00:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Share-to-Web Upload Folder
[2009/09/21 00:00:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\SampleView
[2009/09/21 00:00:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Real
[2009/09/21 00:00:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\Help
[2009/09/21 00:00:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\Google
[2009/09/21 00:00:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\Broderbund Software
[2009/09/21 00:00:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\ApplicationHistory
[2009/09/21 00:00:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\Apple Computer
[2009/09/21 00:00:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\IsolatedStorage
[2009/09/21 00:00:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\Intuit
[2009/09/21 00:00:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\Identities
[2009/09/21 00:00:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\HP
[2009/09/21 00:00:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\WMTools Downloaded Files
[2009/09/21 00:00:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\The Weather Channel
[2009/09/21 00:00:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\Seven Zip
[2009/09/21 00:00:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\RobloxVersions
[2009/09/21 00:00:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\RobloxDownloads
[2009/09/21 00:00:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\Roblox
[2009/09/21 00:00:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\PCHealth
[2009/09/21 00:00:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\Paint.NET
[2009/09/21 00:00:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\Mozilla
[2009/09/21 00:00:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\Microsoft
[2009/09/21 00:00:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\My Documents\My eBooks
[2009/09/21 00:00:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\My Documents\My Backups
[2009/09/21 00:00:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\My Documents\My Applications
[2009/09/21 00:00:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\My Documents\My Albums
[2009/09/21 00:00:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\My Documents\Clip Art Graphics
[2009/09/21 00:00:33 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\My Documents\My Music
[2009/09/21 00:00:32 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\My Documents\My Videos
[2009/09/21 00:00:32 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\My Documents\My Pictures
[2009/09/21 00:00:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\My Documents\Word Pad Files
[2009/09/21 00:00:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\My Documents\Whirlwind Pressure Wash
[2009/09/21 00:00:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\My Documents\TurboTax
[2009/09/21 00:00:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\My Documents\School
[2009/09/21 00:00:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\My Documents\My Scans
[2009/09/20 23:18:37 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdclass.sys
[2009/09/20 23:18:36 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\i8042prt.sys
[2009/09/20 22:38:10 | 00,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbstor.sys
[2009/09/20 19:40:46 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys
[2009/09/20 19:40:45 | 00,031,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys
[2009/09/20 19:40:38 | 00,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2009/09/20 19:40:37 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2009/09/20 19:40:35 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dmusic.sys
[2009/09/20 19:40:34 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2009/09/20 19:40:32 | 00,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2009/09/20 19:40:31 | 00,171,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2009/09/20 19:40:29 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2009/09/20 19:40:27 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2009/09/20 19:40:26 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mskssrv.sys
[2009/09/20 19:40:25 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspqm.sys
[2009/09/20 19:40:23 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspclock.sys
[2009/09/20 19:40:08 | 00,061,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ohci1394.sys
[2009/09/20 19:40:08 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\1394bus.sys
[2009/09/20 19:39:49 | 00,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2009/09/20 19:39:49 | 00,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2009/09/20 19:39:49 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009/09/20 19:39:49 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2009/09/20 19:39:49 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2009/09/20 19:39:49 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2009/09/20 19:39:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2009/09/20 19:39:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2009/09/20 18:30:28 | 16,121,856 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL
[2009/09/20 18:30:28 | 02,279,424 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS
[2009/09/20 17:44:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\images
[2009/09/20 15:05:55 | 00,000,036 | ---- | C] () -- C:\WINDOWS\System32\sysnet.dat
[2009/09/20 15:05:52 | 00,000,058 | ---- | C] () -- C:\WINDOWS\ppp4.dat
[2009/09/20 15:05:52 | 00,000,002 | ---- | C] () -- C:\WINDOWS\ppp3.dat
[2009/09/20 15:05:48 | 00,000,009 | ---- | C] () -- C:\WINDOWS\System32\bennuar.old
[2009/09/20 15:05:46 | 00,000,088 | ---- | C] () -- C:\WINDOWS\System32\sonhelp.htm
[2009/09/20 14:59:24 | 00,000,068 | ---- | C] () -- C:\WINDOWS\System32\gasfkymdbymbfp.dat
[2009/09/20 14:43:18 | 00,003,385 | ---- | C] () -- C:\WINDOWS\System32\gasfkynrowkilt.dat
[2009/09/09 10:20:23 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/06/07 13:04:22 | 00,000,047 | ---- | C] () -- C:\WINDOWS\NewMoon.ini
[2009/06/07 13:04:11 | 00,000,056 | ---- | C] () -- C:\WINDOWS\EwardScreenSaver.ini
[2009/05/23 13:42:27 | 00,000,206 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/12/26 13:17:12 | 01,299,082 | -HS- | C] () -- C:\WINDOWS\System32\djkwegwv.ini
[2008/12/26 13:14:51 | 00,736,084 | -HS- | C] () -- C:\WINDOWS\System32\ELmSrBeg.ini2
[2008/12/26 13:14:51 | 00,736,084 | -HS- | C] () -- C:\WINDOWS\System32\ELmSrBeg.ini
[2008/03/01 20:55:20 | 00,000,256 | ---- | C] () -- C:\WINDOWS\PROVW.INI
[2008/03/01 20:55:18 | 00,000,673 | ---- | C] () -- C:\WINDOWS\KPSTUDIO.INI
[2007/08/10 11:08:48 | 00,024,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2007/07/02 12:36:01 | 00,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll
[2007/07/02 12:36:01 | 00,047,272 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2007/07/02 12:07:41 | 00,000,076 | ---- | C] () -- C:\WINDOWS\mbjr.ini
[2007/05/02 10:59:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2006/12/26 23:42:33 | 00,005,113 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/11/28 15:56:33 | 00,000,053 | ---- | C] () -- C:\WINDOWS\VistaEmail.ini
[2006/10/30 20:12:10 | 00,000,476 | ---- | C] () -- C:\WINDOWS\KA.INI
[2006/09/17 19:08:18 | 00,000,397 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2006/08/16 19:20:26 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006/08/01 10:03:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/07/21 10:27:24 | 00,000,089 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2006/06/07 09:48:12 | 00,000,057 | ---- | C] () -- C:\WINDOWS\TLCAPPS.INI
[2006/03/20 22:49:46 | 00,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2006/01/31 16:28:51 | 00,074,752 | ---- | C] () -- C:\WINDOWS\System32\jst.dll
[2006/01/31 16:28:51 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\compJNI.dll
[2006/01/31 16:28:50 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\PMLJNI.dll
[2006/01/31 16:25:35 | 00,000,314 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2006/01/31 16:25:20 | 00,001,145 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2006/01/31 16:25:03 | 00,208,896 | ---- | C] () -- C:\WINDOWS\System32\HPP2800V.DLL
[2006/01/31 12:36:44 | 00,000,258 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2002/11/13 10:03:49 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2002/10/28 15:48:32 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/10/28 12:31:35 | 00,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2002/10/28 12:29:39 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll
[2002/10/28 12:29:38 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2002/10/28 12:18:04 | 00,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2002/10/28 12:17:57 | 00,000,626 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2002/10/28 12:12:23 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2002/10/28 11:42:00 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2002/10/28 11:34:32 | 00,266,240 | ---- | C] () -- C:\WINDOWS\System32\shpshftr.dll
[2002/10/28 11:31:05 | 00,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2002/10/28 11:23:47 | 00,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2002/10/28 11:23:47 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2002/10/28 11:23:25 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2002/10/28 10:40:15 | 00,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/10/28 09:23:12 | 00,000,659 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2002/10/28 09:23:04 | 00,000,503 | ---- | C] () -- C:\WINDOWS\win.ini
[2002/10/28 09:23:01 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2002/10/24 00:01:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/03/06 02:24:08 | 00,659,456 | R--- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2001/08/31 23:33:58 | 00,425,984 | ---- | C] () -- C:\WINDOWS\System32\VxDMDcDlg.dll
[2001/08/14 19:47:08 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\vxpsapi.dll
[2001/03/28 13:37:14 | 00,000,033 | ---- | C] () -- C:\WINDOWS\hppcap.ini
[2000/09/08 18:53:50 | 00,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll

========== Files - Modified Within 30 Days ==========

[1 C:\*.tmp files]
[1 C:\WINDOWS\System32\*.tmp files]
[6 C:\WINDOWS\*.tmp files]
[2009/09/25 23:22:00 | 00,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0055B6F3-8AC4-4A01-B757-7B1E3823BBE5}.job
[2009/09/25 23:00:00 | 00,000,310 | ---- | M] () -- C:\WINDOWS\tasks\hopwdhee.job
[2009/09/25 22:59:14 | 00,868,323 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop\sreng2.zip
[2009/09/25 22:58:31 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop\OTL.exe
[2009/09/25 22:53:46 | 00,353,366 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2009/09/25 22:53:46 | 00,000,249 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2009/09/25 22:53:27 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/09/25 22:53:19 | 53,640,3968 | -HS- | M] () -- C:\hiberfil.sys
[2009/09/25 22:53:19 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/09/24 19:15:36 | 00,005,924 | ---- | M] () -- C:\WINDOWS\freedom.backup.dat
[2009/09/24 19:09:09 | 00,000,503 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/09/24 19:09:09 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/09/24 19:09:09 | 00,000,199 | RHS- | M] () -- C:\boot.ini
[2009/09/23 07:27:14 | 00,153,176 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/09/23 07:21:01 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/09/21 20:37:43 | 00,335,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/09/21 20:37:42 | 00,001,518 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 8.5.lnk
[2009/09/21 20:37:41 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/09/21 20:37:33 | 41,622,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/09/21 20:37:33 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/09/21 20:36:50 | 00,112,900 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/09/21 20:36:47 | 00,463,779 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/09/21 18:32:40 | 00,000,397 | ---- | M] () -- C:\WINDOWS\SIERRA.INI
[2009/09/21 18:32:34 | 00,001,434 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop\Hoyle Board Games.lnk
[2009/09/21 17:57:55 | 00,037,032 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/09/21 17:57:44 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/09/21 17:43:18 | 00,416,732 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/09/21 17:43:18 | 00,365,076 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/09/21 17:43:18 | 00,046,080 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/09/21 17:40:29 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/09/21 17:13:28 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/09/21 17:13:27 | 00,250,032 | RHS- | M] () -- C:\ntldr
[2009/09/21 13:01:16 | 03,083,264 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2009/09/21 13:01:16 | 02,248,704 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2009/09/21 12:10:45 | 00,001,081 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Sprint Mobile Broadband (Sierra).lnk
[2009/09/21 11:33:38 | 00,001,647 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop\Mozilla Firefox (Safe Mode).lnk
[2009/09/21 11:31:46 | 00,000,864 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop\Ad-Aware SE Personal.lnk
[2009/09/21 11:31:27 | 00,001,625 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop\Mozilla Firefox.lnk
[2009/09/21 01:05:03 | 00,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/09/21 01:00:59 | 00,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2009/09/21 00:57:20 | 00,006,144 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/21 00:56:46 | 00,001,905 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2009/09/21 00:56:46 | 00,001,905 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2009/09/21 00:41:00 | 00,000,797 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop\Windows Media Player.lnk
[2009/09/21 00:40:58 | 00,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009/09/21 00:40:49 | 00,004,080 | RHS- | M] () -- C:\WINDOWS\System32\drivers\HP_DA192A-ABA 734N_YC_Pavi_QMX3063_E31NAheBLU4_4_IKM266-8235_S_V_BAM37308_T021216_WXH1_L409_M512_J80_7AMD_8Athlon XP 2400+_92_111C15811_N10EC8139_P_Z11C1044E_K_A11063059_U11063038_G10DE0172.MRK
[2009/09/20 23:56:42 | 00,000,993 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/09/20 17:49:01 | 00,000,058 | ---- | M] () -- C:\WINDOWS\ppp4.dat
[2009/09/20 17:49:01 | 00,000,002 | ---- | M] () -- C:\WINDOWS\ppp3.dat
[2009/09/20 17:47:30 | 00,003,385 | ---- | M] () -- C:\WINDOWS\System32\gasfkynrowkilt.dat
[2009/09/20 15:05:55 | 00,000,036 | ---- | M] () -- C:\WINDOWS\System32\sysnet.dat
[2009/09/20 15:05:48 | 00,000,009 | ---- | M] () -- C:\WINDOWS\System32\bennuar.old
[2009/09/20 15:05:46 | 00,000,088 | ---- | M] () -- C:\WINDOWS\System32\sonhelp.htm
[2009/09/20 14:59:24 | 00,000,068 | ---- | M] () -- C:\WINDOWS\System32\gasfkymdbymbfp.dat
[2009/09/14 23:37:45 | 00,000,006 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2009/09/14 23:37:14 | 00,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2009/09/13 08:38:37 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/09/09 10:20:23 | 00,000,118 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2009/08/28 14:38:20 | 24,689,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
< End of report >


OTL Extras logfile created on: 9/25/2009 11:01:01 PM - Run 1
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = )
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.48 Mb Total Physical Memory | 148.99 Mb Available Physical Memory | 29.13% Memory free
1.22 Gb Paging File | 0.89 Gb Available in Paging File | 72.80% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.27 Gb Total Space | 33.02 Gb Free Space | 47.67% Space Free | Partition Type: NTFS
Drive D: | 5.27 Gb Total Space | 0.91 Gb Free Space | 17.32% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-6JNHHU0520
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4069429892-668027140-1197146121-1003\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG8\avgam.exe" = C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07295ABF-1245-415A-BE06-863271753443}" = ShowBiz
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = RecordNow Update Manager
"{1EEE2A9F-6471-42fa-8923-E8879168CE26}" = HP Photo and Imaging 1.1 - Photosmart Cameras
"{1F7CCFA3-D926-4882-B2A5-A0217ED25597}" = PC-Doctor for Windows
"{28BA89E7-2F60-4BE7-BAA2-7949EB3FE527}" = Blasterball Wild
"{2B5DDB2C-0807-47FD-9C11-80EA761902C0}" = easy Internet sign-up
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{357ECB62-CD36-4B63-B57E-769D0CA174F4}" = Blasterball 2
"{3EA6838C-5C34-4F9C-A8DA-434D65DD1356}" = Men in Black II CROSSFIRE Trial Version
"{47D4AF7B-EDE6-4ADB-8D2F-0BDA25C7321F}" = HP Digital Imaging Album Printing 1.0
"{4F0AE1FB-4082-4A27-8363-05D292D92FB0}" = Virtual Warfare
"{5415BC25-6D6C-46C4-B34C-EA8470FE56D5}" = Blackhawk Striker
"{60E971B7-51A0-48CA-8687-C6B8F094A409}" = Simple Backup for My Pictures
"{6DCBB845-0FA4-4723-A40A-1F320C221C30}" = Sprint Mobile Broadband (Sierra)
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{753FE96B-D926-4B6C-BCFB-CC59153D004A}" = Snowboard Extreme
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8214CC02-6271-4DC8-B8DD-779933450264}" = RecordNow
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® 82845G Graphics Driver Software
"{8D5D99B8-DFA2-4018-ADE9-A6B83E655C65}" =
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD 4
"{9FA01E11-9015-4140-B10A-5C6AA949B2FC}" = Space Rocks
"{A27EAF80-CBFC-4F56-94E1-929A401D7515}" = Betty Bad
"{B43357AA-3A6D-4D94-B56E-43C44D09E548}" = Microsoft .NET Framework (English)
"{BC0EE7F1-32DE-4EE2-BE10-AE15DB394E84}" = PigPen
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E62C706B-1352-4DCA-B4D4-81C24750B70F}" = Detto IntelliMover Demo
"{EEF397AC-DAEF-4C04-90A9-5B2BD31875DC}" = Simple Installer - Multilanguage Version
"{F61F2821-694C-475F-99AB-6AF2EFDF40FD}" = Quicken 2003 New User Edition
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ArcSoft Software Suite" = ArcSoft Software Suite
"AVG8Uninstall" = AVG 8.5
"BackWeb-137903 Uninstaller" = hp center
"Hoyle Board Games" = Hoyle Board Games
"hp instant support" = HP Instant Support
"HPTOOLKIT" = hp toolkit
"Inactive HP Printer Drivers (Remove only)" = Inactive HP Printer Drivers (Remove only)
"Indeo® Software" = Indeo® Software
"InstallShield_{A0C4079C-097C-45BA-8D85-08C9FAF290FA}" = Freedom Security & Privacy
"InstallShield_{F61F2821-694C-475F-99AB-6AF2EFDF40FD}" = Quicken 2003 New User Edition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework Full v1.0.3705 (1033)" = Microsoft .NET Framework (English) v1.0.3705
"MUSICMATCH Jukebox" = MUSICMATCH Jukebox
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"PS2" = PS2
"Python 2.2 combined Win32 extensions" = Python 2.2 combined Win32 extensions
"Python 2.2.1" = Python 2.2.1
"S3Display" = S3Display
"S3Gamma2" = S3Gamma2
"S3Info2" = S3Info2
"Sierra Utilities" = Sierra Utilities
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"WeatherBug" = WeatherBug
"WildTangentDDC" = WildTangent Channel Manager
"Windows XP Service Pack" = Windows XP Service Pack 2
"WordPerfect Productivity Pack" = WordPerfect Productivity Pack
"ZoneAlarmSB Uninstall" = ZoneAlarm Spy Blocker

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/23/2009 9:51:34 PM | Computer Name = YOUR-6JNHHU0520 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.2180, faulting
module ntdll.dll, version 5.1.2600.2180, fault address 0x000106c3.

Error - 9/24/2009 9:05:10 PM | Computer Name = YOUR-6JNHHU0520 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.2180, faulting
module ntdll.dll, version 5.1.2600.2180, fault address 0x000106c3.

Error - 9/24/2009 9:20:59 PM | Computer Name = YOUR-6JNHHU0520 | Source = Application Error | ID = 1000
Description = Faulting application nwiz.exe, version 6.13.10.3190, faulting module
nview.dll, version 6.13.10.3190, fault address 0x00002429.

Error - 9/24/2009 9:21:15 PM | Computer Name = YOUR-6JNHHU0520 | Source = Application Hang | ID = 1002
Description = Hanging application Weather.exe, version 4.1.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 9/24/2009 10:14:01 PM | Computer Name = YOUR-6JNHHU0520 | Source = MsiInstaller | ID = 11304
Description = Product: QuickBooks -- Error 1304.Error writing to file "Intuit.QuickBooks.FCS.exe".


Note the error number and type this in a Web browser: www.quickbooks.com/support/install.html

Error - 9/24/2009 10:14:03 PM | Computer Name = YOUR-6JNHHU0520 | Source = MsiInstaller | ID = 10005
Description = Product: QuickBooks -- Error 2350.FDI server error

Error - 9/24/2009 10:14:04 PM | Computer Name = YOUR-6JNHHU0520 | Source = MsiInstaller | ID = 11334
Description = Product: QuickBooks -- Error 1334.The file 'intuit.quickbooks.fcs.exe1'
cannot be installed. Insert the QuickBooks CD and retry or note the error and type
this in a Web browser: www.quickbooks.com/support/update.html

Error - 9/25/2009 5:39:48 PM | Computer Name = YOUR-6JNHHU0520 | Source = Microsoft Fax | ID = 32045
Description = Fax Service failed to initialize because it could not initialize the
TAPI devices. Verify that the fax modem was installed and configured correctly. Win32
error code: 31. This error code indicates the cause of the error.

Error - 9/25/2009 11:58:27 PM | Computer Name = YOUR-6JNHHU0520 | Source = Microsoft Fax | ID = 32045
Description = Fax Service failed to initialize because it could not initialize the
TAPI devices. Verify that the fax modem was installed and configured correctly. Win32
error code: 31. This error code indicates the cause of the error.

Error - 9/26/2009 1:53:31 AM | Computer Name = YOUR-6JNHHU0520 | Source = Microsoft Fax | ID = 32045
Description = Fax Service failed to initialize because it could not initialize the
TAPI devices. Verify that the fax modem was installed and configured correctly. Win32
error code: 31. This error code indicates the cause of the error.

[ System Events ]
Error - 9/23/2009 7:22:40 PM | Computer Name = YOUR-6JNHHU0520 | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the AFD Networking Support
Environment service which failed to start because of the following error: %%31

Error - 9/23/2009 7:22:40 PM | Computer Name = YOUR-6JNHHU0520 | Source = Service Control Manager | ID = 7001
Description = The TrueVector Internet Monitor service depends on the vsdatant service
which failed to start because of the following error: %%31

Error - 9/23/2009 7:22:40 PM | Computer Name = YOUR-6JNHHU0520 | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31

Error - 9/23/2009 7:22:40 PM | Computer Name = YOUR-6JNHHU0520 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD AmdK7 AvgLdx86 AvgMfx86 AvgTdiX Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL
Tcpip
vsdatant

Error - 9/23/2009 7:23:02 PM | Computer Name = YOUR-6JNHHU0520 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 9/23/2009 7:23:07 PM | Computer Name = YOUR-6JNHHU0520 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 9/23/2009 7:33:55 PM | Computer Name = YOUR-6JNHHU0520 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 9/23/2009 7:34:02 PM | Computer Name = YOUR-6JNHHU0520 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 9/23/2009 7:35:33 PM | Computer Name = YOUR-6JNHHU0520 | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%2

Error - 9/23/2009 8:19:09 PM | Computer Name = YOUR-6JNHHU0520 | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%2


< End of report >

BC AdBot (Login to Remove)

 


#2 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:11:21 PM

Posted 11 October 2009 - 01:46 PM

Hello socalkellie,

Sorry for the delay. Please tell me how your computer is running now.

Note: If you already have Malwarebytes installed on your computer, then update, run it and post the log.

Please download Malwarebytes' Anti-Malware from one of these places:
http://download.cnet.com/Malwarebytes-Anti...&tag=button
http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.html
http://www.besttechie.net/mbam/mbam-setup.exe

Double Click mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Full Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy&Paste the entire MBAM report (even if it does not find anything) in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

****************
  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Select Files and Folders created in last 3 months
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized).
    info.txt can also be found at c:\RSIT\info.txt

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 socalkellie

socalkellie
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:21 PM

Posted 12 October 2009 - 01:25 PM

Hi Mike,

When I ran Malwarebytes it said 'no malicious items detected'.

I've scanned with SAS and scanned the partition with Dr. Web. I'm scanning the C drive right now. Other than the partition, I haven't been able to run a complete scan with Dr. Web scanner. It keeps giving me error messages.

The last time I ran AVG it detected several infected files upon opening.

When I boot into Safe Mode two user accounts are shown. Admin. and Owner. I can access Owner but not Admin. When I try to switch user accounts from the start menu, Admin. doesn't show. SAS said it needed to scan all user accounts.

If this is a lost cause I need to save the data that's on the hard drive if I can. It has all our business files on it and both my cd-writer and external hard drive will not work either. The last resort is to replace the hard drive and try to save our files if possible.

Thanks in advance,
Kellie

#4 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:11:21 PM

Posted 12 October 2009 - 01:42 PM

Hi Kellie,

You said this is a business or work computer.

Doesn't your work place have an IT dept? :(

In almost all work environments, the IT staff implement specific policies and procedures for the use of computer equipment and related resources.

In fact, most companies will require you to read those policies and sign a statement of understanding. Further, they usually have procedures in place to deal with infections on the network and do not approve of employees seeking help at an online forum or outside the business office.

If their typical solution is to re-image, then have your supervisor speak to them about taking another approach.

Let me know.
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#5 socalkellie

socalkellie
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:21 PM

Posted 12 October 2009 - 03:32 PM

Hi Kellie,

You said this is a business or work computer.

Doesn't your work place have an IT dept? :(

In almost all work environments, the IT staff implement specific policies and procedures for the use of computer equipment and related resources.

In fact, most companies will require you to read those policies and sign a statement of understanding. Further, they usually have procedures in place to deal with infections on the network and do not approve of employees seeking help at an online forum or outside the business office.

If their typical solution is to re-image, then have your supervisor speak to them about taking another approach.

Let me know.


Small Business Owner = Self-Employed :(

On another note, Dr. Web Scanner has picked up one virus so far called KillWind.exe. Keeping my fingers crossed I can complete the scan.

Kellie

#6 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:11:21 PM

Posted 12 October 2009 - 04:00 PM

Hi Kellie,

You forgot to post the RSIT logs. :(
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#7 socalkellie

socalkellie
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:21 PM

Posted 12 October 2009 - 04:13 PM

Mike,

I'll post that log as soon as Dr. Web is finished scanning.

Kellie

#8 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:11:21 PM

Posted 12 October 2009 - 04:20 PM

OK. :(
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#9 socalkellie

socalkellie
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:21 PM

Posted 12 October 2009 - 11:23 PM

I thought Dr. Web was going to finish the scan of the C drive this time but it didn't. I got the same error message 'e5zdcXP.exe has encountered a problem and needs to close. We are sorry for the inconvenience.'

5 items were picked up so far though: KillWind.exe, EN_CA-ie.reg, E5_07_OEM.exe\\acces..., E5_07_OEM.exe, and NPZONESB.DLL

#10 socalkellie

socalkellie
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:21 PM

Posted 13 October 2009 - 12:00 AM

Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2009-10-12 21:58:20
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 33 GB (46%) free of 71 GB
Total RAM: 511 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:58:48 PM, on 10/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\HP\KBD\KBD.EXE
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\LaCie\Backup Software\LaCieBackup.exe
C:\Program Files\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSCM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Desktop\RSIT.exe
C:\Program Files\trend micro\Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us7.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us7.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us7.hpwis.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Freedom Popup Killer - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Zero Knowledge\Freedom\pkR.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Freedom BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll
O2 - BHO: (no name) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AutoTBar] C:\hp\bin\autotbar.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [AlcxMonitor] ; ALCXMNTR.EXE
O4 - HKLM\..\Run: [BlockTracker] ; c:\hp\bin\BlockTracker.exe
O4 - HKLM\..\Run: [NvCplDaemon] ; RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] ; nwiz.exe /installquiet /keeploaded
O4 - HKCU\..\Run: [NVIEW] ; rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [Weather] ; C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [Zero Knowledge Freedom] ; C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1253564186453
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1253564507953
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{49C6D2D9-8362-4EEB-BA87-EC8218C69C9E}: NameServer = 68.28.50.91 68.28.58.92
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SPCSUtilityService - Sprint Spectrum, L.L.C - C:\Program Files\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 5952 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\hopwdhee.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{0055B6F3-8AC4-4A01-B757-7B1E3823BBE5}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-03-02 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3C060EA2-E6A9-4E49-A530-D4657B8C449A}]
PopKill Class - C:\Program Files\Zero Knowledge\Freedom\pkR.dll [2002-09-10 118834]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-09-21 1107224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56071E0D-C61B-11D3-B41C-00E02927A304}]
ZKBho Class - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll [2002-09-10 147511]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2009-09-21 262144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
"HotKeysCmds"=C:\WINDOWS\System32\hkcmd.exe [2002-09-09 114688]
"Share-to-Web Namespace Daemon"=c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-17 69632]
"CamMonitor"=c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe [2002-06-18 69632]
"KBD"=C:\HP\KBD\KBD.EXE [2001-07-06 61440]
"StorageGuard"=C:\Program Files\VERITAS Software\Update Manager\sgtray.exe [2002-06-18 155648]
"AutoTBar"=C:\hp\bin\autotbar.exe []
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-13 212992]
"PS2"=C:\WINDOWS\system32\ps2.exe [2002-06-14 81920]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2007-11-14 919016]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-09-21 1948440]
"AlcxMonitor"=; ALCXMNTR.EXE []
"BlockTracker"=; c:\hp\bin\BlockTracker.exe []
"NvCplDaemon"=; RUNDLL32.EXE NvQTwk,NvCplDaemon initialize []
"nwiz"=; nwiz.exe /installquiet /keeploaded []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NVIEW"=; rundll32.exe nview.dll,nViewLoadHook []
"Weather"=; C:\Program Files\AWS\WeatherBug\Weather.exe 1 []
"Zero Knowledge Freedom"=; C:\Program Files\Zero Knowledge\Freedom\Freedom.exe []
"LaCie Backup"=C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe [2005-08-04 2695168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpqtra08.exe [2008-03-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
C:\PROGRA~1\COMMON~1\Intuit\QUICKB~1\QBUpdate\qbupdate.exe [2009-04-24 972064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]
C:\PROGRA~1\Quicken\bagent.exe [2002-09-20 53248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-09-21 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2002-09-09 315392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tatertot.scr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 3 months======

2009-10-12 21:57:26 ----D---- C:\Program Files\trend micro
2009-10-12 21:57:23 ----D---- C:\rsit
2009-10-12 21:55:18 ----D---- C:\WINDOWS\LastGood
2009-10-08 13:43:05 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\LaCie
2009-10-08 13:42:40 ----D---- C:\Program Files\LaCie
2009-10-08 13:40:27 ----D---- C:\Program Files\Mediafour
2009-10-02 13:27:09 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-09-26 23:59:06 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-09-26 23:54:49 ----HDC---- C:\WINDOWS\$NtUninstallKB903235$
2009-09-26 23:50:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-09-26 23:49:48 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2009-09-26 23:46:51 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-09-25 23:36:28 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-09-25 23:03:53 ----D---- C:\Sreng2
2009-09-23 17:57:01 ----A---- C:\RootRepeal report 09-23-09 (17-57-01).txt
2009-09-23 17:15:44 ----SHD---- C:\found.000
2009-09-23 16:37:31 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Freedom
2009-09-23 07:18:19 ----HDC---- C:\WINDOWS\$NtUninstallKB873333$
2009-09-22 11:25:56 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-09-22 11:25:30 ----D---- C:\Program Files\SUPERAntiSpyware
2009-09-22 11:25:30 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\SUPERAntiSpyware.com
2009-09-22 11:24:38 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-09-21 17:38:10 ----D---- C:\WINDOWS\Prefetch
2009-09-21 17:29:44 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2009-09-21 16:42:41 ----N---- C:\WINDOWS\system32\ieencode.dll
2009-09-21 16:42:26 ----A---- C:\WINDOWS\005679_.tmp
2009-09-21 14:09:06 ----HDC---- C:\WINDOWS\$NtUninstallKB918439-IE6SP1-20060530.145346$
2009-09-21 13:28:24 ----D---- C:\Program Files\NOS
2009-09-21 13:28:24 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-09-21 13:25:57 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-09-21 13:25:57 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-09-21 12:11:30 ----A---- C:\WINDOWS\system32\apintfnt.dll
2009-09-21 01:01:00 ----D---- C:\Program Files\ZoneAlarmSB
2009-09-21 00:58:53 ----A---- C:\WINDOWS\zllsputility.exe
2009-09-21 00:58:33 ----A---- C:\WINDOWS\system32\vsregexp.dll
2009-09-21 00:58:33 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll
2009-09-21 00:58:31 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2009-09-21 00:58:31 ----A---- C:\WINDOWS\system32\zlcomm.dll
2009-09-21 00:58:23 ----A---- C:\WINDOWS\system32\vswmi.dll
2009-09-21 00:58:22 ----A---- C:\WINDOWS\system32\zpeng24.dll
2009-09-21 00:58:22 ----A---- C:\WINDOWS\system32\vsxml.dll
2009-09-21 00:58:21 ----A---- C:\WINDOWS\system32\vspubapi.dll
2009-09-21 00:58:21 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2009-09-21 00:57:46 ----A---- C:\WINDOWS\system32\vsutil.dll
2009-09-21 00:57:46 ----A---- C:\WINDOWS\system32\vsinit.dll
2009-09-21 00:57:46 ----A---- C:\WINDOWS\system32\vsdata.dll
2009-09-21 00:46:11 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2009-09-21 00:46:01 ----D---- C:\Program Files\WinZip
2009-09-21 00:41:28 ----D---- C:\swsetup
2009-09-21 00:37:04 ----ASH---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\desktop.ini
2009-09-21 00:37:04 ----A---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\dm.ini
2009-09-21 00:01:13 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\ArcSoft
2009-09-21 00:01:13 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Apple Computer
2009-09-21 00:01:13 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\AdobeUM
2009-09-21 00:01:13 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\AdobeAUM
2009-09-21 00:01:13 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Adobe
2009-09-21 00:01:12 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Leadertech
2009-09-21 00:01:12 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Lavasoft
2009-09-21 00:01:12 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Isotope 244
2009-09-21 00:01:12 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Intuit
2009-09-21 00:01:12 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\InterVideo
2009-09-21 00:01:12 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\InterTrust
2009-09-21 00:01:12 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\InstallShield
2009-09-21 00:01:12 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Identities
2009-09-21 00:01:12 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\HPAppData
2009-09-21 00:01:12 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\HP
2009-09-21 00:01:12 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\HotSync
2009-09-21 00:01:12 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Help
2009-09-21 00:01:12 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Express
2009-09-21 00:01:12 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Download Manager
2009-09-21 00:01:12 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\AVG8
2009-09-21 00:00:50 ----SD---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Microsoft
2009-09-21 00:00:50 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Move Networks
2009-09-21 00:00:50 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Motive
2009-09-21 00:00:50 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Malwarebytes
2009-09-21 00:00:50 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Macromedia
2009-09-21 00:00:49 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Nova Development
2009-09-21 00:00:49 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\NCH Swift Sound
2009-09-21 00:00:49 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Mozilla
2009-09-21 00:00:48 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Yahoo!
2009-09-21 00:00:48 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\VERITAS
2009-09-21 00:00:48 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Thunderbird
2009-09-21 00:00:48 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Sun
2009-09-21 00:00:48 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Stamps.com Internet Postage
2009-09-21 00:00:48 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Snapfish
2009-09-21 00:00:48 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Sierra Wireless
2009-09-21 00:00:48 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Share-to-Web Upload Folder
2009-09-21 00:00:48 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\SampleView
2009-09-21 00:00:48 ----D---- C:\Documents and Settings\Owner.YOUR-6JNHHU0520\Application Data\Real
2009-09-20 22:29:02 ----A---- C:\WINDOWS\DUMPcf75.tmp
2009-09-20 22:29:02 ----A---- C:\WINDOWS\DUMP947f.tmp
2009-09-20 20:25:52 ----A---- C:\WINDOWS\ntbtlog.txt
2009-09-20 19:39:49 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-09-20 17:44:23 ----AD---- C:\WINDOWS\system32\images
2009-09-09 10:20:23 ----A---- C:\WINDOWS\system32\MRT.INI
2009-09-09 10:17:22 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-09 10:17:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-08-31 11:09:10 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-08-31 11:06:01 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-08-23 09:50:41 ----D---- C:\WINDOWS\system32\XPSViewer
2009-08-23 09:50:27 ----D---- C:\Program Files\MSBuild
2009-08-23 09:49:54 ----D---- C:\Program Files\Reference Assemblies
2009-08-23 09:48:21 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-23 09:48:21 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-08-23 09:48:20 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-08-23 09:48:20 ----D---- C:\3b3080e5286884cf386dcbd9
2009-08-23 09:29:28 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-08-16 16:51:31 ----D---- C:\Program Files\iPod
2009-08-16 16:50:59 ----D---- C:\Program Files\iTunes
2009-08-16 16:50:59 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-08-16 16:49:19 ----D---- C:\Program Files\Bonjour
2009-08-16 16:47:41 ----D---- C:\Program Files\QuickTime
2009-08-15 21:46:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-08-15 21:46:27 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-08-15 21:46:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-08-15 21:46:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-08-15 21:45:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-08-15 21:45:42 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-08-15 21:45:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-08-15 21:45:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-08-15 21:42:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-07-19 22:41:02 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-19 22:40:53 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-19 22:37:02 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$

======List of files/folders modified in the last 3 months======

2009-10-12 21:57:26 ----RAD---- C:\Program Files
2009-10-12 21:56:12 ----HD---- C:\WINDOWS\inf
2009-10-12 21:55:40 ----D---- C:\WINDOWS\Internet Logs
2009-10-12 21:55:18 ----D---- C:\WINDOWS
2009-10-12 21:55:16 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-12 21:51:52 ----D---- C:\Program Files\Mozilla Firefox
2009-10-12 21:45:29 ----A---- C:\WINDOWS\ModemLog_Sierra Wireless AirCard 595U Modem Device.txt
2009-10-12 21:41:04 ----D---- C:\WINDOWS\Temp
2009-10-12 21:40:37 ----AC---- C:\WINDOWS\ModemLog_Lucent Win Modem.txt
2009-10-11 07:49:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-10 20:13:31 ----D---- C:\Documents and Settings
2009-10-09 16:52:04 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-10-09 08:21:59 ----HD---- C:\$AVG8.VAULT$
2009-10-08 13:42:48 ----SHD---- C:\WINDOWS\Installer
2009-10-08 13:42:44 ----HD---- C:\Config.Msi
2009-10-08 13:41:59 ----D---- C:\WINDOWS\Downloaded Installations
2009-10-08 12:51:23 ----D---- C:\Documents and Settings\All Users\Application Data\Intuit
2009-10-08 10:59:27 ----D---- C:\WINDOWS\system32
2009-10-08 10:59:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-08 10:55:08 ----D---- C:\WINDOWS\system32\wbem
2009-10-08 10:48:03 ----D---- C:\WINDOWS\system32\CatRoot
2009-10-08 10:47:47 ----RASHDC---- C:\WINDOWS\system32\dllcache
2009-10-08 10:47:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-10-02 13:59:27 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-10-02 13:29:40 ----A---- C:\WINDOWS\imsins.BAK
2009-10-02 13:29:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-10-02 13:29:13 ----D---- C:\WINDOWS\system32\FxsTmp
2009-10-02 13:28:52 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-10-02 13:28:37 ----D---- C:\Program Files\Messenger
2009-10-02 13:28:30 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-10-02 13:28:17 ----D---- C:\WINDOWS\system32\drivers
2009-10-02 13:28:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-10-02 13:27:45 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$
2009-10-02 13:26:47 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-10-02 13:25:49 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-09-27 00:00:07 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-09-26 23:59:18 ----D---- C:\WINDOWS\WinSxS
2009-09-26 23:59:01 ----HD---- C:\WINDOWS\$hf_mig$
2009-09-26 23:58:24 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-09-26 23:57:43 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-09-26 23:56:53 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-09-26 23:56:33 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-09-26 23:56:11 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-09-26 23:55:49 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-09-26 23:55:33 ----D---- C:\Program Files\Outlook Express
2009-09-26 23:54:02 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-09-26 23:53:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-09-26 23:51:09 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-09-26 23:50:20 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-09-26 23:49:23 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-09-26 23:48:36 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-09-26 23:48:13 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-09-26 23:47:52 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-09-26 23:47:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-09-26 23:47:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-09-25 23:52:32 ----A---- C:\WINDOWS\ModemLog_Sierra Wireless AirCard 595U Modem Device #2.txt
2009-09-25 22:53:20 ----D---- C:\WINDOWS\Minidump
2009-09-24 19:14:13 ----D---- C:\Program Files\Intuit
2009-09-24 19:09:09 ----RASH---- C:\boot.ini
2009-09-24 19:09:09 ----A---- C:\WINDOWS\win.ini
2009-09-24 19:09:09 ----A---- C:\WINDOWS\system.ini
2009-09-24 19:09:06 ----D---- C:\WINDOWS\pss
2009-09-24 18:19:02 ----D---- C:\WINDOWS\AppPatch
2009-09-24 17:59:17 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-09-23 07:20:49 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2009-09-23 07:20:37 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2009-09-23 07:20:18 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2009-09-23 07:20:01 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2009-09-23 07:19:29 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2009-09-23 07:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2009-09-23 07:18:54 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2009-09-23 07:18:43 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2009-09-23 07:18:05 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2009-09-23 07:17:36 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2009-09-23 07:17:16 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2009-09-23 07:16:32 ----HDC---- C:\WINDOWS\$NtUninstallKB904706$
2009-09-23 07:16:15 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2009-09-23 07:15:56 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2009-09-23 07:15:35 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2009-09-22 11:24:38 ----D---- C:\Program Files\Common Files
2009-09-21 20:37:41 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-09-21 18:32:40 ----AC---- C:\WINDOWS\SIERRA.INI
2009-09-21 18:32:16 ----D---- C:\SIERRA
2009-09-21 18:31:56 ----D---- C:\Program Files\Sierra On-Line
2009-09-21 18:16:09 ----D---- C:\WINDOWS\Debug
2009-09-21 18:15:14 ----D---- C:\WINDOWS\security
2009-09-21 18:13:10 ----HDC---- C:\WINDOWS\$NtUninstallKB924191$
2009-09-21 18:12:37 ----D---- C:\WINDOWS\Registration
2009-09-21 18:09:48 ----HDC---- C:\WINDOWS\$NtUninstallKB922819$
2009-09-21 18:09:30 ----HDC---- C:\WINDOWS\$NtUninstallKB923414$
2009-09-21 18:09:14 ----HDC---- C:\WINDOWS\$NtUninstallKB921883$
2009-09-21 18:08:55 ----HDC---- C:\WINDOWS\$NtUninstallKB922616$
2009-09-21 18:08:23 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2009-09-21 18:08:01 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2009-09-21 18:07:46 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2009-09-21 18:07:25 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$
2009-09-21 18:06:47 ----HDC---- C:\WINDOWS\$NtUninstallKB921398$
2009-09-21 18:06:18 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-09-21 18:05:40 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2009-09-21 18:05:34 ----HDC---- C:\WINDOWS\$NtUninstallKB898458$
2009-09-21 18:05:17 ----D---- C:\Program Files\Windows Media Player
2009-09-21 18:05:16 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2009-09-21 18:04:44 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2009-09-21 18:04:28 ----HDC---- C:\WINDOWS\$NtUninstallKB919007$
2009-09-21 18:04:18 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2009-09-21 18:04:01 ----HDC---- C:\WINDOWS\$NtUninstallKB917344$
2009-09-21 18:03:37 ----HDC---- C:\WINDOWS\$NtUninstallKB917953$
2009-09-21 18:03:00 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2009-09-21 18:02:15 ----HDC---- C:\WINDOWS\$NtUninstallKB917422$
2009-09-21 18:01:07 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2009-09-21 17:58:07 ----A---- C:\WINDOWS\OEWABLog.txt
2009-09-21 17:57:35 ----A---- C:\WINDOWS\setuplog.txt
2009-09-21 17:36:56 ----D---- C:\Program Files\Internet Explorer
2009-09-21 17:36:52 ----RSD---- C:\WINDOWS\Fonts
2009-09-21 17:20:16 ----D---- C:\WINDOWS\ime
2009-09-21 17:20:16 ----D---- C:\WINDOWS\Help
2009-09-21 17:19:56 ----D---- C:\WINDOWS\peernet
2009-09-21 17:19:56 ----D---- C:\Program Files\Movie Maker
2009-09-21 17:18:34 ----D---- C:\WINDOWS\system32\Restore
2009-09-21 17:18:34 ----D---- C:\WINDOWS\system32\npp
2009-09-21 17:18:34 ----D---- C:\WINDOWS\msagent
2009-09-21 17:18:30 ----D---- C:\WINDOWS\srchasst
2009-09-21 17:18:27 ----D---- C:\Program Files\NetMeeting
2009-09-21 17:18:24 ----D---- C:\WINDOWS\system32\Com
2009-09-21 17:18:19 ----D---- C:\Program Files\Windows NT
2009-09-21 17:18:08 ----D---- C:\Program Files\Common Files\System
2009-09-21 17:17:56 ----D---- C:\WINDOWS\system32\Setup
2009-09-21 17:17:44 ----D---- C:\WINDOWS\system32\oobe
2009-09-21 17:17:42 ----D---- C:\WINDOWS\system32\usmt
2009-09-21 17:17:39 ----D---- C:\WINDOWS\system
2009-09-21 17:14:20 ----RD---- C:\WINDOWS\Web
2009-09-21 17:13:28 ----RASH---- C:\NTDETECT.COM
2009-09-21 17:07:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-09-21 16:55:43 ----D---- C:\WINDOWS\EHome
2009-09-21 14:15:20 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2009-09-21 14:12:14 ----HDC---- C:\WINDOWS\$NtUninstallKB896424$
2009-09-21 14:08:09 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
2009-09-21 14:04:33 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2009-09-21 14:01:17 ----HDC---- C:\WINDOWS\$NtUninstallKB912919$
2009-09-21 13:57:56 ----HDC---- C:\WINDOWS\$NtUninstallKB913580_0$
2009-09-21 13:32:23 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-09-21 13:30:43 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-09-21 13:29:29 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2009-09-21 13:28:27 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-09-21 13:22:54 ----D---- C:\WINDOWS\SoftwareDistribution
2009-09-21 12:11:29 ----D---- C:\Program Files\Sierra Wireless
2009-09-21 01:05:03 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-09-21 00:58:58 ----D---- C:\WINDOWS\system32\ZoneLabs
2009-09-21 00:44:14 ----SHD---- C:\RECYCLER
2009-09-21 00:39:39 ----HD---- C:\Program Files\WindowsUpdate
2009-09-21 00:37:47 ----HD---- C:\hp
2009-09-20 23:57:26 ----SHD---- C:\System Volume Information
2009-09-20 23:18:49 ----HDC---- C:\WINDOWS\$NtUninstallQ331060$
2009-09-20 23:18:13 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-20 21:27:32 ----SD---- C:\WINDOWS\system32\Microsoft
2009-09-20 21:20:30 ----D---- C:\WINDOWS\system32\ras
2009-09-20 21:19:33 ----D---- C:\WINDOWS\system32\icsxml
2009-09-20 21:19:31 ----D---- C:\WINDOWS\system32\ias
2009-09-20 21:16:20 ----D---- C:\WINDOWS\addins
2009-09-20 21:16:17 ----D---- C:\WINDOWS\Media
2009-09-20 21:15:55 ----D---- C:\WINDOWS\Cursors
2009-09-20 21:15:23 ----D---- C:\Program Files\Common Files\Services
2009-09-20 21:14:16 ----RAD---- C:\WINDOWS\Offline Web Pages
2009-09-20 21:14:12 ----RASD---- C:\WINDOWS\assembly
2009-09-20 15:04:22 ----A---- C:\WINDOWS\ModemLog_Sierra Wireless AirCard 595U Modem Device #5.txt
2009-09-12 12:43:00 ----D---- C:\Program Files\Hollywood Pets
2009-09-10 06:36:13 ----D---- C:\Program Files\Microsoft Silverlight
2009-09-09 10:16:08 ----D---- C:\WINDOWS\ie8updates
2009-08-31 19:45:27 ----D---- C:\Program Files\palmOne
2009-08-28 14:38:20 ----A---- C:\WINDOWS\system32\MRT.exe
2009-08-23 09:50:30 ----D---- C:\WINDOWS\system32\en-US
2009-08-21 02:46:35 ----A---- C:\WINDOWS\system32\jscript.dll
2009-08-16 16:51:29 ----D---- C:\Program Files\Common Files\Apple
2009-08-16 16:18:00 ----D---- C:\Program Files\Apple Software Update
2009-08-15 20:49:19 ----AC---- C:\WINDOWS\WORDPAD.INI
2009-08-05 02:11:47 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-07-28 21:53:14 ----A---- C:\WINDOWS\system32\t2embed.dll
2009-07-28 21:53:14 ----A---- C:\WINDOWS\system32\fontsub.dll
2009-07-19 18:48:58 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-17 11:55:28 ----A---- C:\WINDOWS\system32\atl.dll
2009-07-14 04:03:14 ----N---- C:\WINDOWS\system32\tzchange.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-03 37376]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-09-21 335752]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-09-21 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-07-12 108552]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2007-11-14 394952]
R2 FreeTdi;Freedom Filter; C:\WINDOWS\System32\Drivers\FreeTdi.sys [2002-09-05 45760]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-10-01 2279424]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 Freedom;Freedom Miniport; C:\WINDOWS\System32\DRIVERS\FREEDOM.SYS [2002-09-05 28416]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 ltmodem5;LT Modem Driver; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [2003-03-31 625537]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2002-10-28 28164]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2002-10-01 1001018]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-28 9856]
R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2001-06-04 14112]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 swmsflt;swmsflt; C:\WINDOWS\System32\drivers\swmsflt.sys [2007-08-10 24456]
R3 SWMX00;Sierra Wireless USB MUX Driver (#00); C:\WINDOWS\System32\DRIVERS\swmx00.sys [2007-06-27 73856]
R3 SWNC5E00;Sierra Wireless MUX NDIS Driver (#00); C:\WINDOWS\System32\DRIVERS\SWNC5E00.sys [2007-06-27 101248]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 {6080A529-897E-4629-A488-ABA0C29B635E};Intel® Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2002-09-16 91678]
S2 mrtRate;mrtRate; C:\WINDOWS\system32\drivers\mrtRate.sys []
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel® Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2002-09-16 71514]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2008-01-24 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2008-01-24 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2008-01-24 21568]
S3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2002-09-16 79323]
S3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2004-08-03 166912]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 tatertot.scr;tatertot.scr; \??\C:\WINDOWS\system32\drivers\tatertot.scr.sys []
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-03 17024]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2004-08-03 5504]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-09-21 907032]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-09-21 298776]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2002-10-01 61440]
R2 SPCSUtilityService;SPCSUtilityService; C:\Program Files\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe [2007-08-29 131072]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2007-11-14 75304]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-04 267776]
S3 getPlusHelper;getPlus® Helper; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.06 2009-10-12 21:57:52

======Uninstall list======

-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\System32\\MSIEXEC.EXE /x {09DA4F91-2A09-4232-AB8C-6BC740096DE3}
-->C:\WINDOWS\System32\\MSIEXEC.EXE /x {60E971B7-51A0-48CA-8687-C6B8F094A409}
-->c:\WINDOWS\System32\\MSIEXEC.EXE /x {8214CC02-6271-4DC8-B8DD-779933450264}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39DA87A1-0B26-4562-A70C-2A6147366E47}\Setup.exe"
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8D5D99B8-DFA2-4018-ADE9-A6B83E655C65}\setup.exe" -l0x9 -L0x9anything
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F765BD0-B900-4EDE-A90B-61C8A9E95C42}\Setup.exe"
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD59025-5B73-4E12-B789-0028C5A573C2}\Setup.exe"
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Download Manager-->"C:\WINDOWS\System32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /Get1
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Apple Mobile Device Support-->MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ArcSoft Software Suite-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ArcSoft\Software Suite\Uninst.isu"
AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Betty Bad-->"C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {A27EAF80-CBFC-4F56-94E1-929A401D7515}
Blackhawk Striker-->"C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {5415BC25-6D6C-46C4-B34C-EA8470FE56D5}
Blasterball 2-->"C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {357ECB62-CD36-4B63-B57E-769D0CA174F4}
Detto IntelliMover Demo-->MsiExec.exe /X{E62C706B-1352-4DCA-B4D4-81C24750B70F}
easy Internet sign-up-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B5DDB2C-0807-47FD-9C11-80EA761902C0}\setup.exe" -l0x9
Freedom Security & Privacy-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{A0C4079C-097C-45BA-8D85-08C9FAF290FA}
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Hoyle Board Games-->C:\WINDOWS\IsUninst.exe -fC:\SIERRA\HCBG2\Uninst.isu
hp center-->C:\WINDOWS\BWUnin-6.1.0.153.exe -AppId 137903
HP Digital Imaging Album Printing 1.0-->MsiExec.exe /X{47D4AF7B-EDE6-4ADB-8D2F-0BDA25C7321F}
HP Instant Support-->C:\PROGRA~1\HPINST~1\UNWISE.EXE C:\PROGRA~1\HPINST~1\INSTALL.LOG
HP Photo and Imaging 1.1 - Photosmart Cameras-->MsiExec.exe /X{1EEE2A9F-6471-42fa-8923-E8879168CE26}
hp toolkit-->c:\Windows\HPTK\unhptkit.exe
Inactive HP Printer Drivers (Remove only)-->RunDll32 hpuninst.dll,InstallHinfSection UninstDefault 132 prntunin.inf
Indeo® Software-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Ligos\Indeo\Uninst.isu"
Intel® 82845G Graphics Driver Software-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
InterVideo WinDVD 4-->"C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
iTunes-->MsiExec.exe /I{4F5CE18C-D97D-48FF-A510-A0D90C918294}
KBD-->C:\HP\KBD\KBD.EXE uninstalled
LaCie Backup Software v1.5.2042-->MsiExec.exe /I{6DD9963C-271A-4A14-82B0-4DC148C52E58}
Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Men in Black II CROSSFIRE Trial Version-->"C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {3EA6838C-5C34-4F9C-A8DA-434D65DD1356}
Microsoft .NET Framework (English) v1.0.3705-->C:\WINDOWS\Microsoft.NET\Framework\Install.exe /u /p Microsoft .NET Framework Full v1.0.3705 (1033)
Microsoft .NET Framework (English)-->MsiExec.exe /X{B43357AA-3A6D-4D94-B56E-43C44D09E548}
Microsoft .NET Framework 1.0 Hotfix (KB928367)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\M928367\M928367Uninstall.msp"
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MUSICMATCH Jukebox-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\Uninst.isu" -cC:\PROGRA~1\MUSICM~1\MUSICM~1\unmatch.dll
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
PC-Doctor for Windows-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F7CCFA3-D926-4882-B2A5-A0217ED25597}\Setup.exe"
PigPen-->"C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {BC0EE7F1-32DE-4EE2-BE10-AE15DB394E84}
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions-->C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
Quicken 2003 New User Edition-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F61F2821-694C-475F-99AB-6AF2EFDF40FD} anything
RecordNow Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
RecordNow-->MsiExec.exe /I{8214CC02-6271-4DC8-B8DD-779933450264}
S3Display-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Display'
S3Gamma2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Gamma2'
S3Info2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Info2'
Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB903235)-->"C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
Security Update for Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Security Update for Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Security Update for Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Security Update for Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Security Update for Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Security Update for Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Security Update for Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
ShowBiz-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{07295ABF-1245-415A-BE06-863271753443}\Setup.exe" -l0x9
Sierra Utilities-->C:\Program Files\Sierra On-Line\sutil32.exe uninstall
Simple Backup for My Pictures-->MsiExec.exe /I{60E971B7-51A0-48CA-8687-C6B8F094A409}
Simple Installer - Multilanguage Version-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EEF397AC-DAEF-4C04-90A9-5B2BD31875DC}\setup.exe"
Snowboard Extreme-->"C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {753FE96B-D926-4B6C-BCFB-CC59153D004A}
Space Rocks-->"C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {9FA01E11-9015-4140-B10A-5C6AA949B2FC}
Sprint Mobile Broadband (Sierra)-->MsiExec.exe /I{6DCBB845-0FA4-4723-A40A-1F320C221C30}
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Virtual Warfare-->"C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {4F0AE1FB-4082-4A27-8363-05D292D92FB0}
WeatherBug-->C:\PROGRA~1\AWS\WEATHE~1\REMOVE.EXE /S
WildTangent Channel Manager-->C:\Program Files\WildTangent\DDC\DDCManager\Uninstall.exe
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows XP Hotfix - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
WordPerfect Productivity Pack-->c:\WINDOWS\Corel\Uninst32.exe
ZoneAlarm Spy Blocker-->rundll32 C:\PROGRA~1\ZONEAL~1\bar\1.bin\SpyBlock.dll,O

======Security center information======

AV: AVG Anti-Virus Free (outdated)
FW: ZoneAlarm Firewall

======System event log======

Computer Name: YOUR-6JNHHU0520
Event Code: 7
Message: The device, \Device\CdRom0, has a bad block.

Record Number: 1829
Source Name: Cdrom
Time Written: 20090927182359.000000-420
Event Type: error
User:

Computer Name: YOUR-6JNHHU0520
Event Code: 7
Message: The device, \Device\CdRom0, has a bad block.

Record Number: 1828
Source Name: Cdrom
Time Written: 20090927182359.000000-420
Event Type: error
User:

Computer Name: YOUR-6JNHHU0520
Event Code: 7
Message: The device, \Device\CdRom0, has a bad block.

Record Number: 1827
Source Name: Cdrom
Time Written: 20090927182359.000000-420
Event Type: error
User:

Computer Name: YOUR-6JNHHU0520
Event Code: 7
Message: The device, \Device\CdRom0, has a bad block.

Record Number: 1826
Source Name: Cdrom
Time Written: 20090927182359.000000-420
Event Type: error
User:

Computer Name: YOUR-6JNHHU0520
Event Code: 7000
Message: The mrtRate service failed to start due to the following error:
The system cannot find the file specified.


Record Number: 1780
Source Name: Service Control Manager
Time Written: 20090927175659.000000-420
Event Type: error
User:

=====Application event log=====

Computer Name: YOUR-6JNHHU0520
Event Code: 1000
Message: Faulting application avgnsx.exe, version 8.5.0.316, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00011629.

Record Number: 190
Source Name: Application Error
Time Written: 20090921204513.000000-420
Event Type: error
User:

Computer Name: YOUR-6JNHHU0520
Event Code: 1000
Message: Faulting application avgnsx.exe, version 8.5.0.316, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00011f52.

Record Number: 188
Source Name: Application Error
Time Written: 20090921204415.000000-420
Event Type: error
User:

Computer Name: YOUR-6JNHHU0520
Event Code: 1000
Message: Faulting application avgnsx.exe, version 8.5.0.316, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00011f6c.

Record Number: 186
Source Name: Application Error
Time Written: 20090921204341.000000-420
Event Type: error
User:

Computer Name: YOUR-6JNHHU0520
Event Code: 1000
Message: Faulting application avgnsx.exe, version 8.5.0.316, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00011629.

Record Number: 184
Source Name: Application Error
Time Written: 20090921204255.000000-420
Event Type: error
User:

Computer Name: YOUR-6JNHHU0520
Event Code: 1000
Message: Faulting application avgnsx.exe, version 8.5.0.316, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00010c27.

Record Number: 182
Source Name: Application Error
Time Written: 20090921204205.000000-420
Event Type: error
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\PC-Doctor\services;C:\Program Files\Sonic\MyDVD;
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0801
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"tvdumpflags"=8
"FP_NO_HOST_CHECK"=NO

-----------------EOF-----------------

#11 socalkellie

socalkellie
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:21 PM

Posted 13 October 2009 - 12:10 AM

info.txt logfile of random's system information tool 1.06 2009-10-12 21:57:52

======Uninstall list======

-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\System32\\MSIEXEC.EXE /x {09DA4F91-2A09-4232-AB8C-6BC740096DE3}
-->C:\WINDOWS\System32\\MSIEXEC.EXE /x {60E971B7-51A0-48CA-8687-C6B8F094A409}
-->c:\WINDOWS\System32\\MSIEXEC.EXE /x {8214CC02-6271-4DC8-B8DD-779933450264}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39DA87A1-0B26-4562-A70C-2A6147366E47}\Setup.exe"
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8D5D99B8-DFA2-4018-ADE9-A6B83E655C65}\setup.exe" -l0x9 -L0x9anything
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F765BD0-B900-4EDE-A90B-61C8A9E95C42}\Setup.exe"
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD59025-5B73-4E12-B789-0028C5A573C2}\Setup.exe"
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Download Manager-->"C:\WINDOWS\System32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /Get1
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Apple Mobile Device Support-->MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ArcSoft Software Suite-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ArcSoft\Software Suite\Uninst.isu"
AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Betty Bad-->"C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {A27EAF80-CBFC-4F56-94E1-929A401D7515}
Blackhawk Striker-->"C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {5415BC25-6D6C-46C4-B34C-EA8470FE56D5}
Blasterball 2-->"C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {357ECB62-CD36-4B63-B57E-769D0CA174F4}
Detto IntelliMover Demo-->MsiExec.exe /X{E62C706B-1352-4DCA-B4D4-81C24750B70F}
easy Internet sign-up-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B5DDB2C-0807-47FD-9C11-80EA761902C0}\setup.exe" -l0x9
Freedom Security & Privacy-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{A0C4079C-097C-45BA-8D85-08C9FAF290FA}
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Hoyle Board Games-->C:\WINDOWS\IsUninst.exe -fC:\SIERRA\HCBG2\Uninst.isu
hp center-->C:\WINDOWS\BWUnin-6.1.0.153.exe -AppId 137903
HP Digital Imaging Album Printing 1.0-->MsiExec.exe /X{47D4AF7B-EDE6-4ADB-8D2F-0BDA25C7321F}
HP Instant Support-->C:\PROGRA~1\HPINST~1\UNWISE.EXE C:\PROGRA~1\HPINST~1\INSTALL.LOG
HP Photo and Imaging 1.1 - Photosmart Cameras-->MsiExec.exe /X{1EEE2A9F-6471-42fa-8923-E8879168CE26}
hp toolkit-->c:\Windows\HPTK\unhptkit.exe
Inactive HP Printer Drivers (Remove only)-->RunDll32 hpuninst.dll,InstallHinfSection UninstDefault 132 prntunin.inf
Indeo® Software-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Ligos\Indeo\Uninst.isu"
Intel® 82845G Graphics Driver Software-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
InterVideo WinDVD 4-->"C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
iTunes-->MsiExec.exe /I{4F5CE18C-D97D-48FF-A510-A0D90C918294}
KBD-->C:\HP\KBD\KBD.EXE uninstalled
LaCie Backup Software v1.5.2042-->MsiExec.exe /I{6DD9963C-271A-4A14-82B0-4DC148C52E58}
Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Men in Black II CROSSFIRE Trial Version-->"C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {3EA6838C-5C34-4F9C-A8DA-434D65DD1356}
Microsoft .NET Framework (English) v1.0.3705-->C:\WINDOWS\Microsoft.NET\Framework\Install.exe /u /p Microsoft .NET Framework Full v1.0.3705 (1033)
Microsoft .NET Framework (English)-->MsiExec.exe /X{B43357AA-3A6D-4D94-B56E-43C44D09E548}
Microsoft .NET Framework 1.0 Hotfix (KB928367)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\M928367\M928367Uninstall.msp"
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MUSICMATCH Jukebox-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\Uninst.isu" -cC:\PROGRA~1\MUSICM~1\MUSICM~1\unmatch.dll
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
PC-Doctor for Windows-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F7CCFA3-D926-4882-B2A5-A0217ED25597}\Setup.exe"
PigPen-->"C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {BC0EE7F1-32DE-4EE2-BE10-AE15DB394E84}
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions-->C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
Quicken 2003 New User Edition-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F61F2821-694C-475F-99AB-6AF2EFDF40FD} anything
RecordNow Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
RecordNow-->MsiExec.exe /I{8214CC02-6271-4DC8-B8DD-779933450264}
S3Display-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Display'
S3Gamma2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Gamma2'
S3Info2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Info2'
Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB903235)-->"C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
Security Update for Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Security Update for Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Security Update for Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Security Update for Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Security Update for Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Security Update for Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Security Update for Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
ShowBiz-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{07295ABF-1245-415A-BE06-863271753443}\Setup.exe" -l0x9
Sierra Utilities-->C:\Program Files\Sierra On-Line\sutil32.exe uninstall
Simple Backup for My Pictures-->MsiExec.exe /I{60E971B7-51A0-48CA-8687-C6B8F094A409}
Simple Installer - Multilanguage Version-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EEF397AC-DAEF-4C04-90A9-5B2BD31875DC}\setup.exe"
Snowboard Extreme-->"C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {753FE96B-D926-4B6C-BCFB-CC59153D004A}
Space Rocks-->"C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {9FA01E11-9015-4140-B10A-5C6AA949B2FC}
Sprint Mobile Broadband (Sierra)-->MsiExec.exe /I{6DCBB845-0FA4-4723-A40A-1F320C221C30}
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Virtual Warfare-->"C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {4F0AE1FB-4082-4A27-8363-05D292D92FB0}
WeatherBug-->C:\PROGRA~1\AWS\WEATHE~1\REMOVE.EXE /S
WildTangent Channel Manager-->C:\Program Files\WildTangent\DDC\DDCManager\Uninstall.exe
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows XP Hotfix - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
WordPerfect Productivity Pack-->c:\WINDOWS\Corel\Uninst32.exe
ZoneAlarm Spy Blocker-->rundll32 C:\PROGRA~1\ZONEAL~1\bar\1.bin\SpyBlock.dll,O

======Security center information======

AV: AVG Anti-Virus Free (outdated)
FW: ZoneAlarm Firewall

======System event log======

Computer Name: YOUR-6JNHHU0520
Event Code: 7
Message: The device, \Device\CdRom0, has a bad block.

Record Number: 1829
Source Name: Cdrom
Time Written: 20090927182359.000000-420
Event Type: error
User:

Computer Name: YOUR-6JNHHU0520
Event Code: 7
Message: The device, \Device\CdRom0, has a bad block.

Record Number: 1828
Source Name: Cdrom
Time Written: 20090927182359.000000-420
Event Type: error
User:

Computer Name: YOUR-6JNHHU0520
Event Code: 7
Message: The device, \Device\CdRom0, has a bad block.

Record Number: 1827
Source Name: Cdrom
Time Written: 20090927182359.000000-420
Event Type: error
User:

Computer Name: YOUR-6JNHHU0520
Event Code: 7
Message: The device, \Device\CdRom0, has a bad block.

Record Number: 1826
Source Name: Cdrom
Time Written: 20090927182359.000000-420
Event Type: error
User:

Computer Name: YOUR-6JNHHU0520
Event Code: 7000
Message: The mrtRate service failed to start due to the following error:
The system cannot find the file specified.


Record Number: 1780
Source Name: Service Control Manager
Time Written: 20090927175659.000000-420
Event Type: error
User:

=====Application event log=====

Computer Name: YOUR-6JNHHU0520
Event Code: 1000
Message: Faulting application avgnsx.exe, version 8.5.0.316, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00011629.

Record Number: 190
Source Name: Application Error
Time Written: 20090921204513.000000-420
Event Type: error
User:

Computer Name: YOUR-6JNHHU0520
Event Code: 1000
Message: Faulting application avgnsx.exe, version 8.5.0.316, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00011f52.

Record Number: 188
Source Name: Application Error
Time Written: 20090921204415.000000-420
Event Type: error
User:

Computer Name: YOUR-6JNHHU0520
Event Code: 1000
Message: Faulting application avgnsx.exe, version 8.5.0.316, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00011f6c.

Record Number: 186
Source Name: Application Error
Time Written: 20090921204341.000000-420
Event Type: error
User:

Computer Name: YOUR-6JNHHU0520
Event Code: 1000
Message: Faulting application avgnsx.exe, version 8.5.0.316, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00011629.

Record Number: 184
Source Name: Application Error
Time Written: 20090921204255.000000-420
Event Type: error
User:

Computer Name: YOUR-6JNHHU0520
Event Code: 1000
Message: Faulting application avgnsx.exe, version 8.5.0.316, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00010c27.

Record Number: 182
Source Name: Application Error
Time Written: 20090921204205.000000-420
Event Type: error
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\PC-Doctor\services;C:\Program Files\Sonic\MyDVD;
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0801
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"tvdumpflags"=8
"FP_NO_HOST_CHECK"=NO

-----------------EOF-----------------

#12 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:11:21 PM

Posted 13 October 2009 - 12:12 AM

Hi kellie ,


Before we start, do you have all your business files backed up?
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#13 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:11:21 PM

Posted 13 October 2009 - 12:15 AM

Is your AVG Anti-Virus outdated? When was the last time you updated and ran it?
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#14 socalkellie

socalkellie
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:21 PM

Posted 13 October 2009 - 12:14 PM

Hi kellie ,


Before we start, do you have all your business files backed up?


I can't back anything up. My cd-writer drive and external hard drive won't work.

#15 socalkellie

socalkellie
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:21 PM

Posted 13 October 2009 - 12:16 PM

Is your AVG Anti-Virus outdated? When was the last time you updated and ran it?


The computer hasn't been used so it hasn't updated. I last ran a scan a few days ago but other than that the computer has been shut down for 2 weeks.

Edited by socalkellie, 13 October 2009 - 12:18 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users