Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Internet Freezes and Prompts to you Close it

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Internet Freezes and Prompts to you Close it

Unread postby wordgirl » February 13th, 2009, 10:50 pm

Hello,

My internet after a few minutes of use displays a small white box in the upper left corner and then an error message that it needs to close (when it happens again I can post a screenshot if you need). This happens every time I use it for the past week or so and mcafee nor spybot removed anything that helped. Here is my HijackThis log:

Thank you in advance for your help.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:17:26 PM, on 2.13.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Consumer Input Rewarded with MyPoints, Consumer Input\ConsumerInputRewardedwithMyPoints,ConsumerInputUa.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\Zards software\Startup Defender\Startup Defender.exe
C:\Program Files\Vision Defense\Vision Defense.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\VirusScan\McShield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Consumer Input Rewarded with MyPoints, Consumer Input\ConsumerInputRewardedwithMyPoints,ConsumerInput.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\eMusic Download Manager\xulrunner\xulrunner.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\wordgirl.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.careerstep.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Merriam-Webster Online BHO - {5ADA9CAC-04F9-4DD2-ABFD-74D673BE8624} - C:\WINDOWS\_MWOLTB.DLL
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MYPOINTS - {A057A204-BACC-4D26-CEC4-75A487FD6484} - C:\PROGRA~1\mypoints\mypoints.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {DC5F9604-C6E2-47D0-8E0F-E60FCCB334C7} - (no file)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: MYPOINTS - {A057A204-BACC-4D26-CEC4-75A487FD6484} - C:\PROGRA~1\mypoints\mypoints.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Merriam-Webster Online - {B7B76DD6-B6F0-4443-AF81-6A3ECF12A57D} - C:\WINDOWS\_MWOLTB.DLL
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll
O3 - Toolbar: The Weather Channel Toolbar - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\WINDOWS\system32\TwcToolbarIe7.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Rvsystem] C:\PROGRA~1\Returnil\Returnil.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Consumer Input Rewarded with MyPoints, Consumer Input Update] C:\Program Files\Consumer Input Rewarded with MyPoints, Consumer Input\ConsumerInputRewardedwithMyPoints,ConsumerInputUa.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - Startup: Startup Defender.lnk = C:\Program Files\Zards software\Startup Defender\Startup Defender.exe
O4 - Startup: visiondefense.lnk = C:\Program Files\Vision Defense\Vision Defense.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: &Search - ?p=ZJman000
O8 - Extra context menu item: Add to Power Favorites - C:\Program Files\Desksware\Power Favorites\copyurl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: MWOL &Dictionary - res://C:\WINDOWS\_MWOLTB.DLL/23/219
O8 - Extra context menu item: MWOL &Thesaurus - res://C:\WINDOWS\_MWOLTB.DLL/23/220
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - (no file)
O9 - Extra 'Tools' menuitem: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - (no file)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {07246F83-6D48-4559-81EC-117CBAE54F1B} (Microsoft Office Live Workspace Upload Tool) - http://workspace.office.live.com/Misc/M ... Upload.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3CF32649-D1C0-4F42-AB44-ED284748920B} (Merriam-Webster Online Toolbar) - http://www.merriam-webster.com/download ... nstall.cab
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} (BJA Control) - http://www.worldwinner.com/games/v63/bjattack/bja.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 3707172546
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} (WordMojo Control) - http://www.worldwinner.com/games/v46/wo ... rdmojo.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} (WoF Control) - http://www.worldwinner.com/games/v57/wof/wof.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/Crusher.cab
O16 - DPF: {BEB82CC6-09F3-43EA-BEB1-97188E21035D} (FootPedalCtl Class) - http://shared.careerstep.com/footpedal.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://disney.webex.com/client/v_myweb ... eatgpc.cab
O16 - DPF: {EE884C7D-21A0-49EA-B6F2-61ACF4E226F6} (Microsoft Office Live Workspace Upload Tool) - http://workspace.office.live.com/Misc/M ... Upload.cab
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://cvs.pnimedia.com/upload/activex/ ... 0.0.11.cab?
O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\McShield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 15654 bytes
wordgirl
Active Member
 
Posts: 14
Joined: December 20th, 2008, 8:14 pm
Advertisement
Register to Remove

Re: Internet Freezes and Prompts to you Close it

Unread postby peku006 » February 19th, 2009, 6:26 am

Hello and welcome to Malware Removal.

My name is peku006 and I will be helping you to remove any infection(s) that you may have.
I will be giving you a series of instructions that need to be followed in the order in which I give them to you.

Please observe these rules while we work:

  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Please continue to respond until I give you the "All Clear"

If you follow these instructions, everything should go smoothly.

1 - Download and Run Malwarebytes' Anti-Malware
Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

  • Double-click on Download_mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
  • Update Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself.
  • Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform full scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • The log can also be found here:

    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
  • Copy and paste the contents of that report in your next reply and exit MBAM.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


2 - download and run RSIT

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt<- (will be maximized) and info.txt<- (will be minimized)

3 - Status Check
Please reply with

1.the logs from RSIT (log.txt ,info.txt)
2. the Malwarebytes' Anti-Malware Log
description of any problems you are having with your PC

Thanks peku006
User avatar
peku006
MRU Emeritus
MRU Emeritus
 
Posts: 3357
Joined: May 14th, 2007, 2:18 pm
Location: Norway

Re: Internet Freezes and Prompts to you Close it

Unread postby wordgirl » February 20th, 2009, 9:33 am

Hello,

Thank you for your reply. I accidentally deleted the first log for MBAM. The original log showed 11 infected files and removed them. The next log came up clean and I have posted it here. The RSIT logs therefore finished before the posted MBAM log.

While MBAM was running, I realized that McAfee was also on. McAfee detected 7 malware including 2 trojans and removed them. I had run it twice before my initial post and although it detected malware, it was unable to remove it, and my computer continued to freeze while using the internet. I ran the scans overnight and so I am unsure as to whether I still have any problems now. Thank you so far for your help.


Malwarebytes' Anti-Malware 1.34
Database version: 1779
Windows 5.1.2600 Service Pack 3

2.20.2009 8:15:42 AM
mbam-log-2009-02-20 (08-15-42).txt

Scan type: Full Scan (C:\|D:\|Z:\|)
Objects scanned: 382333
Time elapsed: 2 hour(s), 30 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Logfile of random's system information tool 1.05 (written by random/random)
Run by Abria Laél at 2009-02-19 23:15:49
Microsoft Windows XP Professional Service Pack 3
System drive C: has 16 GB (15%) free of 108 GB
Total RAM: 1015 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:16:09 PM, on 2.19.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\VirusScan\McShield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HPQ\IAM\bin\asghost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Returnil\Returnil.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Consumer Input Rewarded with MyPoints, Consumer Input\ConsumerInputRewardedwithMyPoints,ConsumerInputUa.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\Zards software\Startup Defender\Startup Defender.exe
C:\Program Files\Vision Defense\Vision Defense.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Consumer Input Rewarded with MyPoints, Consumer Input\ConsumerInputRewardedwithMyPoints,ConsumerInput.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Abria Laél\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Abria Laél.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.careerstep.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Merriam-Webster Online BHO - {5ADA9CAC-04F9-4DD2-ABFD-74D673BE8624} - C:\WINDOWS\_MWOLTB.DLL
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MYPOINTS - {A057A204-BACC-4D26-CEC4-75A487FD6484} - C:\PROGRA~1\mypoints\mypoints.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {DC5F9604-C6E2-47D0-8E0F-E60FCCB334C7} - (no file)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: MYPOINTS - {A057A204-BACC-4D26-CEC4-75A487FD6484} - C:\PROGRA~1\mypoints\mypoints.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Merriam-Webster Online - {B7B76DD6-B6F0-4443-AF81-6A3ECF12A57D} - C:\WINDOWS\_MWOLTB.DLL
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll
O3 - Toolbar: The Weather Channel Toolbar - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\WINDOWS\system32\TwcToolbarIe7.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Rvsystem] C:\PROGRA~1\Returnil\Returnil.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Consumer Input Rewarded with MyPoints, Consumer Input Update] C:\Program Files\Consumer Input Rewarded with MyPoints, Consumer Input\ConsumerInputRewardedwithMyPoints,ConsumerInputUa.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - Startup: Startup Defender.lnk = C:\Program Files\Zards software\Startup Defender\Startup Defender.exe
O4 - Startup: visiondefense.lnk = C:\Program Files\Vision Defense\Vision Defense.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: &Search - ?p=ZJman000
O8 - Extra context menu item: Add to Power Favorites - C:\Program Files\Desksware\Power Favorites\copyurl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: MWOL &Dictionary - res://C:\WINDOWS\_MWOLTB.DLL/23/219
O8 - Extra context menu item: MWOL &Thesaurus - res://C:\WINDOWS\_MWOLTB.DLL/23/220
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - (no file)
O9 - Extra 'Tools' menuitem: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - (no file)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {07246F83-6D48-4559-81EC-117CBAE54F1B} (Microsoft Office Live Workspace Upload Tool) - http://workspace.office.live.com/Misc/M ... Upload.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3CF32649-D1C0-4F42-AB44-ED284748920B} (Merriam-Webster Online Toolbar) - http://www.merriam-webster.com/download ... nstall.cab
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} (BJA Control) - http://www.worldwinner.com/games/v63/bjattack/bja.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 3707172546
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} (WordMojo Control) - http://www.worldwinner.com/games/v46/wo ... rdmojo.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} (WoF Control) - http://www.worldwinner.com/games/v57/wof/wof.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/Crusher.cab
O16 - DPF: {BEB82CC6-09F3-43EA-BEB1-97188E21035D} (FootPedalCtl Class) - http://shared.careerstep.com/footpedal.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://disney.webex.com/client/v_myweb ... eatgpc.cab
O16 - DPF: {EE884C7D-21A0-49EA-B6F2-61ACF4E226F6} (Microsoft Office Live Workspace Upload Tool) - http://workspace.office.live.com/Misc/M ... Upload.cab
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://cvs.pnimedia.com/upload/activex/ ... 0.0.11.cab?
O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\McShield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 15468 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\McDefragTask.job
C:\WINDOWS\tasks\McQcTask.job
C:\WINDOWS\tasks\rpc.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{4AAE4230-2DE7-4E94-870A-B1D88C831788}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22D8E815-4A5E-4DFB-845E-AAB64207F5BD}]
eBay Toolbar Helper - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll [2008-08-11 562416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-08-26 308856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ADA9CAC-04F9-4DD2-ABFD-74D673BE8624}]
Merriam-Webster Online BHO - C:\WINDOWS\_MWOLTB.DLL [2008-10-04 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
Yahoo! IE Services Button - C:\Program Files\Yahoo!\Common\yiesrvc.dll [2007-12-12 222448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-25 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-CEC4-75A487FD6484}]
MYPOINTS - C:\PROGRA~1\mypoints\mypoints.dll [2007-10-02 1909248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-25 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DC5F9604-C6E2-47D0-8E0F-E60FCCB334C7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-CEC4-75A487FD6484} - MYPOINTS - C:\PROGRA~1\mypoints\mypoints.dll [2007-10-02 1909248]
{92085AD4-F48A-450D-BD93-B28CC7DF67CE} - eBay Toolbar - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll [2008-08-11 562416]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]
{B7B76DD6-B6F0-4443-AF81-6A3ECF12A57D} - Merriam-Webster Online - C:\WINDOWS\_MWOLTB.DLL [2008-10-04 385024]
{F053C368-5458-45B2-9B4D-D8914BDDDBFF} - TextAloud - C:\PROGRA~1\TEXTAL~1\TAForIE.dll [2007-08-25 658432]
{2E5E800E-6AC0-411E-940A-369530A35E43} - The Weather Channel Toolbar - C:\WINDOWS\system32\TwcToolbarIe7.dll [2008-07-22 327680]
{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [2008-12-16 429816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-10-01 111936]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-16 221184]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-08-26 185896]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"MBkLogOnHook"=C:\Program Files\McAfee\MBK\LogOnHook.exe [2007-01-08 20480]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"Rvsystem"=C:\PROGRA~1\Returnil\Returnil.exe [2008-12-30 2049536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-10-18 204288]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"Messenger (Yahoo!)"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2008-09-19 4347120]
"HomeAlarm"=C:\Program Files\Chameleon Clock\ChamClock.exe [2007-12-10 709632]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"Consumer Input Rewarded with MyPoints, Consumer Input Update"=C:\Program Files\Consumer Input Rewarded with MyPoints []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"DW6"=C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe [2009-01-02 801904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CapTrue]
C:\Program Files\CapTrue\captrue.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zweitgeist Assistant]
C:\Program Files\weblin\weblinAssistant.exe [2008-09-03 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^eBay Countdown.url]
[]

C:\Documents and Settings\Abria Laél\Start Menu\Programs\Startup
Startup Defender.lnk - C:\Program Files\Zards software\Startup Defender\Startup Defender.exe
visiondefense.lnk - C:\Program Files\Vision Defense\Vision Defense.exe
Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OneCard]
C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll [2005-07-25 40960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{1214FBE7-4464-4A7E-9958-B5851A7A30A3}"=C:\Program Files\Conceptworld\RecentX\RXShell.dll [2008-06-12 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
AsWlnPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing"
"C:\WINDOWS\SMINST\Scheduler.exe"="C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler "
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe"="C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe:*:Disabled:Yahoo! Widgets"
"C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"
"C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Java\jre1.6.0_07\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_07\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\Program Files\Nuance\NaturallySpeaking10\Program\datacollector.exe"="C:\Program Files\Nuance\NaturallySpeaking10\Program\datacollector.exe:*:Enabled:Data Collector Utility"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d008cd74-6d66-11dd-8530-0019d246ccff}]
shell\AutoRun\command - F:\ClearPlayEasyUpdates.exe


======File associations======

.scr - open - "C:\Program Files\EasyScript\ComputerScript.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2009-02-19 23:15:49 ----D---- C:\rsit
2009-02-19 15:39:19 ----D---- C:\Documents and Settings\Abria Laél\Application Data\Malwarebytes
2009-02-19 15:39:08 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-02-19 15:39:07 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-18 06:39:59 ----D---- C:\Program Files\Common Files\Nuance
2009-02-17 22:41:48 ----D---- C:\Documents and Settings\All Users\Application Data\ScanSoft
2009-02-17 22:40:50 ----D---- C:\Program Files\Nuance
2009-02-16 11:34:53 ----D---- C:\Program Files\Active Share Monitor
2009-02-15 23:00:47 ----D---- C:\Documents and Settings\Abria Laél\Application Data\OfficeUpdate12
2009-02-15 22:22:19 ----D---- C:\Program Files\MSECache
2009-02-13 09:32:19 ----A---- C:\WINDOWS\system32\devil.dll
2009-02-13 09:32:19 ----A---- C:\WINDOWS\system32\avisynth.dll
2009-02-13 09:32:18 ----D---- C:\Program Files\AviSynth 2.5
2009-02-13 09:32:18 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2009-02-13 09:32:18 ----A---- C:\WINDOWS\system32\i420vfw.dll
2009-02-13 09:32:18 ----A---- C:\WINDOWS\system32\AVSredirect.dll
2009-02-13 09:31:23 ----RSH---- C:\WINDOWS\system32\nbDX.dll
2009-02-13 09:31:23 ----RSH---- C:\WINDOWS\system32\msfDX.dll
2009-02-13 09:31:23 ----RSH---- C:\WINDOWS\system32\flvDX.dll
2009-02-13 09:30:58 ----D---- C:\Program Files\eRightSoft
2009-02-12 12:52:54 ----D---- C:\Program Files\Veoh Networks
2009-02-11 16:39:46 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-11 16:37:54 ----D---- C:\WINDOWS\SQLTools9_KB960089_ENU
2009-02-11 16:33:33 ----D---- C:\WINDOWS\SQL9_KB960089_ENU
2009-02-10 16:18:55 ----D---- C:\Program Files\Cornera
2009-02-10 13:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$
2009-02-09 08:32:30 ----D---- C:\Program Files\Insofta Cover Commander
2009-02-07 19:02:25 ----D---- C:\Program Files\2Flyer
2009-02-06 12:55:14 ----D---- C:\Program Files\Audio Recorder
2009-02-05 19:14:40 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-02-04 22:51:04 ----D---- C:\Documents and Settings\Abria Laél\Application Data\Graboid Inc
2009-02-04 08:29:30 ----D---- C:\Program Files\Internet RadioFan
2009-02-04 08:29:30 ----D---- C:\Documents and Settings\All Users\Application Data\Pingotron.com
2009-02-03 19:50:12 ----D---- C:\Documents and Settings\Abria Laél\Application Data\vlc
2009-02-03 19:21:37 ----D---- C:\Documents and Settings\All Users\Application Data\Graboid Inc
2009-02-03 19:21:17 ----D---- C:\Documents and Settings\Abria Laél\Application Data\MozillaControl
2009-02-03 19:18:52 ----D---- C:\Program Files\Mozilla ActiveX Control v1.7.12
2009-02-03 19:18:29 ----D---- C:\Program Files\VideoLAN
2009-02-03 19:16:48 ----D---- C:\Program Files\Graboid
2009-02-03 08:10:14 ----A---- C:\WINDOWS\system32\TwcToolInstDll.dll
2009-02-03 08:10:14 ----A---- C:\WINDOWS\system32\TwcToolbarIe7.dll
2009-02-03 08:10:14 ----A---- C:\WINDOWS\system32\TwcToolbarBho.dll
2009-02-03 08:09:34 ----D---- C:\Program Files\The Weather Channel Toolbar
2009-02-03 08:03:35 ----D---- C:\Program Files\The Weather Channel FW
2009-02-02 09:04:05 ----D---- C:\Documents and Settings\Abria Laél\Application Data\Desktop3D
2009-01-31 10:43:04 ----A---- C:\WINDOWS\system32\btdfu.dll
2009-01-29 12:11:41 ----D---- C:\Program Files\Morpheus Photo Morpher
2009-01-24 08:36:10 ----D---- C:\Program Files\ProxyWay
2009-01-22 09:41:37 ----D---- C:\Program Files\Bee Icons
2009-01-22 01:52:31 ----D---- C:\Program Files\Almeza
2009-01-21 13:04:03 ----D---- C:\WINDOWS\SQLTools9_KB954606_ENU
2009-01-21 13:00:48 ----D---- C:\WINDOWS\SQL9_KB954606_ENU
2009-01-20 21:18:12 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-01-20 21:17:30 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-01-20 11:38:51 ----D---- C:\Program Files\Microsoft Small Business
2009-01-20 11:33:58 ----D---- C:\Program Files\MSXML 6.0
2009-01-20 11:29:34 ----D---- C:\Program Files\Microsoft SQL Server
2009-01-20 11:10:54 ----D---- C:\Program Files\iMoneysoft

======List of files/folders modified in the last 1 months======

2009-02-19 23:15:52 ----D---- C:\WINDOWS\Temp
2009-02-19 23:15:23 ----D---- C:\WINDOWS\Prefetch
2009-02-19 23:07:22 ----D---- C:\Program Files\Chameleon Clock
2009-02-19 23:07:04 ----D---- C:\WINDOWS
2009-02-19 18:53:43 ----D---- C:\WINDOWS\system32
2009-02-19 18:53:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-19 18:49:57 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-19 18:48:23 ----RD---- C:\Program Files
2009-02-19 18:48:23 ----D---- C:\WINDOWS\system32\drivers
2009-02-19 18:47:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-18 11:29:37 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-02-18 08:10:15 ----SHD---- C:\WINDOWS\Installer
2009-02-18 08:10:10 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-18 08:10:10 ----HD---- C:\Config.Msi
2009-02-18 06:40:03 ----HD---- C:\WINDOWS\inf
2009-02-18 06:39:59 ----D---- C:\Program Files\Common Files
2009-02-18 06:02:32 ----D---- C:\Program Files\Internet Explorer
2009-02-18 00:41:18 ----AC---- C:\WINDOWS\dgnsetup.ini
2009-02-17 22:54:34 ----D---- C:\WINDOWS\speech
2009-02-17 22:33:06 ----D---- C:\Documents and Settings\All Users\Application Data\WholeSecurity
2009-02-17 21:44:57 ----SD---- C:\WINDOWS\Tasks
2009-02-17 20:13:25 ----D---- C:\WINDOWS\system32\Macromed
2009-02-17 19:30:15 ----SD---- C:\Documents and Settings\Abria Laél\Application Data\Microsoft
2009-02-16 16:09:06 ----SHD---- C:\RECYCLER
2009-02-16 01:50:35 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-02-15 23:04:24 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-02-13 09:32:13 ----RSD---- C:\WINDOWS\Fonts
2009-02-11 16:39:44 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-11 16:38:25 ----D---- C:\WINDOWS\Registration
2009-02-11 16:33:06 ----A---- C:\WINDOWS\imsins.BAK
2009-02-11 16:32:54 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-02-11 16:32:36 ----D---- C:\WINDOWS\ie7updates
2009-02-10 16:18:58 ----D---- C:\WINDOWS\WinSxS
2009-02-05 18:19:38 ----A---- C:\WINDOWS\cdplayer.ini
2009-02-05 01:01:44 ----D---- C:\Documents and Settings
2009-02-04 23:12:15 ----AC---- C:\WINDOWS\orun32.ini
2009-02-04 18:59:49 ----D---- C:\Program Files\CamStudio
2009-02-04 09:12:53 ----D---- C:\Documents and Settings\Abria Laél\Application Data\MP3Rocket
2009-02-04 07:48:26 ----D---- C:\Program Files\MP3 Rocket
2009-02-03 18:21:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-02 11:28:09 ----A---- C:\WINDOWS\win.ini
2009-01-31 10:42:23 ----AD---- C:\SwSetup
2009-01-29 12:12:19 ----D---- C:\Documents and Settings\Abria Laél\Application Data\Morpheus Software
2009-01-27 08:26:56 ----D---- C:\Program Files\GridinSoft
2009-01-25 15:48:54 ----D---- C:\Games
2009-01-21 13:06:24 ----RSD---- C:\WINDOWS\assembly
2009-01-21 13:06:09 ----D---- C:\WINDOWS\system32\DirectX
2009-01-21 13:05:39 ----D---- C:\Program Files\Windows Live
2009-01-20 21:21:18 ----D---- C:\WINDOWS\Microsoft.NET
2009-01-20 21:13:44 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2009-01-20 11:39:50 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-20 11:35:42 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-01-20 11:35:14 ----D---- C:\Program Files\Microsoft.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [1999-09-10 25244]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684]
R1 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808]
R1 HFCore;HFCore; \??\C:\WINDOWS\system32\drivers\HFCore.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2007-11-22 201320]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2007-07-13 113952]
R1 StarPortLite;StarPort Storage Controller (Lite); C:\WINDOWS\system32\DRIVERS\StarPortLite.sys [2008-12-26 95592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-08-31 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-08-31 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-08-31 86524]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-08-31 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-08-31 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-08-31 87036]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-08-31 94332]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-02-28 176128]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-06-07 152960]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-07-30 1155584]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2006-02-05 45312]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2007-11-22 79304]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2007-11-22 35240]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2007-12-02 40488]
R3 MQAC;Message Queuing access control; \??\C:\WINDOWS\system32\drivers\mqac.sys []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-10-15 47360]
R3 RMCAST;Reliable Multicast Protocol driver; \??\C:\WINDOWS\system32\drivers\RMCast.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-11-10 191936]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-01-19 1428096]
S2 MCSTRM;MCSTRM; C:\WINDOWS\system32\drivers\MCSTRM.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-02-16 57096]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-12-14 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-14 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-14 21744]
S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2007-11-22 33832]
S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2001-08-17 35913]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 ASChannel;Local Communication Channel; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-01-12 98304]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-25 152984]
R2 LicCtrlService;LicCtrl Service; C:\WINDOWS\runservice.exe [2008-12-16 2560]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-06-20 49152]
R2 MBackMonitor;MBackMonitor; C:\Program Files\McAfee\MBK\MBackMonitor.exe [2007-01-16 71208]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
R2 McShield;McAfee Real-time Scanner; C:\Program Files\McAfee\VirusScan\McShield.exe [2007-07-24 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]
R2 MSMQ;Message Queuing; C:\WINDOWS\system32\mqsvc.exe [2008-04-13 4608]
R2 MSMQTriggers;Message Queuing Triggers; C:\WINDOWS\system32\mqtgsvc.exe [2008-04-13 117248]
R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-12-18 29181272]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-12-05 695624]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-17 138168]
S3 IDriverT;InstallDriver Table Manager; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PCA;PC Angel; C:\WINDOWS\SMINST\PCAngel.exe [2006-01-12 294912]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.05 2009-02-19 23:16:15

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->MsiExec.exe /I{93F549B5-BAFB-4DEC-9DD8-74309A463DA9}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2FlyerPro-->"C:\Program Files\2Flyer\Screensaver Pro\unins000.exe"
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Active Share Monitor version 1.1-->"C:\Program Files\Active Share Monitor\unins000.exe"
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Reader for Pocket PC 2.0-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{291A772C-FFB9-4681-B720-AB2A0A620896}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adolix PDF Converter PRO v4.2-->"C:\Program Files\Adolix\Adolix PDF Converter PRO\unins000.exe"
AdolixPDFConverter (novaPDF Professional Desktop OEM 5.5 print-->"C:\Program Files\Adolix\Adolix PDF Converter PRO\nova\unins000.exe"
Advanced Registry Optimizer-->"C:\Program Files\Advanced Registry Optimizer\unins000.exe"
Agere Systems HDA Modem-->agrsmdel
AllMedia Grabber-->"C:\WINDOWS\AllMedia Grabber\uninstall.exe" "/U:C:\Program Files\AllMedia Grabber\Uninstall\uninstall.xml"
Almeza MultiSet Professional 6.3-->"C:\Program Files\Almeza\MultiSet\unins000.exe"
AltDesk.1.8-->C:\Program Files\AltDesk\uninstal.exe
Amazing Jigsaw-->"C:\Program Files\FreeGamePick.com\Amazing Jigsaw\unins000.exe"
American Sign Language 3.2-->C:\WINDOWS\unvise32.exe C:\Program Files\American Sign Language\uninstal.log
AnVir Task Manager-->"C:\Program Files\AnVir Task Manager\AnVir.exe" Uninstall
Apex Video Converter Super 7.54-->"C:\Program Files\Apex\Apex Video Converter Super\unins000.exe"
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Application Installer 4.00.B5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E0DBC47C-ED3F-4A1B-A929-9A26DAAA14B3}\setup.exe" -l0x9
Aqua Bubble 2-->"C:\Program Files\Realore\Aqua Bubble 2\unins000.exe"
Aqua Words-->"C:\Program Files\Realore\Aqua Words\unins000.exe"
Around the World in 80 Days 1.0-->"C:\Program Files\Around the World in 80 Days\unins000.exe"
ArtStudio GOATD 1.1.2-->MsiExec.exe /I{ED64D9B8-8B92-4A2F-8ED8-8A83DECDD87A}
Atomic Alarm Clock 5.81-->"C:\Program Files\Atomic Alarm Clock\unins000.exe"
Audible Download Manager-->C:\Program Files\Audible\Bin\AudibleDM_iTunesSetup[1].exe /Uninstall
AudibleManager-->C:\Program Files\Audible\Bin\Upgrade.exe /Uninstall
Audio Recorder 1.1-->"C:\Program Files\Audio Recorder\unins000.exe"
AVS DVDMenu Editor 1.2.1.19-->"C:\Program Files\Common Files\AVSMedia\AVS DVDMenu Editor\unins000.exe"
AVS Video Editor 4-->"C:\Program Files\AVS4YOU\AVSVideoEditor4\unins000.exe"
AVS Video Tools 5.6-->"C:\Program Files\AVSMedia\VideoTools\unins000.exe"
AVS4YOU Software Navigator 1.2-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Batch Image Enhancer 3.5-->C:\Program Files\BinaryMark\Batch Image Enhancer\uninst.exe
Batch Image Resizer 3.5-->C:\Program Files\BinaryMark\Batch Image Resizer\uninst.exe
Batch Image Watermarker 3.5-->C:\Program Files\BinaryMark\Batch Image Watermarker\uninst.exe
Bee Icons v 4.0.3 (GAOTD Edition)-->"C:\Program Files\Bee Icons\unins000.exe"
Before You Know It 3.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB2069FE-D77A-4B1A-8486-46BC81B9D16F}\Setup.exe" -l0x9
Beyond Sync 3.5.8.135-->"C:\Program Files\Beyond Sync\unins000.exe"
Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe
Blackjack Training Software - Shareware Version-->"C:\Program Files\DeepNet Technologies\Blackjack Training Software\unins000.exe"
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
BurnAware Express 2.0.2-->"C:\Program Files\BurnAware Express\unins000.exe"
BusinessCardsMX 3.92-->"C:\Program Files\MOJOSOFT\BusinessCardsMX3\unins000.exe"
CamStudio Lossless Codec v1.4-->"C:\WINDOWS\system32\unins000.exe"
CamStudio-->C:\Program Files\CamStudio\uninstall.exe
Capture Assistant-->"C:\Program Files\Capture Assistant\uninstall.exe"
Chameleon Clock 5.1-->"C:\Program Files\Chameleon Clock\unins000.exe"
CHM Editor-->C:\Program Files\GridinSoft\CHMEditor\Uninstall.exe
Comfort Keys Pro 3.1.3.0-->"C:\Program Files\ComfortKeys\unins000.exe"
ComputerScript 2.21-->C:\Program Files\EasyScript\uninst.exe
Consumer Input Rewarded with MyPoints, Consumer Input Software (remove only)-->"C:\Program Files\Consumer Input Rewarded with MyPoints, Consumer Input\uninstall.exe"
ConvertXtoDVD 3.2.1.55b-->"C:\Program Files\VSO\ConvertX\3\unins000.exe"
Cool RingTone Maker 1.1.2-->"c:\Cool RingTone Maker\unins000.exe"
Coral Reef 3D Screensaver 1.0-->"C:\Program Files\Coral Reef 3D Screensaver\unins000.exe"
Coupon Printer for Windows-->"C:\Program Files\Coupons\uninstall.exe" "/U:C:\Program Files\Coupons\Uninstall\uninstall.xml"
Cover Commander 2.91 by Insofta Development-->C:\Program Files\Insofta Cover Commander\uninstall.exe C:\Program Files\Insofta Cover Commander\uninstall.log
Daniusoft Media Converter(Build 2.3.1.34)-->"C:\Program Files\Daniusoft\Media Converter\unins000.exe"
DDWidget Pro version 1.4-->"C:\Program Files\BrainexSoft\DDWidget Pro\unins000.exe"
Digital Physiognomy (remove only)-->"C:\Program Files\Digital Physiognomy\uninstall.exe"
DoubleSafety-->"C:\Program Files\DoubleSafety\uninstall.exe"
Dragon NaturallySpeaking 10-->MsiExec.exe /I{E7712E53-7A7F-46EB-AA13-70D5987D30F2}
Driver Magician 3.32-->"C:\Program Files\Driver Magician\unins000.exe"
East-Tec Eraser 2008 Version 8.9-->"C:\Program Files\East-Tec Eraser 2008\unins000.exe"
EasyCalendarMaker-->"C:\Program Files\easycalendarmaker\unins000.exe"
eBay Toolbar Featuring Yahoo!-->C:\Program Files\InstallShield Installation Information\{3DB5FD00-BB93-4AF3-B925-77DAA0E4E2F4}\setup.exe -runfromtemp -l0x0009 eBay Toolbar Featuring Yahoo! -removeonly
eBook Maestro FREE 1.80-->"C:\Program Files\eBook Maestro FREE\unins000.exe"
eCover Engineer 5.5-->"C:\Program Files\Adolix\eCover Engineer\unins000.exe"
Edraw Max 4-->"C:\Program Files\Edraw Max\unins000.exe"
eMusic Download Manager 4.0.0.5-->C:\Program Files\eMusic Download Manager\uninst.exe
Expense Tracker 1.3-->C:\Program Files\Indentix\Expense Tracker 1.3\uninst.exe
Express Scribe Uninstall-->C:\Program Files\NCH Swift Sound\Scribe\uninst.exe
Extra DVD to FLV Ripper 5.6-->"C:\Program Files\Extra DVD to FLV Ripper\unins000.exe"
Extra Video Converter 4.6-->"C:\Program Files\Extra Video Converter\unins000.exe"
FlashWorks Converter-->"C:\Program Files\Teknia\unins000.exe"
FormatFactory-->MsiExec.exe /X{A0C0724A-649C-4953-BF1E-F783036969E9}
Foxonic 3.0 (build 0198)-->"C:\Program Files\Foxonic\unins000.exe"
Free DVD Decrypter version 1.3-->"C:\Program Files\DVDVideoSoft\Free DVD Decrypter\unins000.exe"
Free Video Flip and Rotate version 1.4-->"C:\Program Files\DVDVideoSoft\Free Video Flip and Rotate\unins000.exe"
GDR 3077 for SQL Server Database Services 2005 ENU (KB960089)-->C:\WINDOWS\SQL9_KB960089_ENU\Hotfix.exe /Uninstall
GDR 3077 for SQL Server Tools and Workstation Components 2005 ENU (KB960089)-->C:\WINDOWS\SQLTools9_KB960089_ENU\Hotfix.exe /Uninstall
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Glary Utilities Pro 2.9.0.518-->"C:\Program Files\Glary Utilities\unins000.exe"
Golden Autumn 3D Screensaver 1.0-->"C:\Program Files\Astro Gemini Software\Golden Autumn 3D Screensaver\unins000.exe"
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Google Talk (remove only)-->"C:\Program Files\Google\Google Talk\uninstall.exe"
Graboid Video 1.4-->C:\Program Files\Graboid\uninst.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HippoEdit 1.34 - GiveAwayOfTheDay Edition-->C:\Program Files\HippoEdit\uninst.exe
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Backup and Recovery Manager Installer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}\setup.exe" -l0x9 -uninst -removeonly
HP BIOS Configuration for ProtectTools 2.00 C3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AE052EF7-2640-48D7-8915-69B810D975CB}\Setup.exe" -l0x9 biosuninst
HP Credential Manager for ProtectTools-->MsiExec.exe /X{B9F4C05D-E42F-4E9A-A73F-FDD9355319FB}
HP Extended Capabilities 4.7-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Help and Support-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x9 -removeonly
HP Image Zone 4.7-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Notebook Accessories Product Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A7AD8CEF-72D7-4FE4-8A14-DDD09DC86074}\setup.exe" -l0x9 -removeonly
HP ProtectTools Security Manager 2.00 C3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{914E1AB1-DCA0-4A7D-935F-B58C4B887A2B}\Setup.exe" -l0x9 -removeonly hpquninst
HP PSC & OfficeJet 4.7-->"C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzscr01.exe" -datfile hposcr05.dat
HP Quick Launch Buttons 6.00 D2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -l0x9 -removeonly uninst
HP Software Update-->MsiExec.exe /X{64FC0C98-B035-4530-B15D-3D30610B6DF1}
HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP User Guides 0029-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22C28506-B1E0-4050-B0B7-B97AEB061381}\setup.exe" -l0x9 -removeonly
HP Wireless Assistant 2.00 E1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x9 hpquninst
HyperSign 2.3p-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Trinity Software, Inc.\HyperSign 2.3p\DeIsL1.isu" -c"C:\Program Files\Trinity Software, Inc.\HyperSign 2.3p\_ISREG32.DLL"
Image Mender 1.1-->C:\Program Files\Image Mender\Uninstall.exe
ImgBurn-->"C:\Program Files\ImgBurn\uninstall.exe"
iMoneysoft 1.32-->"C:\Program Files\iMoneysoft\unins000.exe"
Inpaint-->MsiExec.exe /I{B6BCCB80-B3FC-4E97-8513-A7BEE73A5C5A}
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Internet RadioFan 1.3.0-->"C:\Program Files\Internet RadioFan\unins000.exe"
InterVideo DVD Check-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D97A4A7-C274-4B63-86D9-07A33435F505}\setup.exe" REMOVEALL
InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
Intrusion Detection System - Sax2 2.0-->"C:\Program Files\Ax3soft\Sax2\unins000.exe"
iRecordMax Sound Recorder v7.1.3-->"C:\Program Files\iRecordMax Sound Recorder\unins000.exe"
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Kurso de Esperanto 3-->"C:\Program Files\Esperanto\Kurso3\Uninstall.exe" "C:\Program Files\Esperanto\Kurso3\install.log"
LeaderTask 6.1.3-->"C:\Program Files\Almeza\LeaderTask\unins000.exe"
LinguaSaver_11-->C:\WINDOWS\system32\LinguaSaver_11.scr /u
List Remove, List Replace, List Sort, List compare and duplicat-->"C:\Program Files\HotHotSoftwareFullVersion\ListManagementSoftware\unins000.exe"
Macromedia Flash Player 8-->C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe
Magical File Encrypt v1.1-->C:\Program Files\ArzooSoft Solutions\Magical File Encrypt\Uninstall.exe
MagicScore-->"C:\Program Files\MagicScore Music Software\MagicScore School 5.x\unins000.exe"
Mah Jong Adventures-->C:\PROGRA~1\SHOCKW~1.COM\MAHJON~1\UNWISE.EXE C:\PROGRA~1\SHOCKW~1.COM\MAHJON~1\INSTALL.LOG
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Marble Tactics 1.0-->C:\Program Files\Marble Tactics\uninst.exe
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
MegaSign-Trial_V1.4-->"C:\Program Files\MegaSign Trial_V1.4\unins000.exe"
MemorizeIt (remove only)-->"C:\Program Files\Memorize\uninst-memit.exe"
Merriam-Webster Online Toolbar-->C:\WINDOWS\system32\regsvr32.exe /u /s "C:\WINDOWS\_MWOLTB.DLL"
mgLaunch 1.2.2.B426-->C:\Program Files\Encsoft\mgLaunch\uninst.exe
mgWindow 1.0.0.B509-->C:\Program Files\Encsoft\mgWindow\uninst.exe
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Accounting 2009 Equifax Addin-->MsiExec.exe /X{C6C148EC-55FB-4FDF-AD4F-ECEA579D040D}
Microsoft Office Accounting 2009 Fixed Asset Manager-->MsiExec.exe /X{53276F5A-85AB-4BEF-BAA2-2490975DC006}
Microsoft Office Accounting 2009 PayPal Addin-->MsiExec.exe /X{DC0C35E4-CD3D-4F12-95BB-7C74D9467BD7}
Microsoft Office Accounting 2009 Tax Integration Add-in-->MsiExec.exe /X{D9AE6BE1-5847-4962-86B0-2A290B7E6C43}
Microsoft Office Accounting 2009-->"c:\Program Files\Microsoft Small Business\Office Accounting 2009\SetupBootstrap\Setup.exe" /remove {5007E629-8769-44BB-BD51-A20B6DCC5CC9}
Microsoft Office Accounting 2009-->MsiExec.exe /X{5007E629-8769-44BB-BD51-A20B6DCC5CC9}
Microsoft Office Accounting ADP Payroll Addin-->MsiExec.exe /I{5FA793A6-0071-42C1-9355-8F69A428C44F}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Small Business Connectivity Components-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B2-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005 Tools Express Edition-->MsiExec.exe /I{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}
Microsoft SQL Server 2005-->"c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
MobileMe Control Panel-->MsiExec.exe /I{2604C0F9-BFD3-4BA0-9EB5-22537C648F03}
Mobipocket Reader 6.2-->MsiExec.exe /I{342126E1-173C-4585-BFBE-3EBDD20E3E9E}
Morpheus Photo Morpher v3.10-->"C:\Program Files\Morpheus Photo Morpher\unins000.exe"
Mozilla ActiveX Control v1.7.12-->C:\Program Files\Mozilla ActiveX Control v1.7.12\uninst.exe
MP3 Rocket-->C:\Program Files\MP3 Rocket\Uninstall.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser-->MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}
Multi Screen Emulator for Windows 2.0.2.0-->"C:\Program Files\SiComponents\MSEW 2\unins000.exe"
MultiFind-->"C:\Program Files\MultiFind\uninstall.exe"
MultiStage Recovery 3.6-->"C:\Program Files\MultiStage Recovery\unins000.exe"
myBabylon Toolbar-->C:\PROGRA~1\MYBABY~1\UNWISE.EXE C:\PROGRA~1\MYBABY~1\INSTALL.LOG
myBabylon_English Toolbar-->C:\PROGRA~1\MYBABY~2\UNWISE.EXE C:\PROGRA~1\MYBABY~2\INSTALL.LOG
MyPoints Toolbar-->C:\Program Files\mypoints\uninstall.exe
Need4 Video Converter 5.7-->C:\Program Files\Need4 Video Converter 5.7\uninst.exe
Netflix Movie Viewer-->MsiExec.exe /X{BCE72AED-3332-4863-9567-C5DCB9052CA2}
NetStat Agent 2.0-->"C:\Program Files\Flexbyte Software\NetStat Agent\unins000.exe"
NewtPad 3.0-->"C:\Program Files\NewtPad\unins000.exe"
Note Attack v1.36-->"C:\Program Files\NoteAttack\unins000.exe"
OverDrive Media Console-->MsiExec.exe /I{D6F2C4FD-149A-4BA0-A95D-2A80F10EE751}
Paint.NET 3.8-->"C:\Program Files\Paint.NET\UninsHs.exe" /u0=Paint.NET
PD Artist-->C:\WINDOWS\ST5UNST.EXE -n "C:\Program Files\PD Artist\ST5UNST.LOG"
PD Particles-->C:\WINDOWS\ST5UNST.EXE -n "C:\Program Files\PD Particles\ST5UNST.LOG"
PDFZilla V1.0.7-->"C:\Program Files\PDFZilla\unins000.exe"
Power Favorites 1.7.1-->"C:\Program Files\Desksware\Power Favorites\unins000.exe"
PPTminimizer-->"C:\Program Files\PPTminimizer\unins000.exe"
Prism Video Converter-->C:\Program Files\NCH Software\Prism\uninst.exe
project dogwaffle-->C:\WINDOWS\ST5UNST.EXE -n "C:\Program Files\project dogwaffle\ST5UNST.LOG"
ProxyWay-->MsiExec.exe /X{620797B0-A022-4B57-A95E-DD7DD0321040}
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
ratDVD 0.78.1444-->C:\Program Files\ratDVD\uninst.exe
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RecentX 2.0-->"C:\Program Files\Conceptworld\RecentX\unins000.exe"
Recover Keys-->"C:\Program Files\Recover Keys\unins000.exe"
Reminder Commander 2.20-->"C:\Program Files\Reminder Commander\unins000.exe"
RemoteObserver-->C:\Program Files\RemoteObserver\uninstall.exe
RemoteObserverClient-->C:\Program Files\RemoteObserverClient\uninstall.exe
Returnil Virtual System Premium Edition-->C:\Program files\Returnil\Uninstall.exe /REMOVE
Rhapsody Player Engine-->MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Rhapsody-->C:\PROGRA~1\Rhapsody\Unwise32.exe /A C:\PROGRA~1\Rhapsody\install.log
Safari-->MsiExec.exe /I{582D2A53-F426-4C5E-A2E6-43C1AB36B907}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Show.kit-->"C:\Program Files\Show.kit 2.1\unins000.exe"
Smart CD Catalog 2.53 Professional-->"C:\Program Files\Smart CD Catalog PRO\unins000.exe"
Smart Diary Suite 4-->"C:\Program Files\Smart Diary Suite 4\unins000.exe"
Smart Install Maker 5.02-->C:\Program Files\Smart Install Maker\Uninstall.exe
SoftMaker Office 2006 (C:\Program Files\SoftMaker Office 2006)-->C:\Documents and Settings\Abria Laél\Application Data\SoftMaker\smun3250.exe sm-un1.u32
Sonic Audio Module-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic Copy Module-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic Data Module-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" -l0x9 -removeonly
SpanishUno 6.01-->"C:\Program Files\SpanishUno\unins000.exe"
SpellQuizzer 1.0.1-->"C:\Program Files\SpellQuizzer\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
StarBurn(GiveAwayOfTheDay) Version 11 (Build 0x20081230)-->"C:\Program Files\Give Away Of The Day\StarBurn\unins000.exe"
SUPER © Version 2009.bld.35 (Jan 5, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
Super TextTwist-->C:\PROGRA~1\GAMEHO~1\TEXTTW~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\TEXTTW~1\INSTALL.LOG
SWF & FLV Toolbox 3.5 (build 3.5.23.412)-->"C:\Program Files\Eltima Software\SWF & FLV Toolbox\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
SyncBack-->"C:\Program Files\2BrightSparks\SyncBack\unins000.exe"
Teach2000 8.31-->"C:\Program Files\Teach2000\Uninstall\unins000.exe"
TextAloud-->"C:\Program Files\TextAloud\unins000.exe"
The French Tutorial Personal Edition-->C:\Program Files\The French Tutorial Personal Edition\uninstall.exe
The Lost Watch 3D Screensaver 1.0-->"C:\Program Files\The Lost Watch 3D Screensaver\unins000.exe"
The Princess Bride Game-->MsiExec.exe /I{72D71599-E86C-414E-B845-0CB9444B101A}
The Princess Bride-->"C:\Program Files\The Princess Bride\Uninstall.exe"
The Rosetta Stone-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Rosetta\DeIsL1.isu"
The Weather Channel Desktop 6-->C:\Program Files\The Weather Channel FW\Desktop\TheWeatherChannelCustomUninstall.exe
The Weather Channel Toolbar-->C:\PROGRA~1\THEWEA~2\UNWISE.EXE C:\PROGRA~1\THEWEA~2\twcINSTALL.LOG
Total Network Monitor 1.0.1 (build 1100)-->"C:\Program Files\Total Network Monitor\unins000.exe"
Tray Commander 2.3-->C:\Program Files\Tray Commander\Uninstall.exe
Turtle Odyssey 2-->"C:\Program Files\Realore\Turtle Odyssey 2\unins000.exe"
Typing Assistant (English) 4.2-->MsiExec.exe /I{9B73034E-47B5-4870-B9E2-3F7A5AE3859A}
TypingMaster Pro-->"C:\Program Files\TypingMaster\unins000.exe"
Uconomix Encryption Engine 1.0-->MsiExec.exe /I{FB01E78F-AC94-4ECA-AA65-386193433D10}
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Unix Utilities for Yahoo! Widgets-->C:\Program Files\Yahoo!\Widgets\UnixUtils\uninstall.exe
Update for Microsoft Office 2007 Help for Common Features (KB957244)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {C8C72583-C907-4D20-8973-C3858D96BD9E}
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {51864046-74C8-487B-97CD-6167A4B1DB56}
Update for Microsoft Office OneNote 2007 Help (KB957245)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {7332DE60-DC79-4578-A60A-A5EA0D6E032B}
Update for Microsoft Office PowerPoint 2007 Help (KB957247)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {B20E2C59-EEC5-4102-9E50-5DBB2093C37D}
Update for Microsoft Office Word 2007 Help (KB957252)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {54DF3345-0720-4224-9740-C7E00303F565}
Update for Microsoft Script Editor Help (KB957253)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {F21BF703-548C-47B2-B92A-6876E9566C42}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Valix NetSearch version 1.5-->"C:\Program Files\Valix NetSearch\unins000.exe"
Veoh Web Player Beta-->"C:\Program Files\Veoh Networks\VeohWebPlayer\uninst.exe"
Video Screensaver 1.0-->"C:\Program Files\Video Screensaver\unins000.exe"
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Videora Trial Version 2.15-->C:\Program Files\Videora\uninst.exe
Vidroid - ImagePut 1.1-->"C:\Program Files\Vidroid\ImagePut\uninstall.exe"
Vision Defense-->"C:\Program Files\Vision Defense\unins000.exe"
Visual C++ Runtime for Dragon NaturallySpeaking-->MsiExec.exe /I{4A5A427F-BA39-4BF0-9A47-9999FBE60C9F}
Visual Vision EbooksWriterLITE_e-->c:\vv\CDROMs\iper3pro\Eng\client\f\EbooksWriterLITE_e.exe /DEINST
Watchtower Library 2007 - English-->C:\Program Files\Watchtower\Watchtower Library 2007\E\uninst.exe
Watermark Factory 2-->"C:\Program Files\Watermark Factory 2\unins000.exe"
Web Forum Reader 2.0-->"C:\Program Files\Web Forum Reader\unins000.exe"
WebEx-->C:\WINDOWS\DOWNLO~1\atcliun.exe
Webshots Desktop-->"C:\Program Files\AGI\common\bootstrapper.exe" -uninstall"\"C:/Program Files/AGI/Python25\pythonw.exe\" \"C:\Program Files\AGI\common\pyagcore\installer.pyc\" -u WebshotsDesktop"
WebVideo Author-->"C:\Program Files\Wondershare\WebVideo Author\unins000.exe"
Wii Video 9 2.25-->C:\Program Files\Red Kawa\Video Converter\uninstaller.exe
Windows Automation Macro Recorder 1.0-->"C:\Program Files\Windows Automation Macro Recorder\unins000.exe"
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Mail-->MsiExec.exe /I{184E7118-0295-43C4-B72C-1D54AA75AAF7}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Photo Gallery-->MsiExec.exe /X{2D4F6BE3-6FEF-4FE9-9D01-1406B220D08C}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Live SkyDrive Upload Tool-->MsiExec.exe /I{2FD177C0-A752-11DC-8314-0800200C9A66}
Windows Live Writer-->MsiExec.exe /X{9176251A-4CC1-4DDB-B343-B487195EB397}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Mobile® Device Handbook-->C:\Program Files\Windows Mobile Device Handbook\Windows Mobile Device Handbook\Bin\DHUninstall.exe
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinUtilities 6.2-->C:\Program Files\WinUtilities\uninst.exe
Wondershare Movie Story GAOTD Edition 4.5.0-->"C:\Program Files\Wondershare\Movie Story\unins000.exe"
Wondershare Photo Collage Studio 4.2.8-->"C:\Program Files\Wondershare\Photo Collage Studio\unins000.exe"
XviD MPEG-4 Codec-->"C:\Program Files\XviD\UninstXviD.exe"
Yahoo! Browser Services-->C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Internet Mail-->C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll
Yahoo! Mail Advisor-->C:\PROGRA~1\Yahoo!\Common\UNINST~1.EXE
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
Yahoo! Widgets-->C:\PROGRA~1\Yahoo!\Widgets\uninstall.exe
ZipGenius 6 (6.0.3.1150)-->"C:\Program Files\ZipGenius 6\unins000.exe"
Zortam Mp3 Player 1.50-->"C:\Program Files\Zortam Mp3 Player\unins000.exe"
Zwei-Stein Video Compositor 3.01 (Beta 2).-->"C:\Program Files\Thugs at Bay\Zwei-Stein\unins000.exe"

======Security center information======

AV: McAfee VirusScan
FW: Norton Internet Worm Protection (disabled)
FW: McAfee Personal Firewall

System event log

Computer Name: PC144942389585
Event Code: 8033
Message: The browser has forced an election on network \Device\NetBT_Tcpip_{F5B2CB93-CFB3-4A7F-8D97-4245440B8D53} because a master browser was stopped.

Record Number: 48195
Source Name: BROWSER
Time Written: 20090119150126.000000-300
Event Type: information
User:

Computer Name: PC144942389585
Event Code: 7036
Message: The Windows Image Acquisition (WIA) service entered the running state.

Record Number: 48194
Source Name: Service Control Manager
Time Written: 20090119150126.000000-300
Event Type: information
User:

Computer Name: PC144942389585
Event Code: 4201
Message: The system detected that network adapter \DEVICE\TCPIP_{7BF2502D-563B-41A5-8862-392721C753E8} was connected to the network,
and has initiated normal operation over the network adapter.

Record Number: 48193
Source Name: Tcpip
Time Written: 20090119150126.000000-300
Event Type: information
User:

Computer Name: PC144942389585
Event Code: 7036
Message: The McAfee Real-time Scanner service entered the running state.

Record Number: 48192
Source Name: Service Control Manager
Time Written: 20090119150125.000000-300
Event Type: information
User:

Computer Name: PC144942389585
Event Code: 7036
Message: The McAfee Real-time Scanner service entered the paused state.

Record Number: 48191
Source Name: Service Control Manager
Time Written: 20090119142722.000000-300
Event Type: information
User:

Application event log

Computer Name: PC144942389585
Event Code: 0
Message: PowerEvent handled successfully by the service.

Record Number: 9872
Source Name: MBackMonitor
Time Written: 20090203195031.000000-300
Event Type: information
User:

Computer Name: PC144942389585
Event Code: 17403
Message: Server resumed execution after being idle 1792 seconds. Reason: timer event.

Record Number: 9871
Source Name: MSSQL$MSSMLBIZ
Time Written: 20090203194826.000000-300
Event Type: information
User:

Computer Name: PC144942389585
Event Code: 0
Message: PowerEvent handled successfully by the service.

Record Number: 9870
Source Name: MBackMonitor
Time Written: 20090203194731.000000-300
Event Type: information
User:

Computer Name: PC144942389585
Event Code: 0
Message: PowerEvent handled successfully by the service.

Record Number: 9869
Source Name: MBackMonitor
Time Written: 20090203194527.000000-300
Event Type: information
User:

Computer Name: PC144942389585
Event Code: 0
Message: PowerEvent handled successfully by the service.

Record Number: 9868
Source Name: MBackMonitor
Time Written: 20090203194327.000000-300
Event Type: information
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\HPQ\IAM\bin;C:\Program Files\ZipGenius 6;C:\Program Files\Encsoft\bin;C:\Program Files\QuickTime\QTSystem;c:\Program Files\Microsoft SQL Server\90\Tools\binn\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------
wordgirl
Active Member
 
Posts: 14
Joined: December 20th, 2008, 8:14 pm

Re: Internet Freezes and Prompts to you Close it

Unread postby peku006 » February 22nd, 2009, 2:40 pm

Hi wordgirl
I do not see anything that does not look OK
can you post that screenshot

Thanks peku006
User avatar
peku006
MRU Emeritus
MRU Emeritus
 
Posts: 3357
Joined: May 14th, 2007, 2:18 pm
Location: Norway

Re: Internet Freezes and Prompts to you Close it

Unread postby wordgirl » February 23rd, 2009, 7:19 pm

Hello,

I have attached the screenshot; this happens a few times a day while I am online. Sometimes after it freezes, I cannot close it without using Task Manager. I also get a Windows error reporting message. I don't have the details of what the latest report contains, but I can save it the next time it happens.
You do not have the required permissions to view the files attached to this post.
wordgirl
Active Member
 
Posts: 14
Joined: December 20th, 2008, 8:14 pm

Re: Internet Freezes and Prompts to you Close it

Unread postby peku006 » February 24th, 2009, 4:53 am

Hi wordgirl

Let's have a look at Windows Event Viewer. It might give us a clue as to what is causing these issues

Go to Start > Run - type in eventvwr <Press Enter>

You will see Application, Security & System listed in the left pane.
  • In the left pane click on Application.
  • Click the gray title "Type" at the top of the source name column in the right pane to sort by type name
  • Look for "Error" & double-click on the most recent 10, and evaluate the event description for any indication of the cause of the problem.
  • Make note of the Description, EventID and Source of these Event Properties.
  • From the right pane, doubleclick on the line where it says error & you should get a window like the example below:
  • Image
  • In the upper right corner of this picture, you should see 2 arrows. One is pointing up & the other, pointing down.
  • There is another button below the 2 arrows. Click once on it. (this will copy some information to clipboard)
  • Open notepad & paste the info in there. This will copy the event information to the clipboard. Paste the information for each event here

Thanks peku006
User avatar
peku006
MRU Emeritus
MRU Emeritus
 
Posts: 3357
Joined: May 14th, 2007, 2:18 pm
Location: Norway

Re: Internet Freezes and Prompts to you Close it

Unread postby NonSuch » March 1st, 2009, 6:06 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27301
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 43 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware