Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Please help!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Please help!

Unread postby wisdomizlife » July 31st, 2010, 4:58 pm

I think my computer is running high on processes. I have avira installed and it keeps blocking some autorun program and then my computer goes wacky. When I get online, I can't open some webpages. or actually, a lot of webpages. If you guys could lend me some assistance, I would greatly appreciate it. thanks again. Here is my HJT and uninstall list logs.



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:51:39 PM, on 7/31/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Arc Angel\My Documents\Hjt\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: FCToolbarURLSearchHook Class - {b843a48a-b70f-45cd-a15a-6c2b30c2c11e} - C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\Helper.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: FCTBPos00Pos - {26A7CA19-7D58-411D-B2DA-F1B0324CBFFC} - C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\Toolbar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll
O3 - Toolbar: Gamers Unite! Snag Bar - {25515A79-C1C7-4B97-97F8-31A711694487} - C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\Toolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Arc Angel\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - S-1-5-18 Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - .DEFAULT User Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8473691578
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 8531583203
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 9471 bytes








Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.3
Avira AntiVir Personal - Free Antivirus
Conexant HD Audio
Customer Experience Enhancement
DivX Setup
ESPNMotion
Gamers Unite! Snag Bar
GemMaster Mystic
HDAUDIO Soft Data Fax Modem with SmartCP
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
HP Help and Support
HP Imaging Device Functions 6.0
HP Pavilion Webcam Demo
HP Photosmart Premier Software 6.0
HP Quick Launch Buttons 6.10 A2
HP QuickPlay 2.3
HP Rhapsody
HP Update
HP User Guides 0036
HP Wireless Assistant 2.00 G2
Intel(R) PRO Network Connections Drivers
Java(TM) 6 Update 20
Junk Mail filter update
Macromedia Flash Player 8
Macromedia Shockwave Player
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Money 2006
Microsoft Office Live Add-in 1.5
Microsoft Office Outlook Connector
Microsoft Office Standard Edition 2003
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Mozilla Firefox (3.6.8)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 5.0
NetWaiting
NVIDIA Drivers
Office 2003 Trial Assistant
Otto
Quicken 2006
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB982381)
Segoe UI
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic Express Labeler
Sonic MyDVD Plus
Sonic Update Manager
SonicAC3Encoder
SonicMPEGEncoder
Synaptics Pointing Device Driver
TourSetup
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows Media Player 10 (KB910393)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.4053
Vongo
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Management Framework Core
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Search 4.0
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
Wireless Home Network Setup
Zynga Toolbar
wisdomizlife
Active Member
 
Posts: 8
Joined: April 7th, 2010, 6:16 pm
Advertisement
Register to Remove

Re: Please help!

Unread postby MWR 3 day Mod » August 3rd, 2010, 4:24 pm

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am

Re: Please help!

Unread postby melboy » August 3rd, 2010, 7:36 pm

Hi and welcome to the MR forums. :)

I'm melboy and I am going to try to help you with your problem. Please take note of the following:

  1. I will be working on your Malware issues this may or may not solve other issues you have with your machine.
  2. The fixes are specific to your problem and should only be used for this issue on this machine.
  3. If you don't know or understand something, please don't hesitate to ask.
  4. Please refrain from making any further changes to your computer (Install/Uninstall programs, delete files, edit the registry, etc...)
  5. Please DO NOT run any other tools or scans whilst I am helping you.
  6. It is important that you reply to this thread. Do not start a new topic.
  7. DO NOT attach logs unless requested to. Please copy/paste all requested logs into your replies.
  8. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  9. Absence of symptoms does not mean that everything is clear.


NOTE: Please take time to read the Malware Removal Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.


IMPORTANT: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.



No Reply Within 3 Days Will Result In Your Topic Being Closed!! If you need more time, please inform me.


=================================


Fix HijackThis entries
  • Run HijackThis
  • Click on the do a system scan only button
  • Put a check beside all of the items listed below (if present):

    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    R3 - URLSearchHook: (no name) - - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

  • Close all open windows and browsers/email etc...
  • Click on the Fix Checked button
  • When completed close the application.

REBOOT



TFC

  • Please download TFC by Old Timer to your desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Double-click TFC.exe to run the program.
  • Click the Start button in the bottom left of TFC
  • If prompted, click "Yes" to reboot.

Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.



Malwarebytes' Anti-Malware (MBAM)

Please download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform Quick scan, then click on Scan
  • When done, you will be prompted. Click OK. If Items are found, then click on Show Results
  • Check all items then click on Remove Selected
  • After it has removed the items, Notepad will open. Please post this log in your next reply.

    The log can also be found here:
    1. C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
    2. Or via the Logs tab when the application is started.

Note: MBAM may ask to reboot your computer so it can continue with the removal process, please do so immediately.
Failure to reboot will prevent MBAM from removing all the malware.



random's system information tool (RSIT)

  • Download random's system information tool (RSIT) by random/random from HERE and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open:
    • log.txt (<<will be maximized)
    • info.txt (<<will be minimized)
  • Post both of these logs in your next reply (Sometimes you have to make several post to get the logs posted.)



In your next reply:
  1. RSIT log.txt
  2. RSIT info.txt
  3. MBAM log
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Please help!

Unread postby wisdomizlife » August 4th, 2010, 5:20 pm

Here are all three logs.


Logfile of random's system information tool 1.08 (written by random/random)
Run by Arc Angel at 2010-08-04 17:11:19
Microsoft Windows XP Professional Service Pack 3
System drive C: has 42 GB (67%) free of 63 GB
Total RAM: 2046 MB (74% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3383821861-1699414857-1321467403-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3383821861-1699414857-1321467403-1005UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26A7CA19-7D58-411D-B2DA-F1B0324CBFFC}]
Gamers Unite! Snag Bar BHO - C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\Toolbar.dll [2010-07-28 1498624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
Zynga Toolbar - C:\Program Files\Zynga\tbZyng.dll [2010-06-13 2734688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-17 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7b13ec3e-999a-4b70-b9cb-2617b8323822} - Zynga Toolbar - C:\Program Files\Zynga\tbZyng.dll [2010-06-13 2734688]
{25515A79-C1C7-4B97-97F8-31A711694487} - Gamers Unite! Snag Bar - C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\Toolbar.dll [2010-07-28 1498624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-06 64512]
"hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2006-05-04 458752]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-09-27 7585792]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-07-20 86016]
"nwiz"=nwiz.exe /installquiet /nodetect []
"MsmqIntCert"=regsvr32 /s mqrt.dll []
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\CHDAudPropShortcut.exe [2006-07-26 61952]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1040384]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2006-07-19 102400]
""= []
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2006-06-19 163840]
"Cpqset"=C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [2006-06-19 40960]
"RecGuard"=C:\Windows\SMINST\RecGuard.exe [2005-10-11 1187840]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-19 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Documents and Settings\Arc Angel\My Documents\Programs\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-10-18 204288]
"Google Update"=C:\Documents and Settings\Arc Angel\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-22 136176]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing"
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\TroubleShooter.exe"="C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\TroubleShooter.exe:*:Enabled:Gamers Unite! Snag Bar (Helper)"
"C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\ToolbarUpdate.exe"="C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\ToolbarUpdate.exe:*:Enabled:Gamers Unite! Snag Bar (Update)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

======List of files/folders created in the last 1 months======

2010-08-04 17:11:19 ----D---- C:\rsit
2010-08-04 17:11:19 ----D---- C:\Program Files\trend micro
2010-08-04 16:54:26 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Malwarebytes
2010-08-04 16:54:20 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-08-04 16:54:18 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-08-04 16:54:18 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-08-03 15:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-01 14:27:58 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-01 14:27:58 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-01 14:27:58 ----A---- C:\WINDOWS\system32\java.exe
2010-07-28 21:29:23 ----D---- C:\Documents and Settings\Arc Angel\Application Data\HP
2010-07-28 15:47:31 ----D---- C:\Documents and Settings\Arc Angel\Application Data\FCTB000062781
2010-07-23 17:41:47 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Windows Search
2010-07-22 17:41:09 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2010-07-21 21:04:38 ----D---- C:\Program Files\Conduit
2010-07-21 21:04:37 ----D---- C:\Program Files\Zynga
2010-07-14 06:47:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-07-09 18:42:46 ----D---- C:\WINDOWS\system32\winrm
2010-07-09 18:42:46 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2010-07-09 18:42:43 ----HDC---- C:\WINDOWS\$968930Uinstall_KB968930$
2010-07-09 18:42:41 ----D---- C:\WINDOWS\$NtUninstallKB968930$
2010-07-08 08:02:28 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-07-08 02:20:28 ----D---- C:\Documents and Settings\Arc Angel\Application Data\DivX
2010-07-08 02:20:15 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2010-07-08 02:20:15 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2010-07-08 02:20:15 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2010-07-08 02:20:15 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2010-07-08 02:20:15 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2010-07-08 02:20:15 ----N---- C:\WINDOWS\system32\pxafs.dll
2010-07-08 02:20:15 ----N---- C:\WINDOWS\system32\drivers\cdralw2k.sys
2010-07-08 02:20:15 ----N---- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2010-07-08 02:19:54 ----D---- C:\Program Files\Common Files\DivX Shared
2010-07-08 02:16:00 ----D---- C:\Documents and Settings\All Users\Application Data\DivX
2010-07-08 00:37:20 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-07-08 00:37:20 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-07-07 23:37:07 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2010-07-07 23:36:45 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2010-07-07 23:36:19 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-07-07 23:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-07-07 23:34:26 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-07-07 21:37:57 ----D---- C:\WINDOWS\system32\XPSViewer
2010-07-07 21:37:55 ----D---- C:\Program Files\MSBuild
2010-07-07 21:37:50 ----D---- C:\Program Files\Reference Assemblies
2010-07-07 21:37:35 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-07-07 21:37:35 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-07-07 21:37:35 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-07-07 17:59:08 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2010-07-07 17:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-07-07 17:02:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2010-07-07 17:02:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-07-07 17:02:31 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-07-07 17:02:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-07-07 17:02:20 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-07-07 17:02:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-07-07 17:01:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-07-07 17:01:27 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2010-07-07 17:01:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-07-07 17:00:46 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Windows Desktop Search
2010-07-07 17:00:15 ----D---- C:\Program Files\Windows Desktop Search
2010-07-07 17:00:14 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-07-07 17:00:06 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2010-07-07 16:59:58 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2010-07-07 16:59:45 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-07-07 16:59:44 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2010-07-07 16:59:19 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2010-07-07 16:58:38 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-07-07 16:58:18 ----D---- C:\WINDOWS\system32\LogFiles
2010-07-07 16:58:18 ----D---- C:\WINDOWS\system32\drivers\UMDF
2010-07-07 16:58:15 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-07-07 16:57:43 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2010-07-07 16:55:14 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2010-07-07 15:59:46 ----D---- C:\Program Files\Microsoft Silverlight
2010-07-07 15:59:31 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2010-07-07 15:56:23 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-07-07 15:56:18 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-07-07 15:55:57 ----HDC---- C:\WINDOWS\$NtUninstallKB954708$
2010-07-07 15:55:07 ----D---- C:\Program Files\Microsoft
2010-07-07 15:54:51 ----D---- C:\Program Files\Windows Live SkyDrive
2010-07-07 15:54:29 ----D---- C:\Program Files\Windows Live
2010-07-07 15:34:02 ----D---- C:\Program Files\Common Files\Windows Live
2010-07-07 02:22:36 ----D---- C:\Program Files\HP Pavilion Webcam Demo
2010-07-07 02:17:51 ----ASH---- C:\Documents and Settings\Arc Angel\Application Data\desktop.ini
2010-07-07 02:17:48 ----SD---- C:\Documents and Settings\Arc Angel\Application Data\Microsoft
2010-07-07 02:17:48 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Macromedia
2010-07-07 02:17:48 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Intuit
2010-07-07 02:17:48 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Identities
2010-07-07 02:11:00 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
2010-07-07 02:11:00 ----A---- C:\WINDOWS\system32\kbdusa.dll
2010-07-07 02:11:00 ----A---- C:\WINDOWS\system32\c_iscii.dll
2010-07-07 02:10:59 ----A---- C:\WINDOWS\system32\ftlx041e.dll
2010-07-07 02:09:04 ----ASH---- C:\hiberfil.sys
2010-07-07 02:09:03 ----ASH---- C:\pagefile.sys
2010-07-07 01:37:06 ----SHD---- C:\System Volume Information
2010-07-07 01:22:32 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-07-07 01:22:20 ----D---- C:\Program Files\Common Files\Adobe
2010-07-07 01:13:08 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Mozilla
2010-07-07 01:11:48 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-07-07 01:11:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-07-07 01:11:39 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-07-07 01:11:34 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-07-07 01:11:30 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-07-07 01:11:24 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-07-07 01:11:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-07-07 01:11:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-07-07 01:11:09 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-07-07 01:11:03 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-07-07 01:10:59 ----HDC---- C:\WINDOWS\$NtUninstallKB979904$
2010-07-07 01:10:48 ----D---- C:\Program Files\Mozilla Firefox
2010-07-07 01:10:42 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-07-07 01:10:36 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$
2010-07-07 01:10:31 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-07-07 01:10:25 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-07-07 01:10:20 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-07-07 01:10:15 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-07-07 01:09:45 ----D---- C:\WINDOWS\ie8updates
2010-07-07 01:09:34 ----D---- C:\WINDOWS\WBEM
2010-07-07 01:09:22 ----HDC---- C:\WINDOWS\ie8
2010-07-07 01:05:14 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-07-07 01:05:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-07-07 01:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-07-07 01:05:01 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-07-07 01:04:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-07-07 01:04:53 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-07-07 01:04:48 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-07-07 01:04:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-07-07 01:04:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-07-07 01:04:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-07-07 01:04:24 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-07-07 01:04:20 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-07-07 01:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-07-07 01:04:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-07-07 01:04:05 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-07-07 01:04:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-07-07 01:03:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-07-07 01:03:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-07-07 01:03:46 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-07-07 01:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-07-07 01:03:27 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-07-07 01:03:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-07-07 01:03:15 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-07-07 01:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-07-07 01:03:07 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-07-07 01:03:02 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2010-07-07 00:57:18 ----A---- C:\WINDOWS\system32\MRT.exe
2010-07-07 00:57:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-07-07 00:57:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-07-07 00:56:58 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-07-07 00:56:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-07-07 00:56:50 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-07-07 00:56:11 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-07-07 00:56:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-07-07 00:55:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973768$
2010-07-07 00:55:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-07-07 00:55:39 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-07-07 00:55:35 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-07-07 00:55:31 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-07-07 00:55:27 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-07-07 00:55:22 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-07-07 00:55:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-07-07 00:55:14 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-07-07 00:55:10 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-07-07 00:55:06 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-07-07 00:55:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-07-07 00:54:54 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$
2010-07-07 00:54:43 ----D---- C:\Program Files\MSXML 4.0
2010-07-07 00:54:32 ----HDC---- C:\WINDOWS\$NtUninstallKB953295$
2010-07-07 00:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-07-07 00:54:10 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2010-07-07 00:53:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-07-07 00:53:36 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-07-07 00:49:32 ----SHD---- C:\RECYCLER
2010-07-07 00:28:51 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2010-07-07 00:28:50 ----D---- C:\Program Files\Avira
2010-07-07 00:28:50 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2010-07-07 00:28:50 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2010-07-07 00:28:50 ----A---- C:\WINDOWS\system32\drivers\avgntmgr.sys
2010-07-07 00:28:50 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2010-07-07 00:28:50 ----A---- C:\WINDOWS\system32\drivers\avgntdd.sys
2010-07-07 00:09:35 ----D---- C:\Documents and Settings\Arc Angel\Application Data\AdobeUM
2010-07-07 00:09:08 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Adobe
2010-07-07 00:06:18 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2010-07-07 00:03:08 ----D---- C:\WINDOWS\Prefetch
2010-07-06 23:56:38 ----D---- C:\WINDOWS\system32\scripting
2010-07-06 23:56:38 ----D---- C:\WINDOWS\system32\en-us
2010-07-06 23:56:37 ----D---- C:\WINDOWS\system32\en
2010-07-06 23:56:37 ----D---- C:\WINDOWS\system32\bits
2010-07-06 23:56:37 ----D---- C:\WINDOWS\l2schemas
2010-07-06 23:55:17 ----D---- C:\WINDOWS\ServicePackFiles
2010-07-06 23:54:11 ----D---- C:\WINDOWS\network diagnostic
2010-07-06 23:52:24 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-07-06 23:49:55 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2010-07-06 23:49:55 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2010-07-06 23:49:55 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2010-07-06 23:49:55 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2010-07-06 23:49:55 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2010-07-06 23:49:55 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2010-07-06 23:49:53 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2010-07-06 23:49:53 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2010-07-06 23:49:53 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2010-07-06 23:49:52 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2010-07-06 23:49:52 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2010-07-06 23:49:52 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2010-07-06 23:49:51 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2010-07-06 23:49:51 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2010-07-06 23:49:50 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2010-07-06 23:49:50 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2010-07-06 23:49:47 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2010-07-06 23:49:47 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2010-07-06 23:49:47 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2010-07-06 23:49:20 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2010-07-06 23:44:48 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-07-06 23:44:08 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-07-06 23:41:58 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Sun
2010-07-06 23:37:46 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2010-07-06 23:37:36 ----D---- C:\WINDOWS\system32\PreInstall
2010-07-06 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-07-06 23:36:40 ----D---- C:\Documents and Settings\Arc Angel\Application Data\HpUpdate
2010-07-06 23:36:39 ----D---- C:\WINDOWS\Hewlett-Packard
2010-07-06 23:35:27 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-07-06 23:35:27 ----A---- C:\WINDOWS\system32\wups2.dll
2010-07-06 23:35:27 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2010-07-06 23:35:27 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2010-07-06 23:35:27 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2010-07-06 23:29:14 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Netscape
2010-07-06 23:25:58 ----D---- C:\WINDOWS\system32\appmgmt
2010-07-06 23:21:49 ----A---- C:\WINDOWS\system32\LuResult.txt

======List of files/folders modified in the last 1 months======

2010-08-04 17:11:19 ----D---- C:\Program Files
2010-08-04 16:54:20 ----D---- C:\WINDOWS\system32\drivers
2010-08-04 16:52:40 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2010-08-04 16:52:37 ----D---- C:\WINDOWS\Registration
2010-08-04 16:52:34 ----D---- C:\WINDOWS
2010-08-04 16:52:15 ----D---- C:\WINDOWS\temp
2010-08-04 16:51:11 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-04 16:51:10 ----A---- C:\hpqp.ini
2010-08-04 16:50:23 ----A---- C:\XP_TV.ini
2010-08-04 16:49:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-04 15:52:46 ----HD---- C:\WINDOWS\inf
2010-08-03 15:51:23 ----D---- C:\WINDOWS\system32
2010-08-03 15:00:20 ----RSHD---- C:\WINDOWS\system32\dllcache
2010-08-03 06:45:04 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-01 14:28:06 ----SHD---- C:\WINDOWS\Installer
2010-08-01 14:28:05 ----D---- C:\Program Files\Common Files\Java
2010-08-01 14:27:55 ----D---- C:\Program Files\Java
2010-07-28 15:48:01 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-07-27 02:30:35 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-22 18:24:03 ----SD---- C:\WINDOWS\Tasks
2010-07-22 18:08:12 ----D---- C:\Program Files\Yahoo!
2010-07-18 08:24:31 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-07-14 06:47:41 ----A---- C:\WINDOWS\imsins.BAK
2010-07-12 05:39:56 ----D---- C:\WINDOWS\ehome
2010-07-11 23:16:28 ----D---- C:\WINDOWS\system32\CatRoot
2010-07-09 23:15:42 ----D---- C:\WINDOWS\Microsoft.NET
2010-07-09 23:15:35 ----RSD---- C:\WINDOWS\assembly
2010-07-09 18:51:08 ----D---- C:\WINDOWS\security
2010-07-09 18:47:57 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-09 18:44:01 ----D---- C:\WINDOWS\WinSxS
2010-07-09 18:43:33 ----D---- C:\Program Files\Microsoft.NET
2010-07-09 18:42:52 ----D---- C:\WINDOWS\system32\config
2010-07-09 18:42:51 ----D---- C:\WINDOWS\Help
2010-07-09 18:42:46 ----D---- C:\WINDOWS\system32\wbem
2010-07-09 18:42:32 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-07-08 02:19:54 ----D---- C:\Program Files\Common Files
2010-07-07 23:38:16 ----A---- C:\WINDOWS\win.ini
2010-07-07 21:37:53 ----RSD---- C:\WINDOWS\Fonts
2010-07-07 21:37:42 ----D---- C:\WINDOWS\system32\spool
2010-07-07 21:36:41 ----D---- C:\Program Files\Internet Explorer
2010-07-07 17:01:39 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-07-07 16:59:26 ----D---- C:\Program Files\Windows Media Connect 2
2010-07-07 16:59:24 ----D---- C:\Program Files\Windows Media Player
2010-07-07 16:55:17 ----D---- C:\Program Files\CONEXANT
2010-07-07 15:59:32 ----D---- C:\Program Files\Common Files\System
2010-07-07 15:56:24 ----D---- C:\WINDOWS\system32\DirectX
2010-07-07 02:23:26 ----HD---- C:\System.sav
2010-07-07 02:23:26 ----D---- C:\SWSetup
2010-07-07 02:22:36 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-07 02:22:16 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-07-07 02:19:11 ----D---- C:\hp
2010-07-07 02:19:07 ----AD---- C:\WINDOWS\system32\pcintro
2010-07-07 02:17:47 ----D---- C:\Documents and Settings
2010-07-07 02:16:29 ----RASH---- C:\boot.ini
2010-07-07 02:11:01 ----A---- C:\WINDOWS\system.ini
2010-07-07 02:05:04 ----RD---- C:\WINDOWS\Web
2010-07-07 02:05:02 ----D---- C:\WINDOWS\twain_32
2010-07-07 02:04:47 ----D---- C:\WINDOWS\system32\URTTemp
2010-07-07 02:04:36 ----D---- C:\WINDOWS\system32\ras
2010-07-07 02:04:19 ----D---- C:\WINDOWS\system32\mui
2010-07-07 02:04:13 ----D---- C:\WINDOWS\system32\msmq
2010-07-07 02:04:10 ----D---- C:\WINDOWS\system32\MsDtc
2010-07-07 02:04:08 ----SD---- C:\WINDOWS\system32\Microsoft
2010-07-07 02:04:07 ----D---- C:\WINDOWS\system32\Macromed
2010-07-07 02:04:00 ----D---- C:\WINDOWS\system32\IME
2010-07-07 02:04:00 ----D---- C:\WINDOWS\system32\icsxml
2010-07-07 02:04:00 ----D---- C:\WINDOWS\system32\ias
2010-07-07 02:03:50 ----D---- C:\WINDOWS\system32\drivers\etc
2010-07-07 02:03:31 ----D---- C:\WINDOWS\system32\1033
2010-07-07 02:03:30 ----D---- C:\WINDOWS\SMINST
2010-07-07 02:03:30 ----D---- C:\WINDOWS\SHELLNEW
2010-07-07 02:03:27 ----D---- C:\WINDOWS\Resources
2010-07-07 02:03:26 ----D---- C:\WINDOWS\repair
2010-07-07 02:03:23 ----D---- C:\WINDOWS\RegisteredPackages
2010-07-07 02:03:17 ----D---- C:\WINDOWS\Provisioning
2010-07-07 02:03:17 ----D---- C:\WINDOWS\pchealth
2010-07-07 02:02:47 ----RD---- C:\WINDOWS\Offline Web Pages
2010-07-07 02:02:47 ----D---- C:\WINDOWS\nview
2010-07-07 02:02:47 ----D---- C:\WINDOWS\msapps
2010-07-07 02:02:32 ----D---- C:\WINDOWS\java
2010-07-07 02:01:01 ----D---- C:\WINDOWS\Driver Cache
2010-07-07 02:01:00 ----D---- C:\WINDOWS\Downloaded Installations
2010-07-07 02:00:59 ----D---- C:\WINDOWS\Cursors
2010-07-07 02:00:57 ----D---- C:\WINDOWS\CREATOR
2010-07-07 02:00:37 ----HDC---- C:\WINDOWS\$NtUninstallWMCSetup$
2010-07-07 02:00:37 ----HD---- C:\WINDOWS\$NtUninstallKB915381$
2010-07-07 02:00:36 ----HD---- C:\WINDOWS\$NtUninstallKB913580$
2010-07-07 02:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB912436$
2010-07-07 02:00:35 ----HD---- C:\WINDOWS\$NtUninstallKB913446$
2010-07-07 02:00:35 ----HD---- C:\WINDOWS\$NtUninstallKB912919$
2010-07-07 02:00:35 ----HD---- C:\WINDOWS\$NtUninstallKB912067$
2010-07-07 02:00:34 ----HD---- C:\WINDOWS\$NtUninstallKB911927$
2010-07-07 02:00:32 ----HD---- C:\WINDOWS\$NtUninstallKB911565$
2010-07-07 02:00:32 ----HD---- C:\WINDOWS\$NtUninstallKB911564$
2010-07-07 02:00:32 ----HD---- C:\WINDOWS\$NtUninstallKB911164$
2010-07-07 02:00:32 ----HD---- C:\WINDOWS\$NtUninstallKB910728$
2010-07-07 02:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB909095$
2010-07-07 02:00:31 ----HD---- C:\WINDOWS\$NtUninstallKB910393$
2010-07-07 02:00:29 ----HD---- C:\WINDOWS\$NtUninstallKB908519$
2010-07-07 02:00:29 ----HD---- C:\WINDOWS\$NtUninstallKB904706$
2010-07-07 02:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB896256$
2010-07-07 02:00:28 ----HD---- C:\WINDOWS\$NtUninstallKB903235$
2010-07-07 02:00:28 ----HD---- C:\WINDOWS\$NtUninstallKB901214$
2010-07-07 02:00:28 ----HD---- C:\WINDOWS\$NtUninstallKB901190$
2010-07-07 02:00:28 ----HD---- C:\WINDOWS\$NtUninstallKB896727$
2010-07-07 02:00:28 ----HD---- C:\WINDOWS\$NtUninstallKB896423$
2010-07-07 02:00:28 ----HD---- C:\WINDOWS\$NtUninstallKB896422$
2010-07-07 02:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB892559$
2010-07-07 02:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB890546$
2010-07-07 02:00:27 ----HD---- C:\WINDOWS\$NtUninstallKB893066$
2010-07-07 02:00:27 ----HD---- C:\WINDOWS\$NtUninstallKB891781$
2010-07-07 02:00:27 ----HD---- C:\WINDOWS\$NtUninstallKB891220$
2010-07-07 02:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB888239$
2010-07-07 02:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2010-07-07 02:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB885855$
2010-07-07 02:00:26 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-07-07 02:00:26 ----HD---- C:\WINDOWS\$NtUninstallKB888113$
2010-07-07 02:00:26 ----HD---- C:\WINDOWS\$NtUninstallKB885250$
2010-07-07 01:53:47 ----D---- C:\Program Files\xerox
2010-07-07 01:53:45 ----D---- C:\Program Files\Windows Plus
2010-07-07 01:53:28 ----D---- C:\Program Files\Synaptics
2010-07-07 01:53:26 ----D---- C:\Program Files\Sonic
2010-07-07 01:52:50 ----D---- C:\Program Files\RGB
2010-07-07 01:52:50 ----D---- C:\Program Files\Quickensetup
2010-07-07 01:52:40 ----D---- C:\Program Files\Quicken
2010-07-07 01:52:24 ----D---- C:\Program Files\Online Services
2010-07-07 01:51:19 ----D---- C:\Program Files\NetWaiting
2010-07-07 01:51:01 ----D---- C:\Program Files\Netscape
2010-07-07 01:50:45 ----D---- C:\Program Files\muvee Technologies
2010-07-07 01:50:45 ----D---- C:\Program Files\music_now
2010-07-07 01:50:44 ----D---- C:\Program Files\MSN Gaming Zone
2010-07-07 01:50:42 ----D---- C:\Program Files\MSN
2010-07-07 01:50:41 ----D---- C:\Program Files\Microsoft Works
2010-07-07 01:50:12 ----D---- C:\Program Files\Microsoft Office Trial Wizard
2010-07-07 01:50:10 ----D---- C:\Program Files\Microsoft Office
2010-07-07 01:49:48 ----D---- C:\Program Files\Microsoft Money 2006
2010-07-07 01:49:31 ----D---- C:\Program Files\microsoft frontpage
2010-07-07 01:49:31 ----D---- C:\Program Files\Microsoft ActiveSync
2010-07-07 01:49:10 ----D---- C:\Program Files\HPQ
2010-07-07 01:49:10 ----D---- C:\Program Files\HP Rhapsody
2010-07-07 01:45:14 ----D---- C:\Program Files\Hewlett-Packard
2010-07-07 01:44:49 ----D---- C:\Program Files\GemMaster
2010-07-07 01:44:47 ----D---- C:\Program Files\ESPNMotion
2010-07-07 01:44:47 ----D---- C:\Program Files\EnglishOtto
2010-07-07 01:44:45 ----D---- C:\Program Files\Encarta Online
2010-07-07 01:44:45 ----D---- C:\Program Files\DIGStream
2010-07-07 01:44:44 ----D---- C:\Program Files\Common Files\TiVo Shared
2010-07-07 01:44:19 ----D---- C:\Program Files\Common Files\SureThing Shared
2010-07-07 01:44:19 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-07-07 01:44:19 ----D---- C:\Program Files\Common Files\Sonic Shared
2010-07-07 01:44:16 ----D---- C:\Program Files\Common Files\Services
2010-07-07 01:44:16 ----D---- C:\Program Files\Common Files\Palo Alto Software
2010-07-07 01:44:16 ----D---- C:\Program Files\Common Files\ODBC
2010-07-07 01:44:16 ----D---- C:\Program Files\Common Files\muvee Technologies
2010-07-07 01:44:06 ----D---- C:\Program Files\Common Files\MSSoap
2010-07-07 01:43:50 ----D---- C:\Program Files\Common Files\LightScribe
2010-07-07 01:43:45 ----D---- C:\Program Files\Common Files\Intuit
2010-07-07 01:43:44 ----D---- C:\Program Files\Common Files\InstallShield
2010-07-07 01:43:39 ----D---- C:\Program Files\Common Files\HP
2010-07-07 01:43:39 ----D---- C:\Program Files\Common Files\DESIGNER
2010-07-07 01:42:57 ----RHD---- C:\MSOCache
2010-07-07 01:42:38 ----D---- C:\I386
2010-07-07 01:41:58 ----D---- C:\WINDOWS\AppPatch
2010-07-07 01:38:01 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
2010-07-07 01:38:01 ----D---- C:\Documents and Settings\All Users\Application Data\SBSI
2010-07-07 01:37:54 ----D---- C:\Documents and Settings\All Users\Application Data\Intuit
2010-07-07 01:37:54 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2010-07-07 01:37:54 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2010-07-07 01:37:53 ----D---- C:\Documents and Settings\All Users\Application Data\DIGStream
2010-07-07 01:37:53 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2010-07-07 01:37:49 ----D---- C:\2d54cd5d5ba8bb75e61d762d149f
2010-07-07 01:22:20 ----D---- C:\Program Files\Adobe
2010-07-07 01:11:31 ----D---- C:\Program Files\Messenger
2010-07-07 01:09:31 ----D---- C:\WINDOWS\Media
2010-07-07 01:04:21 ----D---- C:\Program Files\Movie Maker
2010-07-07 01:02:18 ----D---- C:\Program Files\WildTangent
2010-07-07 01:01:50 ----D---- C:\Documents and Settings\All Users\Application Data\WildTangent
2010-07-07 00:57:21 ----D---- C:\WINDOWS\Debug
2010-07-07 00:55:45 ----D---- C:\Program Files\Outlook Express
2010-07-07 00:33:27 ----D---- C:\WINDOWS\SoftwareDistribution
2010-07-07 00:03:58 ----A---- C:\WINDOWS\OEWABLog.txt
2010-07-07 00:03:12 ----A---- C:\WINDOWS\setuplog.txt
2010-07-07 00:02:44 ----D---- C:\WINDOWS\system32\Setup
2010-07-06 23:56:44 ----D---- C:\WINDOWS\system32\inetsrv
2010-07-06 23:56:44 ----D---- C:\WINDOWS\ime
2010-07-06 23:56:38 ----D---- C:\WINDOWS\system32\usmt
2010-07-06 23:56:37 ----D---- C:\WINDOWS\PeerNet
2010-07-06 23:55:11 ----D---- C:\WINDOWS\system32\Restore
2010-07-06 23:55:11 ----D---- C:\WINDOWS\system32\npp
2010-07-06 23:55:11 ----D---- C:\WINDOWS\mui
2010-07-06 23:55:11 ----D---- C:\WINDOWS\msagent
2010-07-06 23:55:10 ----D---- C:\WINDOWS\srchasst
2010-07-06 23:55:09 ----D---- C:\WINDOWS\system32\Com
2010-07-06 23:55:09 ----D---- C:\Program Files\NetMeeting
2010-07-06 23:55:08 ----D---- C:\Program Files\Windows NT
2010-07-06 23:55:01 ----D---- C:\WINDOWS\system32\oobe
2010-07-06 23:55:00 ----D---- C:\WINDOWS\system
2010-07-06 23:36:50 ----D---- C:\Program Files\HP
2010-07-06 23:33:09 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-07-06 23:33:09 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2005-10-13 874240]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-04-27 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ; C:\WINDOWS\System32\Drivers\5U870CAP.sys [2006-06-06 61952]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2008-12-05 241296]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2008-04-28 9344]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2006-07-26 581632]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-11-01 989696]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-11-01 211456]
R3 MQAC;Message Queuing access control; \??\C:\WINDOWS\system32\drivers\mqac.sys []
R3 NETw5x32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-11-17 3636864]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-09-27 3694656]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-12-22 51840]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-11-01 308992]
R3 RMCAST;Reliable Multicast Protocol driver; \??\C:\WINDOWS\system32\drivers\RMCast.sys []
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-03-28 224672]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-11-01 731520]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-12 57320]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2006-07-06 47744]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-21 1429632]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-18 13952]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-06 102912]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-06 99328]
R2 MSMQ;Message Queuing; C:\WINDOWS\system32\mqsvc.exe [2008-04-13 4608]
R2 MSMQTriggers;Message Queuing Triggers; C:\WINDOWS\system32\mqtgsvc.exe [2008-04-13 117248]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-05-18 49152]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-20 143426]
S3 AddFiltr;AddFiltr; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe [2006-06-12 126976]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------



info.txt logfile of random's system information tool 1.08 2010-08-04 17:11:24

======Uninstall list======

-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{939F8208-C8CE-4AFF-B7BA-ACEB2E74A6CB}\Setup.exe"
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin
Adobe Reader 9.3.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_HDAUDIO\HXFSETUP.EXE -U -IAt8VEN5a.inf
Customer Experience Enhancement-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033
DivX Setup-->C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
ESPNMotion-->C:\PROGRA~1\ESPNMO~1\UNWISE.EXE /u C:\PROGRA~1\ESPNMO~1\INSTALL.LOG
Gamers Unite! Snag Bar-->C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\Uninst.exe
GemMaster Mystic-->"C:\Program Files\GemMaster\uninstallgemmaster.exe"
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VENICE_HSF\UIU32m.exe -U -IwqcVen5m.inf
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB954708)-->"C:\WINDOWS\$NtUninstallKB954708$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
HP Help and Support-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x9 -removeonly
HP Imaging Device Functions 6.0-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Pavilion Webcam Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC397D90-720E-426D-B381-0A10C6FD5A49}\setup.exe" -l0x9 -removeonly
HP Photosmart Premier Software 6.0-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Quick Launch Buttons 6.10 A2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -l0x9 -removeonly uninst
HP QuickPlay 2.3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe" -uninstall
HP Rhapsody-->C:\PROGRA~1\HPRHAP~1\Unwise32.exe /A C:\PROGRA~1\HPRHAP~1\install.log
HP Update-->MsiExec.exe /X{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}
HP User Guides 0036-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4180B60-0239-48DE-89EF-2CE4C3650A71}\Setup.exe" -l0x9 -removeonly
HP Wireless Assistant 2.00 G2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x9 hpquninst
Intel(R) PRO Network Connections Drivers-->Prounstl.exe
Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
Junk Mail filter update-->MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE906D59619}
Macromedia Flash Player 8-->MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46}
Macromedia Shockwave Player-->MsiExec.exe /X{838A1BC9-95CA-4880-9BE3-2A7D23600A2B}
Malwarebytes' Anti-Malware-->"C:\Documents and Settings\Arc Angel\My Documents\Programs\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.0 Hotfix (KB953295)-->"C:\WINDOWS\$NtUninstallKB953295$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.0 Hotfix (KB979904)-->"C:\WINDOWS\$NtUninstallKB979904$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Base Smart Card Cryptographic Service Provider Package-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Money 2006-->"C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft Office Live Add-in 1.5-->MsiExec.exe /I{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-0409-0000-0000000FF1CE}
Microsoft Office Standard Edition 2003-->MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Mozilla Firefox (3.6.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
muvee autoProducer 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB09F05F-85C6-4205-B28D-5BF071D276C3}\setup.exe" -l0x9
NetWaiting-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Office 2003 Trial Assistant-->MsiExec.exe /I{47D2103B-FD51-4017-9C20-DD408B17D726}
Otto-->"C:\Program Files\EnglishOtto\uninstallotto.exe"
Quicken 2006-->MsiExec.exe /X{2818095F-FB6C-42C8-827E-0A406CC9AFF5}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982381)-->"C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sonic Audio Module-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic Copy Module-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic Data Module-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SonicAC3Encoder-->MsiExec.exe /I{52FBAE98-D389-4281-8C14-21B4046CCB4E}
SonicMPEGEncoder-->MsiExec.exe /I{B16AF568-A644-483C-A6DA-5028CD019C8C}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TourSetup-->MsiExec.exe /I{A01FC76F-CC09-4658-9E37-5C2F635EE708}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Windows (KB971513)-->"C:\WINDOWS\$NtUninstallKB971513$\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB982632)-->"C:\WINDOWS\ie8updates\KB982632-IE8\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Vongo-->MsiExec.exe /I{DB7E00C9-6DEF-489A-8112-D8F81614F45A}
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{E6158D07-2637-4ECF-B576-37C489669174}
Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
Windows Live Mail-->MsiExec.exe /I{6412CECE-8172-4BE5-935B-6CECACD2CA87}
Windows Live Messenger-->MsiExec.exe /X{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}
Windows Live Photo Gallery-->MsiExec.exe /X{EE39FFBD-544E-49E4-A999-6819828EAE91}
Windows Live Sync-->MsiExec.exe /X{B10914FD-8812-47A4-85A1-50FCDE7F1F33}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Writer-->MsiExec.exe /X{178832DE-9DE0-4C87-9F82-9315A9B03985}
Windows Management Framework Core-->"C:\WINDOWS\$968930Uinstall_KB968930$\spuninst\spuninst.exe"
Windows Media Connect-->"C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Wireless Home Network Setup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{09D8492A-C8E2-421E-927D-46800FB327A3}\setup.exe" -l0x9 -removeonly
Zynga Toolbar-->C:\PROGRA~1\Zynga\UNWISE.EXE /U C:\PROGRA~1\Zynga\INSTALL.LOG

======Hosts File======

127.0.0.1 localhost
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: DEMON
Event Code: 10010
Message: The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register with DCOM within the required timeout.

Record Number: 1563
Source Name: DCOM
Time Written: 20100715061119.000000-240
Event Type: error
User: NT AUTHORITY\SYSTEM

Computer Name: DEMON
Event Code: 7031
Message: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Record Number: 1561
Source Name: Service Control Manager
Time Written: 20100715061018.000000-240
Event Type: error
User:

Computer Name: DEMON
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 0018DE45CEFE. The following
error occurred:
The operation was canceled by the user.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Record Number: 1544
Source Name: Dhcp
Time Written: 20100715060909.000000-240
Event Type: warning
User:

Computer Name: DEMON
Event Code: 7031
Message: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Record Number: 1539
Source Name: Service Control Manager
Time Written: 20100715003747.000000-240
Event Type: error
User:

Computer Name: DEMON
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 0018DE45CEFE. The following
error occurred:
The operation was canceled by the user.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Record Number: 1537
Source Name: Dhcp
Time Written: 20100714232734.000000-240
Event Type: warning
User:

=====Application event log=====

Computer Name: DEMON
Event Code: 1001
Message: Fault bucket 1947960143.

Record Number: 210
Source Name: Application Error
Time Written: 20100707170919.000000-240
Event Type: error
User:

Computer Name: DEMON
Event Code: 1000
Message: Faulting application SearchIndexer.exe, version 7.0.6001.16503, faulting module propsys.dll, version 7.0.6001.16503, fault address 0x00015099.

Record Number: 209
Source Name: Application Error
Time Written: 20100707170835.000000-240
Event Type: error
User:

Computer Name: DEMON
Event Code: 1001
Message: Fault bucket 1947960143.

Record Number: 207
Source Name: Application Error
Time Written: 20100707170818.000000-240
Event Type: error
User:

Computer Name: DEMON
Event Code: 1000
Message: Faulting application SearchIndexer.exe, version 7.0.6001.16503, faulting module propsys.dll, version 7.0.6001.16503, fault address 0x00015099.

Record Number: 206
Source Name: Application Error
Time Written: 20100707170809.000000-240
Event Type: error
User:

Computer Name: DEMON
Event Code: 1
Message: Service registration successful.

Record Number: 205
Source Name: Media Center Receiver
Time Written: 20100707170805.000000-240
Event Type:
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
"PCTYPE"=PAVILION
"PLATFORM"=MCD
"PSModulePath"=C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------



Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4390

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

8/4/2010 5:02:33 PM
mbam-log-2010-08-04 (17-02-33).txt

Scan type: Quick scan
Objects scanned: 141102
Time elapsed: 6 minute(s), 28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)




Also,My invidia device is giving me a pop up saying this, " The nView display driver interface library version is different than the display driver version. This could potentially cause problems and interfere with the proper operation of the application.
To resolve this issue, reinstall your NVIDIA display driver software or, you can remove this message from the Desktop Management page by clearing the check box below. " I think this may be causing my Nvidia card to not work properly, but am not sure. Thank you very much for your prompt assistance.
wisdomizlife
Active Member
 
Posts: 8
Joined: April 7th, 2010, 6:16 pm

Re: Please help!

Unread postby melboy » August 4th, 2010, 7:08 pm

Hi


Gmer

Download GMER Rootkit Scanner from here.

  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double click the .exe file. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
    See image below
    Image
  • Then click the Scan button & wait for it to finish
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file
  • Save it where you can easily find it, such as your desktop, and post it in your next reply
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

-- If GMER crashes or keeps resulting in a BSoDs, uncheck Devices on the right side before scanning -- If you continue to encounter problems, try running GMER in safe mode

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries


Note: Do not run any programs while Gmer is running.



TFC

    You should still have this on your desktop.
  • Save any unsaved work. TFC will close all open application windows.
  • Double-click TFC.exe to run the program.
  • Click the Start button in the bottom left of TFC
  • If prompted, click "Yes" to reboot.

Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.



ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go here then click on: Image
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic.
  • Now click on: Image (Selecting Uninstall application on close if you so wish)
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Please help!

Unread postby wisdomizlife » August 5th, 2010, 7:17 pm

I have tried running the eset scanner multiple times, and it just continually freezes.. I did the gmer scan here are the results.


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-05 17:32:51
Windows 5.1.2600 Service Pack 3
Running: 0xokh1d8.exe; Driver: C:\DOCUME~1\ARCANG~1\LOCALS~1\Temp\pxtdapog.sys


---- System - GMER 1.0.15 ----

SSDT EEEF0836 ZwCreateKey
SSDT EEEF082C ZwCreateThread
SSDT EEEF083B ZwDeleteKey
SSDT EEEF0845 ZwDeleteValueKey
SSDT EEEF084A ZwLoadKey
SSDT EEEF0818 ZwOpenProcess
SSDT EEEF081D ZwOpenThread
SSDT EEEF0854 ZwReplaceKey
SSDT EEEF084F ZwRestoreKey
SSDT EEEF0840 ZwSetValueKey

---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF5DFF360, 0x22698D, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\SearchIndexer.exe[2172] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 eabfiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Development Company, L.P.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----
wisdomizlife
Active Member
 
Posts: 8
Joined: April 7th, 2010, 6:16 pm

Re: Please help!

Unread postby melboy » August 5th, 2010, 7:35 pm

Hi

Did you temporarily disable Avira (AntiVir Guard) whilst running the scan?

Try the Kaspersky scan, then re-run RSIT
.

Kaspersky Online Scan

Please go to Kaspersky website and perform an online antivirus scan.
  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
    • Spyware, Adware, Dialers, and other potentially dangerous programs
    • Archives
    • Mail Databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post this log in your next reply.
Please refer to this animation if you need further help.



Re-run - RSIT (Random's System Information Tool)
You should still have this program on your desktop.

  • Double click on RSIT.exe to run it.
  • Click Continue at the disclaimer screen.
    RSIT will start running. When done... ONLY the "C:\RSIT\log.txt"...will be reproduced. (it will be maximized)
  • Please post ONLY the "log.txt", file contents in your next reply.
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Please help!

Unread postby wisdomizlife » August 6th, 2010, 6:28 pm

I did disable antivir when I attempted running the scan, but it was a no go. Here are the two logs you requested.



--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Friday, August 6, 2010
Operating system: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Friday, August 06, 2010 01:22:45
Records in database: 4137388
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\

Scan statistics:
Objects scanned: 62163
Threats found: 0
Infected objects found: 0
Suspicious objects found: 0
Scan duration: 01:57:09

No threats found. Scanned area is clean.

Selected area has been scanned.




Logfile of random's system information tool 1.08 (written by random/random)
Run by Arc Angel at 2010-08-06 18:25:01
Microsoft Windows XP Professional Service Pack 3
System drive C: has 42 GB (67%) free of 63 GB
Total RAM: 2046 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:25:22 PM, on 8/6/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\Arc Angel\Local Settings\Application Data\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Arc Angel\Desktop\RSIT.exe
C:\Program Files\trend micro\Arc Angel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: FCToolbarURLSearchHook Class - {b843a48a-b70f-45cd-a15a-6c2b30c2c11e} - C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\Helper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: FCTBPos00Pos - {26A7CA19-7D58-411D-B2DA-F1B0324CBFFC} - C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\Toolbar.dll
O2 - BHO: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll
O3 - Toolbar: Gamers Unite! Snag Bar - {25515A79-C1C7-4B97-97F8-31A711694487} - C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\Toolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Arc Angel\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - S-1-5-18 Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - .DEFAULT User Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8473691578
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 8531583203
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 9967 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3383821861-1699414857-1321467403-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3383821861-1699414857-1321467403-1005UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26A7CA19-7D58-411D-B2DA-F1B0324CBFFC}]
Gamers Unite! Snag Bar BHO - C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\Toolbar.dll [2010-07-28 1498624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
Zynga Toolbar - C:\Program Files\Zynga\tbZyng.dll [2010-06-13 2734688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-17 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7b13ec3e-999a-4b70-b9cb-2617b8323822} - Zynga Toolbar - C:\Program Files\Zynga\tbZyng.dll [2010-06-13 2734688]
{25515A79-C1C7-4B97-97F8-31A711694487} - Gamers Unite! Snag Bar - C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\Toolbar.dll [2010-07-28 1498624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-06 64512]
"hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2006-05-04 458752]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-09-27 7585792]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-07-20 86016]
"nwiz"=nwiz.exe /installquiet /nodetect []
"MsmqIntCert"=regsvr32 /s mqrt.dll []
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\CHDAudPropShortcut.exe [2006-07-26 61952]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1040384]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2006-07-19 102400]
""= []
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2006-06-19 163840]
"Cpqset"=C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [2006-06-19 40960]
"RecGuard"=C:\Windows\SMINST\RecGuard.exe [2005-10-11 1187840]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-19 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-10-18 204288]
"Google Update"=C:\Documents and Settings\Arc Angel\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-22 136176]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing"
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\TroubleShooter.exe"="C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\TroubleShooter.exe:*:Enabled:Gamers Unite! Snag Bar (Helper)"
"C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\ToolbarUpdate.exe"="C:\Documents and Settings\Arc Angel\My Documents\toolbar\Gamers Unite! Snag Bar\ToolbarUpdate.exe:*:Enabled:Gamers Unite! Snag Bar (Update)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

======List of files/folders created in the last 1 months======

2010-08-05 23:29:21 ----D---- C:\WINDOWS\Sun
2010-08-05 12:30:16 ----D---- C:\WINDOWS\Minidump
2010-08-04 17:11:19 ----D---- C:\rsit
2010-08-04 17:11:19 ----D---- C:\Program Files\trend micro
2010-08-04 16:54:26 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Malwarebytes
2010-08-04 16:54:20 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-08-04 16:54:18 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-08-04 16:54:18 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-08-03 15:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-01 14:27:58 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-01 14:27:58 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-01 14:27:58 ----A---- C:\WINDOWS\system32\java.exe
2010-07-28 21:29:23 ----D---- C:\Documents and Settings\Arc Angel\Application Data\HP
2010-07-28 15:47:31 ----D---- C:\Documents and Settings\Arc Angel\Application Data\FCTB000062781
2010-07-23 17:41:47 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Windows Search
2010-07-22 17:41:09 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2010-07-21 21:04:38 ----D---- C:\Program Files\Conduit
2010-07-21 21:04:37 ----D---- C:\Program Files\Zynga
2010-07-14 06:47:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-07-09 18:42:46 ----D---- C:\WINDOWS\system32\winrm
2010-07-09 18:42:46 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2010-07-09 18:42:43 ----HDC---- C:\WINDOWS\$968930Uinstall_KB968930$
2010-07-09 18:42:41 ----D---- C:\WINDOWS\$NtUninstallKB968930$
2010-07-08 08:02:28 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-07-08 02:20:28 ----D---- C:\Documents and Settings\Arc Angel\Application Data\DivX
2010-07-08 02:20:15 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2010-07-08 02:20:15 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2010-07-08 02:20:15 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2010-07-08 02:20:15 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2010-07-08 02:20:15 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2010-07-08 02:20:15 ----N---- C:\WINDOWS\system32\pxafs.dll
2010-07-08 02:20:15 ----N---- C:\WINDOWS\system32\drivers\cdralw2k.sys
2010-07-08 02:20:15 ----N---- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2010-07-08 02:19:54 ----D---- C:\Program Files\Common Files\DivX Shared
2010-07-08 02:16:00 ----D---- C:\Documents and Settings\All Users\Application Data\DivX
2010-07-08 00:37:20 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-07-08 00:37:20 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-07-07 23:37:07 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2010-07-07 23:36:45 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2010-07-07 23:36:19 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-07-07 23:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-07-07 23:34:26 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-07-07 21:37:57 ----D---- C:\WINDOWS\system32\XPSViewer
2010-07-07 21:37:55 ----D---- C:\Program Files\MSBuild
2010-07-07 21:37:50 ----D---- C:\Program Files\Reference Assemblies
2010-07-07 21:37:35 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-07-07 21:37:35 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-07-07 21:37:35 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-07-07 17:59:08 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2010-07-07 17:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-07-07 17:02:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2010-07-07 17:02:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-07-07 17:02:31 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-07-07 17:02:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-07-07 17:02:20 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-07-07 17:02:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-07-07 17:01:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-07-07 17:01:27 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2010-07-07 17:01:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-07-07 17:00:46 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Windows Desktop Search
2010-07-07 17:00:15 ----D---- C:\Program Files\Windows Desktop Search
2010-07-07 17:00:14 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-07-07 17:00:06 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2010-07-07 16:59:58 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2010-07-07 16:59:45 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-07-07 16:59:44 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2010-07-07 16:59:19 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2010-07-07 16:58:38 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-07-07 16:58:18 ----D---- C:\WINDOWS\system32\LogFiles
2010-07-07 16:58:18 ----D---- C:\WINDOWS\system32\drivers\UMDF
2010-07-07 16:58:15 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-07-07 16:57:43 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2010-07-07 16:55:14 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2010-07-07 15:59:46 ----D---- C:\Program Files\Microsoft Silverlight
2010-07-07 15:59:31 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2010-07-07 15:56:23 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-07-07 15:56:18 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-07-07 15:55:57 ----HDC---- C:\WINDOWS\$NtUninstallKB954708$
2010-07-07 15:55:07 ----D---- C:\Program Files\Microsoft
2010-07-07 15:54:51 ----D---- C:\Program Files\Windows Live SkyDrive
2010-07-07 15:54:29 ----D---- C:\Program Files\Windows Live
2010-07-07 15:34:02 ----D---- C:\Program Files\Common Files\Windows Live
2010-07-07 02:22:36 ----D---- C:\Program Files\HP Pavilion Webcam Demo
2010-07-07 02:17:51 ----ASH---- C:\Documents and Settings\Arc Angel\Application Data\desktop.ini
2010-07-07 02:17:48 ----SD---- C:\Documents and Settings\Arc Angel\Application Data\Microsoft
2010-07-07 02:17:48 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Macromedia
2010-07-07 02:17:48 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Intuit
2010-07-07 02:17:48 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Identities
2010-07-07 02:11:00 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
2010-07-07 02:11:00 ----A---- C:\WINDOWS\system32\kbdusa.dll
2010-07-07 02:11:00 ----A---- C:\WINDOWS\system32\c_iscii.dll
2010-07-07 02:10:59 ----A---- C:\WINDOWS\system32\ftlx041e.dll
2010-07-07 02:09:04 ----ASH---- C:\hiberfil.sys
2010-07-07 02:09:03 ----ASH---- C:\pagefile.sys
2010-07-07 01:37:06 ----SHD---- C:\System Volume Information
2010-07-07 01:22:32 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-07-07 01:22:20 ----D---- C:\Program Files\Common Files\Adobe
2010-07-07 01:13:08 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Mozilla
2010-07-07 01:11:48 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-07-07 01:11:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-07-07 01:11:39 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-07-07 01:11:34 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-07-07 01:11:30 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-07-07 01:11:24 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-07-07 01:11:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-07-07 01:11:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-07-07 01:11:09 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-07-07 01:11:03 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-07-07 01:10:59 ----HDC---- C:\WINDOWS\$NtUninstallKB979904$
2010-07-07 01:10:48 ----D---- C:\Program Files\Mozilla Firefox
2010-07-07 01:10:42 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-07-07 01:10:36 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$
2010-07-07 01:10:31 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-07-07 01:10:25 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-07-07 01:10:20 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-07-07 01:10:15 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-07-07 01:09:45 ----D---- C:\WINDOWS\ie8updates
2010-07-07 01:09:34 ----D---- C:\WINDOWS\WBEM
2010-07-07 01:09:22 ----HDC---- C:\WINDOWS\ie8
2010-07-07 01:05:14 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-07-07 01:05:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-07-07 01:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-07-07 01:05:01 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-07-07 01:04:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-07-07 01:04:53 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-07-07 01:04:48 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-07-07 01:04:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-07-07 01:04:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-07-07 01:04:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-07-07 01:04:24 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-07-07 01:04:20 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-07-07 01:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-07-07 01:04:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-07-07 01:04:05 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-07-07 01:04:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-07-07 01:03:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-07-07 01:03:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-07-07 01:03:46 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-07-07 01:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-07-07 01:03:27 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-07-07 01:03:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-07-07 01:03:15 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-07-07 01:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-07-07 01:03:07 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-07-07 01:03:02 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2010-07-07 00:57:18 ----A---- C:\WINDOWS\system32\MRT.exe
2010-07-07 00:57:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-07-07 00:57:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-07-07 00:56:58 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-07-07 00:56:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-07-07 00:56:50 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-07-07 00:56:11 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-07-07 00:56:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-07-07 00:55:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973768$
2010-07-07 00:55:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-07-07 00:55:39 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-07-07 00:55:35 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-07-07 00:55:31 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-07-07 00:55:27 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-07-07 00:55:22 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-07-07 00:55:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-07-07 00:55:14 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-07-07 00:55:10 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-07-07 00:55:06 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-07-07 00:55:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-07-07 00:54:54 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$
2010-07-07 00:54:43 ----D---- C:\Program Files\MSXML 4.0
2010-07-07 00:54:32 ----HDC---- C:\WINDOWS\$NtUninstallKB953295$
2010-07-07 00:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-07-07 00:54:10 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2010-07-07 00:53:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-07-07 00:53:36 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-07-07 00:49:32 ----SHD---- C:\RECYCLER
2010-07-07 00:28:51 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2010-07-07 00:28:50 ----D---- C:\Program Files\Avira
2010-07-07 00:28:50 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2010-07-07 00:28:50 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2010-07-07 00:28:50 ----A---- C:\WINDOWS\system32\drivers\avgntmgr.sys
2010-07-07 00:28:50 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2010-07-07 00:28:50 ----A---- C:\WINDOWS\system32\drivers\avgntdd.sys
2010-07-07 00:09:35 ----D---- C:\Documents and Settings\Arc Angel\Application Data\AdobeUM
2010-07-07 00:09:08 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Adobe
2010-07-07 00:06:18 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2010-07-07 00:03:08 ----D---- C:\WINDOWS\Prefetch

======List of files/folders modified in the last 1 months======

2010-08-06 17:37:50 ----D---- C:\WINDOWS\temp
2010-08-06 02:10:43 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2010-08-06 02:10:41 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-06 02:10:38 ----A---- C:\hpqp.ini
2010-08-06 02:10:35 ----D---- C:\WINDOWS\Registration
2010-08-06 02:10:13 ----D---- C:\WINDOWS
2010-08-06 02:10:07 ----A---- C:\XP_TV.ini
2010-08-06 02:08:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-05 19:20:00 ----D---- C:\Program Files
2010-08-04 16:54:20 ----D---- C:\WINDOWS\system32\drivers
2010-08-04 15:52:46 ----HD---- C:\WINDOWS\inf
2010-08-03 15:51:23 ----D---- C:\WINDOWS\system32
2010-08-03 15:00:20 ----RSHD---- C:\WINDOWS\system32\dllcache
2010-08-03 06:45:04 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-01 14:28:06 ----SHD---- C:\WINDOWS\Installer
2010-08-01 14:28:05 ----D---- C:\Program Files\Common Files\Java
2010-08-01 14:27:55 ----D---- C:\Program Files\Java
2010-07-28 15:48:01 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-07-27 02:30:35 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-22 18:24:03 ----SD---- C:\WINDOWS\Tasks
2010-07-22 18:08:12 ----D---- C:\Program Files\Yahoo!
2010-07-18 08:24:31 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-07-17 05:00:04 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-07-14 06:47:41 ----A---- C:\WINDOWS\imsins.BAK
2010-07-14 02:31:13 ----D---- C:\Documents and Settings\Arc Angel\Application Data\HpUpdate
2010-07-12 05:39:56 ----D---- C:\WINDOWS\ehome
2010-07-11 23:16:28 ----D---- C:\WINDOWS\system32\CatRoot
2010-07-09 23:15:42 ----D---- C:\WINDOWS\Microsoft.NET
2010-07-09 23:15:35 ----RSD---- C:\WINDOWS\assembly
2010-07-09 18:51:08 ----D---- C:\WINDOWS\security
2010-07-09 18:47:57 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-09 18:44:01 ----D---- C:\WINDOWS\WinSxS
2010-07-09 18:43:42 ----D---- C:\WINDOWS\system32\en-us
2010-07-09 18:43:33 ----D---- C:\Program Files\Microsoft.NET
2010-07-09 18:42:52 ----D---- C:\WINDOWS\system32\config
2010-07-09 18:42:51 ----D---- C:\WINDOWS\Help
2010-07-09 18:42:46 ----D---- C:\WINDOWS\system32\wbem
2010-07-09 18:42:32 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-07-08 02:19:54 ----D---- C:\Program Files\Common Files
2010-07-07 23:38:16 ----A---- C:\WINDOWS\win.ini
2010-07-07 21:37:53 ----RSD---- C:\WINDOWS\Fonts
2010-07-07 21:37:42 ----D---- C:\WINDOWS\system32\spool
2010-07-07 21:36:41 ----D---- C:\Program Files\Internet Explorer
2010-07-07 17:01:39 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-07-07 16:59:26 ----D---- C:\Program Files\Windows Media Connect 2
2010-07-07 16:59:24 ----D---- C:\Program Files\Windows Media Player
2010-07-07 16:55:17 ----D---- C:\Program Files\CONEXANT
2010-07-07 15:59:32 ----D---- C:\Program Files\Common Files\System
2010-07-07 15:56:24 ----D---- C:\WINDOWS\system32\DirectX
2010-07-07 02:23:26 ----HD---- C:\System.sav
2010-07-07 02:23:26 ----D---- C:\SWSetup
2010-07-07 02:22:36 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-07 02:22:16 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-07-07 02:19:11 ----D---- C:\hp
2010-07-07 02:19:07 ----AD---- C:\WINDOWS\system32\pcintro
2010-07-07 02:17:47 ----D---- C:\Documents and Settings
2010-07-07 02:16:29 ----RASH---- C:\boot.ini
2010-07-07 02:11:01 ----A---- C:\WINDOWS\system.ini
2010-07-07 02:05:04 ----RD---- C:\WINDOWS\Web
2010-07-07 02:05:02 ----D---- C:\WINDOWS\twain_32
2010-07-07 02:04:47 ----D---- C:\WINDOWS\system32\URTTemp
2010-07-07 02:04:36 ----D---- C:\WINDOWS\system32\ras
2010-07-07 02:04:19 ----D---- C:\WINDOWS\system32\mui
2010-07-07 02:04:13 ----D---- C:\WINDOWS\system32\msmq
2010-07-07 02:04:10 ----D---- C:\WINDOWS\system32\MsDtc
2010-07-07 02:04:08 ----SD---- C:\WINDOWS\system32\Microsoft
2010-07-07 02:04:07 ----D---- C:\WINDOWS\system32\Macromed
2010-07-07 02:04:00 ----D---- C:\WINDOWS\system32\IME
2010-07-07 02:04:00 ----D---- C:\WINDOWS\system32\icsxml
2010-07-07 02:04:00 ----D---- C:\WINDOWS\system32\ias
2010-07-07 02:03:50 ----D---- C:\WINDOWS\system32\drivers\etc
2010-07-07 02:03:31 ----D---- C:\WINDOWS\system32\1033
2010-07-07 02:03:30 ----D---- C:\WINDOWS\SMINST
2010-07-07 02:03:30 ----D---- C:\WINDOWS\SHELLNEW
2010-07-07 02:03:27 ----D---- C:\WINDOWS\Resources
2010-07-07 02:03:26 ----D---- C:\WINDOWS\repair
2010-07-07 02:03:23 ----D---- C:\WINDOWS\RegisteredPackages
2010-07-07 02:03:17 ----D---- C:\WINDOWS\Provisioning
2010-07-07 02:03:17 ----D---- C:\WINDOWS\pchealth
2010-07-07 02:02:47 ----RD---- C:\WINDOWS\Offline Web Pages
2010-07-07 02:02:47 ----D---- C:\WINDOWS\nview
2010-07-07 02:02:47 ----D---- C:\WINDOWS\msapps
2010-07-07 02:02:32 ----D---- C:\WINDOWS\java
2010-07-07 02:01:01 ----D---- C:\WINDOWS\Driver Cache
2010-07-07 02:01:00 ----D---- C:\WINDOWS\Downloaded Installations
2010-07-07 02:00:59 ----D---- C:\WINDOWS\Cursors
2010-07-07 02:00:57 ----D---- C:\WINDOWS\CREATOR
2010-07-07 02:00:37 ----HDC---- C:\WINDOWS\$NtUninstallWMCSetup$
2010-07-07 02:00:37 ----HD---- C:\WINDOWS\$NtUninstallKB915381$
2010-07-07 02:00:36 ----HD---- C:\WINDOWS\$NtUninstallKB913580$
2010-07-07 02:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB912436$
2010-07-07 02:00:35 ----HD---- C:\WINDOWS\$NtUninstallKB913446$
2010-07-07 02:00:35 ----HD---- C:\WINDOWS\$NtUninstallKB912919$
2010-07-07 02:00:35 ----HD---- C:\WINDOWS\$NtUninstallKB912067$
2010-07-07 02:00:34 ----HD---- C:\WINDOWS\$NtUninstallKB911927$
2010-07-07 02:00:32 ----HD---- C:\WINDOWS\$NtUninstallKB911565$
2010-07-07 02:00:32 ----HD---- C:\WINDOWS\$NtUninstallKB911564$
2010-07-07 02:00:32 ----HD---- C:\WINDOWS\$NtUninstallKB911164$
2010-07-07 02:00:32 ----HD---- C:\WINDOWS\$NtUninstallKB910728$
2010-07-07 02:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB909095$
2010-07-07 02:00:31 ----HD---- C:\WINDOWS\$NtUninstallKB910393$
2010-07-07 02:00:29 ----HD---- C:\WINDOWS\$NtUninstallKB908519$
2010-07-07 02:00:29 ----HD---- C:\WINDOWS\$NtUninstallKB904706$
2010-07-07 02:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB896256$
2010-07-07 02:00:28 ----HD---- C:\WINDOWS\$NtUninstallKB903235$
2010-07-07 02:00:28 ----HD---- C:\WINDOWS\$NtUninstallKB901214$
2010-07-07 02:00:28 ----HD---- C:\WINDOWS\$NtUninstallKB901190$
2010-07-07 02:00:28 ----HD---- C:\WINDOWS\$NtUninstallKB896727$
2010-07-07 02:00:28 ----HD---- C:\WINDOWS\$NtUninstallKB896423$
2010-07-07 02:00:28 ----HD---- C:\WINDOWS\$NtUninstallKB896422$
2010-07-07 02:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB892559$
2010-07-07 02:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB890546$
2010-07-07 02:00:27 ----HD---- C:\WINDOWS\$NtUninstallKB893066$
2010-07-07 02:00:27 ----HD---- C:\WINDOWS\$NtUninstallKB891781$
2010-07-07 02:00:27 ----HD---- C:\WINDOWS\$NtUninstallKB891220$
2010-07-07 02:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB888239$
2010-07-07 02:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2010-07-07 02:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB885855$
2010-07-07 02:00:26 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-07-07 02:00:26 ----HD---- C:\WINDOWS\$NtUninstallKB888113$
2010-07-07 02:00:26 ----HD---- C:\WINDOWS\$NtUninstallKB885250$
2010-07-07 01:53:47 ----D---- C:\Program Files\xerox
2010-07-07 01:53:45 ----D---- C:\Program Files\Windows Plus
2010-07-07 01:53:28 ----D---- C:\Program Files\Synaptics
2010-07-07 01:53:26 ----D---- C:\Program Files\Sonic
2010-07-07 01:52:50 ----D---- C:\Program Files\RGB
2010-07-07 01:52:50 ----D---- C:\Program Files\Quickensetup
2010-07-07 01:52:40 ----D---- C:\Program Files\Quicken
2010-07-07 01:52:24 ----D---- C:\Program Files\Online Services
2010-07-07 01:51:19 ----D---- C:\Program Files\NetWaiting
2010-07-07 01:51:01 ----D---- C:\Program Files\Netscape
2010-07-07 01:50:45 ----D---- C:\Program Files\muvee Technologies
2010-07-07 01:50:45 ----D---- C:\Program Files\music_now
2010-07-07 01:50:44 ----D---- C:\Program Files\MSN Gaming Zone
2010-07-07 01:50:42 ----D---- C:\Program Files\MSN
2010-07-07 01:50:41 ----D---- C:\Program Files\Microsoft Works
2010-07-07 01:50:12 ----D---- C:\Program Files\Microsoft Office Trial Wizard
2010-07-07 01:50:10 ----D---- C:\Program Files\Microsoft Office
2010-07-07 01:49:48 ----D---- C:\Program Files\Microsoft Money 2006
2010-07-07 01:49:31 ----D---- C:\Program Files\microsoft frontpage
2010-07-07 01:49:31 ----D---- C:\Program Files\Microsoft ActiveSync
2010-07-07 01:49:10 ----D---- C:\Program Files\HPQ
2010-07-07 01:49:10 ----D---- C:\Program Files\HP Rhapsody
2010-07-07 01:45:14 ----D---- C:\Program Files\Hewlett-Packard
2010-07-07 01:44:49 ----D---- C:\Program Files\GemMaster
2010-07-07 01:44:47 ----D---- C:\Program Files\ESPNMotion
2010-07-07 01:44:47 ----D---- C:\Program Files\EnglishOtto
2010-07-07 01:44:45 ----D---- C:\Program Files\Encarta Online
2010-07-07 01:44:45 ----D---- C:\Program Files\DIGStream
2010-07-07 01:44:44 ----D---- C:\Program Files\Common Files\TiVo Shared
2010-07-07 01:44:19 ----D---- C:\Program Files\Common Files\SureThing Shared
2010-07-07 01:44:19 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-07-07 01:44:19 ----D---- C:\Program Files\Common Files\Sonic Shared
2010-07-07 01:44:16 ----D---- C:\Program Files\Common Files\Services
2010-07-07 01:44:16 ----D---- C:\Program Files\Common Files\Palo Alto Software
2010-07-07 01:44:16 ----D---- C:\Program Files\Common Files\ODBC
2010-07-07 01:44:16 ----D---- C:\Program Files\Common Files\muvee Technologies
2010-07-07 01:44:06 ----D---- C:\Program Files\Common Files\MSSoap
2010-07-07 01:43:50 ----D---- C:\Program Files\Common Files\LightScribe
2010-07-07 01:43:45 ----D---- C:\Program Files\Common Files\Intuit
2010-07-07 01:43:44 ----D---- C:\Program Files\Common Files\InstallShield
2010-07-07 01:43:39 ----D---- C:\Program Files\Common Files\HP
2010-07-07 01:43:39 ----D---- C:\Program Files\Common Files\DESIGNER
2010-07-07 01:42:57 ----RHD---- C:\MSOCache
2010-07-07 01:42:38 ----D---- C:\I386
2010-07-07 01:41:58 ----D---- C:\WINDOWS\AppPatch
2010-07-07 01:38:01 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
2010-07-07 01:38:01 ----D---- C:\Documents and Settings\All Users\Application Data\SBSI
2010-07-07 01:37:54 ----D---- C:\Documents and Settings\All Users\Application Data\Intuit
2010-07-07 01:37:54 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2010-07-07 01:37:54 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2010-07-07 01:37:53 ----D---- C:\Documents and Settings\All Users\Application Data\DIGStream
2010-07-07 01:37:53 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2010-07-07 01:37:49 ----D---- C:\2d54cd5d5ba8bb75e61d762d149f
2010-07-07 01:22:20 ----D---- C:\Program Files\Adobe
2010-07-07 01:11:31 ----D---- C:\Program Files\Messenger
2010-07-07 01:09:31 ----D---- C:\WINDOWS\Media
2010-07-07 01:04:21 ----D---- C:\Program Files\Movie Maker
2010-07-07 01:02:47 ----D---- C:\Documents and Settings\Arc Angel\Application Data\Netscape
2010-07-07 01:02:18 ----D---- C:\Program Files\WildTangent
2010-07-07 01:01:50 ----D---- C:\Documents and Settings\All Users\Application Data\WildTangent
2010-07-07 00:57:21 ----D---- C:\WINDOWS\Debug
2010-07-07 00:55:45 ----D---- C:\Program Files\Outlook Express
2010-07-07 00:33:27 ----D---- C:\WINDOWS\SoftwareDistribution
2010-07-07 00:03:58 ----A---- C:\WINDOWS\OEWABLog.txt
2010-07-07 00:03:12 ----A---- C:\WINDOWS\setuplog.txt
2010-07-07 00:02:44 ----D---- C:\WINDOWS\system32\Setup

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2005-10-13 874240]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-04-27 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ; C:\WINDOWS\System32\Drivers\5U870CAP.sys [2006-06-06 61952]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2008-12-05 241296]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2008-04-28 9344]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2006-07-26 581632]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-11-01 989696]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-11-01 211456]
R3 MQAC;Message Queuing access control; \??\C:\WINDOWS\system32\drivers\mqac.sys []
R3 NETw5x32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-11-17 3636864]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-09-27 3694656]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-12-22 51840]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-11-01 308992]
R3 RMCAST;Reliable Multicast Protocol driver; \??\C:\WINDOWS\system32\drivers\RMCast.sys []
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-03-28 224672]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-11-01 731520]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-12 57320]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2006-07-06 47744]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-21 1429632]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-18 13952]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-06 102912]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-05-18 49152]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-06 99328]
R2 MSMQ;Message Queuing; C:\WINDOWS\system32\mqsvc.exe [2008-04-13 4608]
R2 MSMQTriggers;Message Queuing Triggers; C:\WINDOWS\system32\mqtgsvc.exe [2008-04-13 117248]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-20 143426]
S3 AddFiltr;AddFiltr; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe [2006-06-12 126976]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
wisdomizlife
Active Member
 
Posts: 8
Joined: April 7th, 2010, 6:16 pm

Re: Please help!

Unread postby melboy » August 6th, 2010, 6:36 pm

wisdomizlife wrote:I have avira installed and it keeps blocking some autorun program


Are you still experiencing this?
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Please help!

Unread postby wisdomizlife » August 7th, 2010, 2:47 am

I experienced it last night as I was running the eset scan. but it has not popped up anymore. I still have the issue with the Nvidia driver, I don't know if you would be able to help me with that.
wisdomizlife
Active Member
 
Posts: 8
Joined: April 7th, 2010, 6:16 pm

Re: Please help!

Unread postby melboy » August 7th, 2010, 4:54 am

Hi

If your nVidia problems persist and they turn out not top be malware related i will refer you to a general tech forum as this forum deals solely with malware isssues.

Post the Avira event log.

  • Right click the Avira system tray icon. (white umbrella, red background)
  • Choose start AntiVir
  • In the left pane under overview, click Events
  • Scroll down the list of warnings/detections untill you find on that corresponds with the alerts you are receiving from Avira.
  • Right click the event to highlight it and choose Export event.
  • Save event.txt to your desktop.
  • Post the contents of event.txt in your next reply.
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Please help!

Unread postby melboy » August 9th, 2010, 8:14 am

Hi wisdomizlife

It has been two days since my last post.

  • Do you still need help?
  • Do you need more time?
  • Are you having problems following my instructions?
  • According to Malware Removal's latest policy, topics can be closed after 3 days without a response. If you do not reply within the next 24 hours, this topic will be closed.
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Please help!

Unread postby Dakeyras » August 10th, 2010, 3:26 pm

Due to lack of activity, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8732
Joined: November 21st, 2007, 5:30 am
Location: The Tundra
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 57 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware