Good to meet you. Thanks for your interest in helping poor souls like me. These are a lot of log lines!
I noted that my computer wouldn't let me reply to your message. I get a "the connection to the server was reset while the page was loading" message. Multiple times. Annoying, or a "feature" of the virus? I'm posting this from another computer.
On a related note, my operating system doesn't have System Restore. I think it is supposed to. Is there a way to fix this lack?
Logfile of random's system information tool 1.07 (written by random/random)
Run by Paul at 2010-06-05 09:24:26
Microsoft Windows XP Professional Service Pack 3
System drive C: has 11 GB (15%) free of 76 GB
Total RAM: 1918 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:24:42 AM, on 6/5/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS.1\System32\smss.exe
C:\WINDOWS.1\system32\winlogon.exe
C:\WINDOWS.1\system32\services.exe
C:\WINDOWS.1\system32\lsass.exe
C:\WINDOWS.1\system32\svchost.exe
C:\WINDOWS.1\System32\svchost.exe
C:\WINDOWS.1\system32\svchost.exe
C:\WINDOWS.1\system32\ZoneLabs\vsmon.exe
C:\WINDOWS.1\system32\spoolsv.exe
C:\WINDOWS.1\Explorer.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS.1\system32\E_S00RP2.EXE
C:\Norman\Bin\Zanda.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS.1\system32\nvsvc32.exe
C:\WINDOWS.1\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS.1\system32\wuauclt.exe
C:\WINDOWS.1\system32\SearchIndexer.exe
C:\WINDOWS.1\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Norman\Bin\ZLH.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS.1\system32\RUNDLL32.EXE
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Paul.FAMILYROOM\Desktop\Computer Management\RSIT.exe
C:\Program Files\trend micro\Paul.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ldsblogs.org/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://windowsupdate.microsoft.com/R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS.1\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS.1\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS.1\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver -
res://C:\WINDOWS.1\system32\GPhotos.scr/200
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
http://cdn.scan.onecare.live.com/resour ... se5036.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/windows ... 3216818375O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftup ... 2590144765O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS.1\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS.1\System32\browseui.dll
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: EPSON V3 Service2(02) (EPSON_PM_RPCV2_02) - SEIKO EPSON CORPORATION - C:\WINDOWS.1\system32\E_S00RP2.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Bin\Zanda.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS.1\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS.1\system32\ZoneLabs\vsmon.exe
O24 - Desktop Component 0: (no name) - (no file)
--
End of file - 6354 bytes
======Scheduled tasks folder======
C:\WINDOWS.1\tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS.1\tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS.1\tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS.1\tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS.1\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS.1\tasks\AppleSoftwareUpdate.job
C:\WINDOWS.1\tasks\Defraggler Volume C Task.job
C:\WINDOWS.1\tasks\Driver Robot.job
C:\WINDOWS.1\tasks\DriverCure.job
C:\WINDOWS.1\tasks\GlaryInitialize.job
C:\WINDOWS.1\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-1450960922-839522115-1003Core.job
C:\WINDOWS.1\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-1450960922-839522115-1003UA.job
C:\WINDOWS.1\tasks\MSWD-c215ac63.job
C:\WINDOWS.1\tasks\MyDefrag v4.3.1 Daily.job
C:\WINDOWS.1\tasks\MyDefrag v4.3.1 Monthly.job
C:\WINDOWS.1\tasks\RealUpgradeLogonTaskS-1-5-21-1659004503-1450960922-839522115-1003.job
C:\WINDOWS.1\tasks\RealUpgradeScheduledTaskS-1-5-21-1659004503-1450960922-839522115-1003.job
C:\WINDOWS.1\tasks\SmartDefrag.job
C:\WINDOWS.1\tasks\User_Feed_Synchronization-{42012659-AE36-42B0-BCCB-54C85675C520}.job
C:\WINDOWS.1\tasks\User_Feed_Synchronization-{634DB107-BEDF-4474-A814-4E082A23D8EE}.job
C:\WINDOWS.1\tasks\WGASetup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
Freecorder Toolbar - C:\Program Files\Freecorder\tbFre1.dll [2010-05-24 2515552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-03 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1392b8d2-5c05-419f-a8f6-b9f15a596612} - Freecorder Toolbar - C:\Program Files\Freecorder\tbFre1.dll [2010-05-24 2515552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Norman ZANDA"=C:\Norman\Bin\ZLH.EXE [2007-08-09 183352]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-02-16 981384]
"NvCplDaemon"=C:\WINDOWS.1\system32\NvCpl.dll [2008-09-17 13574144]
"NvMediaCenter"=C:\WINDOWS.1\system32\NvMcTray.dll [2008-09-17 86016]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"WinPatrol"=C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [2010-05-31 323976]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2010-05-26 2346192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service]
C:\Program Files\Freecorder\FLVSrvc.exe [2009-11-15 158752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M5T8QL3YW3]
C:\DOCUME~1\PAUL~1.FAM\LOCALS~1\Temp\Jjh.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS.1\System32\NvCpl.dll [2008-09-17 13574144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS.1\System32\NvMcTray.dll [2008-09-17 86016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-21 148888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yadis]
C:\Program Files\Codessentials\Yadis\Yadis.exe [2008-06-13 1687552]
C:\Documents and Settings\All Users.WINDOWS.1\Start Menu\Programs\Startup
AutorunsDisabled
EPSON Status Monitor 3 Environment Check 2.lnk - C:\WINDOWS.1\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS.1\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\WINDOWS.1\system32\spoolsv.exe"="C:\WINDOWS.1\system32\spoolsv.exe:*:Enabled:spoolsv.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-06-05 09:24:26 ----D---- C:\Program Files\trend micro
2010-06-05 09:24:25 ----D---- C:\rsit
2010-06-04 13:06:34 ----D---- C:\Documents and Settings\All Users.WINDOWS.1\Application Data\Hitman Pro
2010-06-04 13:06:33 ----D---- C:\Program Files\Hitman Pro 3.5
2010-06-04 07:42:43 ----A---- C:\WINDOWS.1\SchedLgU.Txt
2010-06-03 15:23:32 ----D---- C:\Program Files\MyDefrag v4.3.1
2010-06-03 15:23:32 ----A---- C:\WINDOWS.1\system32\MyDefragScreenSaver_v4.3.1.exe
2010-06-02 22:26:51 ----D---- C:\Documents and Settings\Paul.FAMILYROOM\Application Data\WinPatrol
2010-06-02 22:26:41 ----D---- C:\Program Files\BillP Studios
2010-06-02 11:14:33 ----D---- C:\!KillBox
2010-06-01 18:52:33 ----D---- C:\WINDOWS.1\Cache
2010-06-01 18:52:32 ----D---- C:\Program Files\Coupons
2010-05-13 13:15:52 ----D---- C:\Program Files\SSC Service Utility
2010-05-13 12:51:59 ----A---- C:\WINDOWS.1\system32\E_S00RP2.EXE
======List of files/folders modified in the last 1 months======
2010-06-05 09:24:42 ----D---- C:\WINDOWS.1\Prefetch
2010-06-05 09:24:26 ----RD---- C:\Program Files
2010-06-05 09:19:34 ----D---- C:\WINDOWS.1\Internet Logs
2010-06-05 09:17:12 ----D---- C:\Norman
2010-06-05 09:16:57 ----D---- C:\WINDOWS.1\Temp
2010-06-05 09:14:55 ----D---- C:\WINDOWS.1
2010-06-05 08:46:25 ----D---- C:\Program Files\Mozilla Thunderbird
2010-06-04 13:11:45 ----D---- C:\WINDOWS.1\system32\drivers
2010-06-04 12:57:04 ----D---- C:\WINDOWS.1\Registration
2010-06-04 10:28:48 ----D---- C:\Documents and Settings\Paul.FAMILYROOM\Application Data\vlc
2010-06-04 09:31:25 ----D---- C:\WINDOWS.1\system32
2010-06-04 09:31:25 ----D---- C:\WINDOWS.1\$regcmp$
2010-06-04 09:29:01 ----SD---- C:\WINDOWS.1\Tasks
2010-06-04 09:08:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-06-04 08:54:25 ----D---- C:\WINDOWS.1\system32\CatRoot2
2010-06-04 07:57:44 ----SHD---- C:\WINDOWS.1\Installer
2010-06-04 07:57:44 ----SHD---- C:\Config.Msi
2010-06-02 21:14:58 ----ASH---- C:\boot.ini
2010-06-02 21:14:58 ----A---- C:\WINDOWS.1\win.ini
2010-06-02 21:14:58 ----A---- C:\WINDOWS.1\system.ini
2010-06-02 21:14:57 ----D---- C:\WINDOWS.1\pss
2010-06-02 09:25:58 ----D---- C:\Program Files\Mozilla Firefox
2010-06-01 19:44:00 ----D---- C:\WINDOWS.1\Debug
2010-06-01 19:21:39 ----D---- C:\Program Files\CCleaner
2010-06-01 19:00:41 ----D---- C:\Documents and Settings
2010-06-01 07:33:45 ----D---- C:\Program Files\Microsoft Works
2010-06-01 07:33:33 ----D---- C:\Documents and Settings\Paul.FAMILYROOM\Application Data\GoodSync
2010-06-01 07:33:32 ----D---- C:\WINDOWS.1\system32\config
2010-06-01 07:33:28 ----D---- C:\WINDOWS.1\repair
2010-06-01 07:33:26 ----SD---- C:\WINDOWS.1\Downloaded Program Files
2010-06-01 07:33:26 ----D---- C:\Program Files\Quicken
2010-06-01 07:33:26 ----D---- C:\Program Files\HijackThis
2010-06-01 07:33:26 ----D---- C:\Program Files\Free Audio Editor
2010-06-01 07:33:26 ----D---- C:\Program Files\Eusing Free Registry Cleaner
2010-06-01 07:33:26 ----D---- C:\Program Files\Creative Element Power Tools
2010-06-01 07:33:25 ----RD---- C:\LDSCL
2010-06-01 07:33:25 ----D---- C:\Temp
2010-06-01 07:33:25 ----D---- C:\QUICKENW
2010-06-01 07:32:45 ----D---- C:\Program Files\GenSmarts
2010-06-01 07:32:45 ----D---- C:\Program Files\GARtrip
2010-06-01 07:32:45 ----D---- C:\piano_files
2010-05-31 15:47:23 ----D---- C:\Program Files\Karen's Power Tools
2010-05-28 07:38:03 ----D---- C:\Documents and Settings\All Users.WINDOWS.1\Application Data\IObit
2010-05-26 03:00:36 ----HD---- C:\WINDOWS.1\inf
2010-05-25 17:44:32 ----D---- C:\Documents and Settings\Paul.FAMILYROOM\Application Data\CameraWindowDC
2010-05-24 21:38:28 ----D---- C:\CanoScan_N650U_N656U_CSUv571a
2010-05-17 20:44:01 ----D---- C:\Documents and Settings\Paul.FAMILYROOM\Application Data\dvdcss
2010-05-13 03:00:57 ----RSHDC---- C:\WINDOWS.1\system32\dllcache
2010-05-13 03:00:57 ----D---- C:\Program Files\Outlook Express
2010-05-12 04:57:28 ----HD---- C:\WINDOWS.1\$hf_mig$
2010-05-08 21:55:29 ----D---- C:\Program Files\Defraggler
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS.1\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 vsdatant;vsdatant; C:\WINDOWS.1\System32\vsdatant.sys [2009-02-16 353672]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS.1\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 Ndiskio;Ndiskio; \??\C:\Norman\Nse\bin\NDISKIO.SYS []
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS.1\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS.1\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS.1\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DP;HSF_DP; C:\WINDOWS.1\system32\DRIVERS\HSF_DP.sys [2004-12-15 1038208]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS.1\system32\DRIVERS\HSFHWBS2.sys [2004-12-15 220928]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS.1\system32\drivers\RtkHDAud.sys [2009-02-11 5028352]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS.1\system32\drivers\mbamswissarmy.sys []
R3 NIC1394;1394 Net Driver; C:\WINDOWS.1\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS.1\System32\DRIVERS\nv4_mini.sys [2008-09-17 6132576]
R3 NVENETFD;NVIDIA nForce 10/100 Mbps Ethernet ; C:\WINDOWS.1\System32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS.1\System32\DRIVERS\nvnetbus.sys [2008-08-01 22016]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS.1\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS.1\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS.1\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS.1\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS.1\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 winachsf;winachsf; C:\WINDOWS.1\system32\DRIVERS\HSF_CNXT.sys [2004-12-15 703232]
S3 hitmanpro35;Hitman Pro 3.5 Support Driver; \??\C:\WINDOWS.1\system32\drivers\hitmanpro35.sys []
S3 nm;Network Monitor Driver; C:\WINDOWS.1\System32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NvcMFlt;NvcMFlt; C:\WINDOWS.1\system32\DRIVERS\nvcw32mf.sys [2008-02-11 19512]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS.1\system32\DRIVERS\TVICHW32.SYS []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS.1\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS.1\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;USB Scanner Driver; C:\WINDOWS.1\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS.1\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS.1\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 ASPI32;ASPI32; C:\WINDOWS.1\system32\drivers\ASPI32.sys [2004-07-20 16512]
S4 CH341SER;CH341SER; C:\WINDOWS.1\System32\Drivers\CH341SER.SYS [2006-10-25 36080]
S4 giveio;giveio; C:\WINDOWS.1\system32\giveio.sys [1996-04-03 5248]
S4 IntelIde;IntelIde; C:\WINDOWS.1\system32\drivers\IntelIde.sys []
S4 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S4 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 EPSON_PM_RPCV2_02;EPSON V3 Service2(02); C:\WINDOWS.1\system32\E_S00RP2.EXE [2000-05-16 60416]
R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe [2001-08-09 90112]
R2 Norman ZANDA;Norman ZANDA; C:\Norman\Bin\Zanda.exe [2007-08-09 322616]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2006-07-13 131131]
R2 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2006-07-13 65599]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS.1\system32\nvsvc32.exe [2008-09-17 163908]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS.1\system32\ZoneLabs\vsmon.exe [2009-02-16 2402184]
R2 WSearch;Windows Search; C:\WINDOWS.1\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS.1\system32\svchost.exe [2008-04-13 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS.1\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS.1\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS.1\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS.1\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 nvcoas;Norman Virus Control on-access component; C:\Norman\Nvc\bin\nvcoas.exe [2007-12-12 179256]
S3 NVCScheduler;Norman Virus Control Scheduler; C:\Norman\Nvc\BIN\NVCSCHED.EXE [2007-05-23 146488]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2006-04-03 20543]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 Imapi Helper;Imapi Helper; C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe [2006-01-05 163840]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-21 152984]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS.1\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2010-06-05 09:24:45
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS.1\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS.1\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS.1\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.3.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001}
Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
AnswerWorks 5.0 English Runtime-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}\setup.exe" -l0x9 -uninst -removeonly
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Auslogics Duplicate File Finder-->"C:\Program Files\Auslogics\Auslogics Duplicate File Finder\unins000.exe"
BotHunter-->MsiExec.exe /X{4CB2511D-A074-40E0-A5ED-A875EBBDDF49}
Canon Camera Support Core Library-->"C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Canon G.726 WMP-Decoder-->"C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"
Canon MOV Decoder-->"C:\Program Files\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\Canon MOV Decoder132\CanonMOVDecoderUnInstall.ini"
Canon MOV Encoder-->"C:\Program Files\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\Canon MOV Encoder\CanonMOVEncoderUnInstall.ini"
Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
Canon ScanGear Toolbox CS 2.2-->C:\WINDOWS.1\IsUninst.exe -f"C:\Program Files\Canon\ScanGear Toolbox CS\Uninst.isu" -c"C:\Program Files\Canon\ScanGear Toolbox CS\uninst.dll"
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Utilities CameraWindow DC-->"C:\Program Files\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDC\Uninst.ini"
Canon Utilities CameraWindow-->"C:\Program Files\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini"
Canon Utilities EOS Utility-->"C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
Canon Utilities PhotoStitch-->"C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
Canon ZoomBrowser EX Memory Card Utility-->"C:\Program Files\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX MCU\Uninst.ini"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
ConvertHelper 2.2-->"C:\Program Files\ConvertHelper\unins000.exe"
Coupon Printer for Windows-->"C:\Program Files\Coupons\uninstall.exe" "/U:C:\Program Files\Coupons\Uninstall\uninstall.xml"
Data Fax SoftModem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\HXFSETUP.EXE -U -IAsu200Ck.inf
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
Disk Space Fan 1.4.2.796-->"C:\Program Files\DiskSpaceFan\Disk Space Fan\unins000.exe"
Driver Detective-->C:\Program Files\InstallShield Installation Information\{621C02EA-AAFF-4026-A903-165D59529A16}\setup.exe -runfromtemp -l0x0409
DriverAgent by eSupport.com-->"C:\Documents and Settings\Paul.FAMILYROOM\Local Settings\Application Data\eSupport.com\unins000.exe"
EPSON Printer Software-->C:\WINDOWS.1\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
FamilyInsight-->C:\Program Files\Ohana Software\FamilyInsight\uninstall.exe
Fast Video Converter 1.0-->"C:\Program Files\DVDFAST\Fast_Video_Converter\unins000.exe"
FotoSketcher - Version 1.9-->"C:\Program Files\FotoSketcher\unins000.exe"
Free Audio Editor-->C:\PROGRA~1\FREEAU~1\UNWISE.EXE C:\PROGRA~1\FREEAU~1\INSTALL.LOG
Freecorder 4.0 Application-->"C:\WINDOWS.1\Freecorder\uninstall.exe" "/U:C:\Program Files\Freecorder\Uninstall\uninstall.xml"
Freecorder Toolbar-->C:\PROGRA~1\Freecorder\UNWISE.EXE /U C:\PROGRA~1\Freecorder\INSTALL.LOG
GenSmarts-->"C:\Program Files\GenSmarts\unins000.exe"
Glary Registry Repair 3.2.0.828-->"C:\Program Files\Glary Registry Repair\unins000.exe"
Glary Utilities 2.17.0.776-->"C:\Program Files\Glary Utilities\unins000.exe"
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
GospeLink 2001-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01D01D87-9272-47F0-A8A0-E8F1D682AE30}\SETUP.EXE"
Hitman Pro 3.5-->"C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS.1\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS.1\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
ImgBurn-->"C:\Program Files\ImgBurn\uninstall.exe"
InfraRecorder-->C:\Program Files\InfraRecorder\uninstall.exe
ISO Recorder-->MsiExec.exe /I{DFC6573E-124D-4026-BFA4-B433C9D3FF21}
iTunes-->MsiExec.exe /I{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}
Java(TM) 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MapSource - MetroGuide USA v5-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{123E3792-565C-4DC8-A68A-BBB12C41B390} /l1033
MapSource - US Topo v3.02-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AD4203ED-7683-435E-B436-C299773A9936}\setup.exe" -l0x9 AddRemove
MapSource-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5E3CFCA6-C95A-47CB-A822-7FA80D423AF2}\Setup.exe" -l0x9 AddRemove
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS.1\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2000 Small Business-->MsiExec.exe /I{00030409-78E1-11D2-B60F-006097C998E7}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF0409-6000-11D3-8CFE-0150048383C9}
Microsoft VC9 runtime libraries-->MsiExec.exe /I{C4124E95-5061-4776-8D5D-E3D931C778E1}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows XP Video Decoder Checkup Utility-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS.1\INF\DECCHECK.inf,Uninstall
MozBackup 1.4.9-->C:\Program Files\MozBackup\Uninstall.exe
Mozilla Firefox (3.6.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (3.0.4)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
Musicnotes Player V1.23.1 and Viewer-->"C:\Program Files\Musicnotes\Player\unins000.exe"
MyDefrag v4.3.1-->"C:\Program Files\MyDefrag v4.3.1\unins000.exe"
Norman Virus Control plus-->C:\Norman\NVC\BIN\DelNVC5.exe
NVIDIA Drivers-->C:\WINDOWS.1\system32\nvuninst.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1F6423DE-7959-4178-80E0-023C7EAA5347} /l1033
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
OverDrive Media Console-->MsiExec.exe /I{34D6EED8-7650-4E1C-BC26-F5B2DDE185C6}
OverDrive Media Console-->MsiExec.exe /I{59FD743D-A699-449E-8197-BD2899DAD69A}
Personal Ancestral File 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D94A8E22-DF2B-4107-9E51-608A60A7671D}\Setup.exe"
Picasa 3-->"C:\Program Files\Picasa2\Uninstall.exe"
PictureMover-->MsiExec.exe /X{98BAC573-DBE2-49de-9A23-597CFD95E474}
Quicken 2008-->MsiExec.exe /X{3B0F52AC-EF5C-4831-B221-06C782E41280}
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
Sansa Media Converter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2A0F8F4-CE50-4857-A21C-3061682B2E87}\Setup.exe" -l0x9
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS.1\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS.1\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS.1\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS.1\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS.1\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS.1\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS.1\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS.1\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS.1\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS.1\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS.1\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS.1\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS.1\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Smart Defrag-->"C:\Program Files\IObit\IObit SmartDefrag\unins000.exe"
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SSC Service Utility v4.30-->"C:\Program Files\SSC Service Utility\unins000.exe"
SyncBack-->"C:\Program Files\2BrightSparks\SyncBack\unins000.exe"
System Explorer 1.5-->"C:\Program Files\System Explorer\unins000.exe"
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Ubuntu-->C:\ubuntu\uninstall-wubi.exe
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS.1\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Windows Internet Explorer 8 (KB971930)-->"C:\WINDOWS.1\ie8updates\KB971930-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB972636)-->"C:\WINDOWS.1\ie8updates\KB972636-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS.1\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS.1\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS.1\ie8updates\KB980182-IE8\spuninst\spuninst.exe"
VC 9.0 Runtime-->MsiExec.exe /I{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
ViewSonic Windows XP Signed Files-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC47C7A5-BE63-11D5-B7C9-005004566E4D}\Setup.exe" -l0x9
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS.1\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 1.0.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Internet Explorer 8-->"C:\WINDOWS.1\ie8\spuninst\spuninst.exe"
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
WinPatrol-->C:\PROGRA~1\BillP Studios\WinPatrol\Setup.exe /remove /q0
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
XP Codec Pack-->C:\Program Files\XP Codec Pack\Uninstall.exe
Yadis! Backup 1.9.3.30-->"C:\Program Files\Codessentials\Yadis\unins000.exe"
ZoneAlarm Spy Blocker-->rundll32 C:\PROGRA~1\ZONEAL~1\bar\1.bin\SpyBlock.dll,O
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
======Security center information======
FW: ZoneAlarm Firewall
======System event log======
Computer Name: FAMILYROOM
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 001BFC23663E. The following
error occurred:
The semaphore timeout period has expired.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Record Number: 4455
Source Name: Dhcp
Time Written: 20100410214032.000000-240
Event Type: warning
User:
Computer Name: FAMILYROOM
Event Code: 8032
Message: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{DD6F876C-9282-4D78-80C8-BAAA22823A07}.
The backup browser is stopping.
Record Number: 4211
Source Name: BROWSER
Time Written: 20100410213024.000000-240
Event Type: error
User:
Computer Name: FAMILYROOM
Event Code: 8021
Message: The browser was unable to retrieve a list of servers from the browser master \\HOME-8D2257268B on the network \Device\NetBT_Tcpip_{DD6F876C-9282-4D78-80C8-BAAA22823A07}.
The data is the error code.
Record Number: 4174
Source Name: BROWSER
Time Written: 20100410212656.000000-240
Event Type: warning
User:
Computer Name: FAMILYROOM
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 4126
Source Name: Tcpip
Time Written: 20100410212412.000000-240
Event Type: warning
User:
Computer Name: FAMILYROOM
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 001BFC23663E. The following
error occurred:
The semaphore timeout period has expired.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Record Number: 4102
Source Name: Dhcp
Time Written: 20100410211028.000000-240
Event Type: warning
User:
=====Application event log=====
Computer Name: FAMILYROOM
Event Code: 1
Message:
Record Number: 53281
Source Name: nview_info
Time Written: 20100211154709.000000-300
Event Type: error
User:
Computer Name: FAMILYROOM
Event Code: 1
Message:
Record Number: 53280
Source Name: nview_info
Time Written: 20100211154709.000000-300
Event Type: error
User:
Computer Name: FAMILYROOM
Event Code: 1
Message:
Record Number: 53279
Source Name: nview_info
Time Written: 20100211154709.000000-300
Event Type: error
User:
Computer Name: FAMILYROOM
Event Code: 1
Message:
Record Number: 53278
Source Name: nview_info
Time Written: 20100211154709.000000-300
Event Type: error
User:
Computer Name: FAMILYROOM
Event Code: 1
Message:
Record Number: 53277
Source Name: nview_info
Time Written: 20100211154709.000000-300
Event Type: error
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"JAVA_HOME"=C:\Program Files\Java\jre6
"NpmLib"=C:\Norman\Bin
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%NpmLib%;%JAVA_HOME%\bin;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 1, AuthenticAMD
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=6b01
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"tvdumpflags"=8
"windir"=%SystemRoot%
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.orgDatabase version: 4168
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
6/5/2010 9:36:24 AM
mbam-log-2010-06-05 (09-36-24).txt
Scan type: Quick scan
Objects scanned: 241516
Time elapsed: 15 minute(s), 23 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Windows Validation Check
Log Created On: 0927_05-06-2010
------------------------
Windows Information
-----------------------
Windows Version: Windows XP Service Pack 3
Windows Mode: Normal
WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Download updates and install them automatically.
------------------------------
Last Success Time for Update Detection: 2010-05-31 18:51:39
Last Success Time for Update Download: 2010-05-25 17:45:15
Last Success Time for Update Installation: 2010-05-26 07:00:38
WVCheck's File Dump
-------------------
WVCheck found no known bad files.
WVCheck's Missing File Check
-------------------
WVCheck found no missing Windows files.
WVCheck's MBAM Quarantine Check
-------------------
There were no bad files quarantined by MBAM.
WVCheck's HOSTS File Check
-------------------
WVCheck found no bad lines in the hosts file.
-------- End of File, program close at 0936_05-06-2010 --------