Ok heres the 2 logs requested.
Urs in anticipation love40uk
Logfile of random's system information tool 1.06 (written by random/random)
Run by user at 2009-04-29 16:54:29
Microsoft Windows XP Professional Service Pack 3
System drive D: has 409 MB (5%) free of 9 GB
Total RAM: 255 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:56:00, on 29/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\svchost.exe
D:\PROGRA~1\AVG\AVG8\avgemc.exe
D:\PROGRA~1\AVG\AVG8\avgrsx.exe
D:\PROGRA~1\AVG\AVG8\avgnsx.exe
D:\Program Files\AVG\AVG8\avgcsrvx.exe
D:\WINDOWS\system32\LVCOMSX.EXE
D:\Program Files\Logitech\Video\LogiTray.exe
D:\PROGRA~1\AVG\AVG8\avgtray.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\AVG\AVG8\avgcsrvx.exe
D:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\UTStarcom\now wireless broadband\dialer\Dialer.exe
D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
D:\Documents and Settings\user\Desktop\RSIT.exe
D:\Program Files\Trend Micro\HijackThis\user.exe
D:\WINDOWS\system32\spider.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://uk.yahoo.co.uk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.comO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] D:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [AVG8_TRAY] D:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O8 - Extra context menu item: Yahoo! &SMS - file:///D:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: Yahoo! Backgammon -
http://download.games.yahoo.com/games/c ... /at1_x.cabO16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) -
http://zone.msn.com/binFrameWork/v10/St ... b46479.cabO16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) -
http://housecall65.trendmicro.com/house ... hcImpl.cabO16 - DPF: {226ACC34-3194-70E2-5AE7-864FCFE9E80D} (CPlayFirstmsiControl Object) -
http://zone.msn.com/bingame/mosi/defaul ... .0.0.9.cabO16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) -
http://acs.pandasoftware.com/activescan ... stubie.cabO16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) -
http://zone.msn.com/bingame/trix/defaul ... 0.0.87.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) -
http://zone.msn.com/BinFrameWork/v10/ZB ... b32846.cabO16 - DPF: {49E67060-2C0D-415E-94C7-52A49F73B2F1} (CPlayFirstPiratePoppersControl Object) -
http://zone.msn.com/bingame/pppp/defaul ... 0.0.39.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by23fd.bay23.hotmail.msn.com/res ... nPUpld.cabO16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) -
http://zone.msn.com/binframework/v10/ZP ... b32846.cabO16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) -
http://catalog.update.microsoft.com/v7/ ... 8476596015O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/microsoftup ... 9562844984O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftup ... 9562780015O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) -
http://zone.msn.com/bingame/chnz/defaul ... uncher.cabO16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) -
http://chat.yahoo.com/cab/yuplapp.cabO16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} (ZPA_HRTZ Object) -
http://zone.msn.com/bingame/zpagames/zp ... b40641.cabO16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) -
http://cdn2.zone.msn.com/binframework/v ... b31267.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://cdn2.zone.msn.com/binFramework/v ... b56649.cabO16 - DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} (AstoundLauncher Control) -
http://zone.msn.com/bingame/jobo/defaul ... uncher.cabO16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) -
http://eu.download.games.yahoo.com/zylo ... loader.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553550000} -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) -
http://zone.msn.com/binframework/v10/St ... b41227.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{DA4DB70B-EEED-467A-837A-52175D0B87CC}: NameServer = 81.91.192.254 81.91.192.254
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - D:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 9081 bytes
======Scheduled tasks folder======
D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
D:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - D:\Program Files\AVG\AVG8\avgssie.dll [2009-04-08 1078552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-19 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-19 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"=D:\WINDOWS\system32\mobsync.exe [2008-04-14 143360]
"LVCOMSX"=D:\WINDOWS\system32\LVCOMSX.EXE [2005-01-19 221184]
"LogitechVideoRepair"=D:\Program Files\Logitech\Video\ISStart.exe [2005-01-19 458752]
"LogitechVideoTray"=D:\Program Files\Logitech\Video\LogiTray.exe [2005-01-19 217088]
"AVG8_TRAY"=D:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-04-08 1932568]
"SunJavaUpdateSched"=D:\Program Files\Java\jre6\bin\jusched.exe [2009-04-19 148888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Yahoo! Pager"=D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2006-11-30 4662776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
D:\WINDOWS\system32\avgrsstx.dll [2009-04-08 10520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"D:\Program Files\Yahoo!\Messenger\YServer.exe"="D:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Program Files\Windows Live\Messenger\wlcsdk.exe"="D:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"D:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="D:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\Program Files\AVG\AVG8\avgemc.exe"="D:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"D:\Program Files\AVG\AVG8\avgupd.exe"="D:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"D:\Program Files\AVG\AVG8\avgnsx.exe"="D:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\Windows Live\Messenger\wlcsdk.exe"="D:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"D:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="D:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 3 months======
2009-04-29 16:54:29 ----D---- D:\rsit
2009-04-21 23:01:45 ----SHD---- D:\RECYCLER
2009-04-21 22:57:06 ----A---- D:\ComboFix.txt
2009-04-19 12:44:43 ----AC---- D:\WINDOWS\system32\deploytk.dll
2009-04-19 12:44:42 ----AC---- D:\WINDOWS\system32\javaws.exe
2009-04-19 12:44:42 ----AC---- D:\WINDOWS\system32\javaw.exe
2009-04-19 12:44:41 ----AC---- D:\WINDOWS\system32\java.exe
2009-04-19 12:40:13 ----D---- D:\Program Files\Java
2009-04-19 12:12:32 ----D---- D:\Program Files\Windows Installer Clean Up
2009-04-19 11:48:17 ----D---- D:\Program Files\MSECACHE
2009-04-18 23:24:03 ----D---- D:\Program Files\NOS
2009-04-18 23:24:03 ----D---- D:\Documents and Settings\All Users\Application Data\NOS
2009-04-16 02:52:13 ----D---- D:\WINDOWS\temp
2009-04-16 02:44:17 ----A---- D:\pv.exe
2009-04-12 10:58:48 ----AC---- D:\WINDOWS\NIRCMD.exe
2009-04-08 23:14:51 ----A---- D:\WINDOWS\system32\avgrsstx.dll
2009-04-08 23:13:48 ----D---- D:\Program Files\AVG
2009-04-08 20:46:56 ----AC---- D:\WINDOWS\SWREG.exe
2009-04-08 20:46:55 ----AC---- D:\WINDOWS\zip.exe
2009-04-08 20:46:55 ----AC---- D:\WINDOWS\VFIND.exe
2009-04-08 20:46:55 ----AC---- D:\WINDOWS\SWXCACLS.exe
2009-04-08 20:46:55 ----AC---- D:\WINDOWS\SWSC.exe
2009-04-08 20:46:55 ----AC---- D:\WINDOWS\sed.exe
2009-04-08 20:46:55 ----AC---- D:\WINDOWS\grep.exe
2009-04-08 20:46:55 ----AC---- D:\WINDOWS\fdsv.exe
2009-04-08 20:46:28 ----D---- D:\WINDOWS\ERDNT
2009-04-08 19:48:53 ----D---- D:\Qoobox
2009-04-06 00:07:21 ----D---- D:\Program Files\Lavasoft
2009-04-06 00:07:21 ----D---- D:\Documents and Settings\All Users\Application Data\Lavasoft
2009-03-25 18:09:20 ----HD---- D:\$AVG8.VAULT$
2009-03-25 17:39:28 ----D---- D:\Documents and Settings\All Users\Application Data\avg8
2009-03-25 17:29:29 ----D---- D:\Documents and Settings\user\Application Data\AVG8
2009-03-22 00:30:47 ----D---- D:\Program Files\Microsoft Silverlight
2009-03-22 00:18:51 ----RSD---- D:\WINDOWS\assembly
2009-03-22 00:15:42 ----D---- D:\WINDOWS\Microsoft.NET
2009-03-22 00:11:39 ----AC---- D:\WINDOWS\system32\d3dx9_32.dll
2009-03-22 00:11:09 ----D---- D:\Program Files\Microsoft SQL Server Compact Edition
2009-03-22 00:10:04 ----HDC---- D:\WINDOWS\$NtUninstallKB954708$
2009-03-22 00:03:43 ----D---- D:\Program Files\Microsoft
2009-03-22 00:03:12 ----D---- D:\Program Files\Windows Live SkyDrive
2009-03-21 23:32:57 ----D---- D:\Program Files\Common Files\Windows Live
2009-03-21 23:10:49 ----HDC---- D:\WINDOWS\$NtUninstallKB967715$
2009-03-21 23:10:25 ----HDC---- D:\WINDOWS\$NtUninstallKB958690$
2009-03-21 23:09:56 ----HDC---- D:\WINDOWS\$NtUninstallKB960225$
2009-03-21 23:05:45 ----HDC---- D:\WINDOWS\$NtUninstallKB960715$
2009-03-21 23:05:20 ----HDC---- D:\WINDOWS\$NtUninstallKB958687$
2009-03-21 23:04:55 ----D---- D:\Program Files\MSXML 4.0
2009-03-21 23:04:10 ----HDC---- D:\WINDOWS\$NtUninstallKB951748$
2009-03-19 15:18:58 ----D---- D:\Documents and Settings\user\Application Data\HouseCall 6.6
2009-03-17 02:15:34 ----D---- D:\Documents and Settings\user\Application Data\Mozilla
2009-02-06 19:52:40 ----AC---- D:\WINDOWS\system32\sirenacm.dll
2009-02-02 20:30:19 ----AC---- D:\WINDOWS\system32\GEARAspi.dll
2009-02-02 20:10:35 ----D---- D:\Program Files\Bonjour
======List of files/folders modified in the last 3 months======
2009-04-29 15:47:38 ----SHD---- D:\WINDOWS\CSC
2009-04-28 22:03:37 ----D---- D:\WINDOWS\system32
2009-04-28 04:56:08 ----A---- D:\WINDOWS\SchedLgU.Txt
2009-04-21 22:57:13 ----D---- D:\WINDOWS\system32\drivers
2009-04-21 22:57:12 ----D---- D:\WINDOWS\Prefetch
2009-04-21 22:57:09 ----D---- D:\WINDOWS
2009-04-21 22:53:22 ----A---- D:\WINDOWS\system.ini
2009-04-21 22:52:01 ----D---- D:\WINDOWS\system32\CatRoot2
2009-04-20 20:48:17 ----RSHDC---- D:\WINDOWS\system32\dllcache
2009-04-19 12:41:25 ----SHD---- D:\WINDOWS\Installer
2009-04-19 12:40:13 ----RAD---- D:\Program Files
2009-04-19 12:12:33 ----SD---- D:\Documents and Settings\user\Application Data\Microsoft
2009-04-19 11:25:00 ----D---- D:\WINDOWS\Minidump
2009-04-19 01:21:52 ----D---- D:\Program Files\Common Files\Adobe
2009-04-19 00:51:44 ----D---- D:\Program Files\Adobe
2009-04-12 11:10:47 ----D---- D:\WINDOWS\AppPatch
2009-04-12 11:10:42 ----AD---- D:\Program Files\Common Files
2009-04-08 20:56:52 ----D---- D:\WINDOWS\system32\config
2009-04-08 20:22:40 ----D---- D:\WINDOWS\Help
2009-04-06 02:29:29 ----D---- D:\Program Files\Common Files\System
2009-04-06 00:46:09 ----DC---- D:\WINDOWS\system32\DRVSTORE
2009-04-06 00:17:50 ----HD---- D:\WINDOWS\inf
2009-04-06 00:07:12 ----D---- D:\WINDOWS\WinSxS
2009-03-31 20:48:08 ----SD---- D:\WINDOWS\Downloaded Program Files
2009-03-31 20:05:15 ----D---- D:\Program Files\Internet Explorer
2009-03-29 12:37:09 ----AC---- D:\WINDOWS\system32\PerfStringBackup.INI
2009-03-25 23:59:42 ----D---- D:\WINDOWS\Debug
2009-03-25 17:21:28 ----SD---- D:\WINDOWS\Tasks
2009-03-22 00:30:01 ----D---- D:\Program Files\Windows Live
2009-03-22 00:16:08 ----D---- D:\WINDOWS\system32\mui
2009-03-22 00:11:49 ----D---- D:\WINDOWS\system32\DirectX
2009-03-22 00:02:38 ----RSD---- D:\WINDOWS\Fonts
2009-03-21 23:32:42 ----SD---- D:\Documents and Settings\All Users\Application Data\Microsoft
2009-03-21 23:06:49 ----D---- D:\WINDOWS\ie7updates
2009-03-21 23:06:08 ----HD---- D:\WINDOWS\$hf_mig$
2009-02-25 13:55:00 ----AC---- D:\WINDOWS\system32\MRT.exe
2009-02-20 01:50:06 ----D---- D:\WINDOWS\network diagnostic
2009-02-12 18:14:48 ----RD---- D:\Program Files\iPod
2009-01-31 05:38:17 ----D---- D:\Program Files\CCleaner
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; D:\WINDOWS\System32\Drivers\avgldx86.sys [2009-04-08 325640]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; D:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-04-08 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; D:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-08 108552]
R1 P3;Intel PentiumIII Processor Driver; D:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-13 42752]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; D:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 fssfltr;FssFltr; D:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R3 ac97intc;Intel(r) 82801 Audio Driver Install Service (WDM); D:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
R3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; D:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; D:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Microsoft HID Class Driver; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; D:\WINDOWS\System32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 nv;nv; D:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
R3 usbhub;USB2 Enabled Hub; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBNIC;USBNIC Network Adapter; D:\WINDOWS\system32\DRIVERS\USBNIC.sys [2006-03-16 18944]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 UTPPPoE;WAN Miniport (UTStarcom PPP over Ethernet Protocol); D:\WINDOWS\system32\DRIVERS\utpppoe.sys [2006-03-16 22784]
S3 alcan5wn;Alcatel SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); D:\WINDOWS\System32\DRIVERS\alcan5wn.sys [2002-11-13 53168]
S3 alcaudsl;Alcatel Speed Touch ADSL Modem ATM Transport; D:\WINDOWS\System32\DRIVERS\alcaudsl.sys [2002-11-13 748544]
S3 Arp1394;1394 ARP Client Protocol; D:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 catchme;catchme; \??\D:\DOCUME~1\user\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; D:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\D:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; D:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nm;Network Monitor Driver; D:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 QCDonner;Labtec WebCam(PID_0840); D:\WINDOWS\system32\DRIVERS\LVCD.sys [2004-01-20 474272]
S3 RkPavproc1;RkPavproc1; \??\D:\WINDOWS\system32\drivers\RkPavproc1.sys []
S3 s816bus;Sony Ericsson Device 816 driver (WDM); D:\WINDOWS\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; D:\WINDOWS\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; D:\WINDOWS\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM); D:\WINDOWS\system32\DRIVERS\s816mgmt.sys [2007-06-19 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS); D:\WINDOWS\system32\DRIVERS\s816nd5.sys [2007-06-19 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; D:\WINDOWS\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM); D:\WINDOWS\system32\DRIVERS\s816unic.sys [2007-06-19 97704]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); D:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 StillCam;Still Serial Digital Camera Driver; D:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784]
S3 streamip;BDA IPSink; D:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Microsoft USB Generic Parent Driver; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;USB Scanner Driver; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext Codec; D:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8emc;AVG Free8 E-mail Scanner; D:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-04-08 908056]
R2 avg8wd;AVG Free8 WatchDog; D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-04-08 298264]
R2 Bonjour Service;Bonjour Service; D:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2009-04-19 152984]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 fsssvc;Windows Live Family Safety; D:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-04-29 16:56:08
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->D:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->D:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Shockwave Player-->D:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE D:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ask Toolbar-->rundll32 D:\PROGRA~1\AskSBar\bar\1.bin\AskSBar.dll,O
AVG Free 8.5-->D:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CCleaner (remove only)-->"D:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
HijackThis 2.0.2-->"D:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB952287)-->"D:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB954708)-->"D:\WINDOWS\$NtUninstallKB954708$\spuninst\spuninst.exe"
HouseCall 6.6-->"D:\Documents and Settings\user\Application Data\HouseCall 6.6\uninstaller.exe"
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Labtec WebCam Software-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{BF45F502-D3F2-4E7C-91D8-9AA5A8141D08}\setup.exe" -l0x9
Labtec® Camera Driver-->"D:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Macromedia Shockwave Player-->D:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE D:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Microsoft .NET Framework 2.0-->D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation APIs-->"D:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"D:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.10)-->C:\Program Files\New Folder\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
now wireless broadband-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{4E8765E1-679E-4D7B-A2C9-685D95DD4DC7}\setup.exe" -l0x9 -removeonly
Samsung Master-->D:\Program Files\InstallShield Installation Information\{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}\setup.exe -runfromtemp -l0x0009 -removeonly
Samsung USB Driver-->"D:\Program Files\InstallShield Installation Information\{86D6A20D-3910-4441-A3E5-EB6977251C86}\Setup.exe" -runfromtemp -l0x0009 anything -removeonly
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"D:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"D:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"D:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"D:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"D:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"D:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"D:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"D:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"D:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"D:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"D:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"D:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"D:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"D:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"D:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"D:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"D:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"D:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"D:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"D:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"D:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"D:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"D:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"D:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"D:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"D:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"D:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"D:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"D:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sony Ericsson PC Suite-->MsiExec.exe /I{D59AC9E9-FFAE-471B-B1FF-4B311D23417A}
Update for Windows XP (KB951978)-->"D:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"D:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"D:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->D:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->D:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{C6CA8874-5F22-4AF0-9BE3-016BF299C536}
Windows Live Family Safety-->MsiExec.exe /X{76CD2979-09C0-493A-84B3-8FD97EF4BCEA}
Windows Live Mail-->MsiExec.exe /I{63C1109E-D977-49ED-BCE3-D00D0BF187D6}
Windows Live Messenger-->MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
Windows Live Photo Gallery-->MsiExec.exe /X{3C52E7DA-C431-4239-B66B-1BF703D5B194}
Windows Live Sign-in Assistant-->MsiExec.exe /I{9422C8EA-B0C6-4197-B8FC-DC797658CA00}
Windows Live Sync-->MsiExec.exe /X{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Writer-->MsiExec.exe /X{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}
Windows XP Service Pack 3-->"D:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Xvid 1.1.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
Yahoo! Messenger-->D:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U D:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
=====HijackThis Backups=====
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} -
http://www.securesoftwarefeed.com/redirect.php (file missing) [2008-01-30]
O2 - BHO: (no name) - {69B98C68-D2B8-4A4E-9CB7-E85B6F3A7014} - (no file) [2008-01-30]
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) [2008-01-30]
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) [2008-01-30]
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) [2008-01-30]
O22 - SharedTaskScheduler: cariniana - {5c770fbc-cc2f-4acd-93e8-e6f0594307fd} - (no file) [2008-01-30]
O23 - Service: Windows System Host - Unknown owner - D:\WINDOWS\sychost32.exe (file missing) [2008-01-30]
O23 - Service: Microsoft Windows System32 - Unknown owner - D:\WINDOWS\zaber.exe (file missing) [2008-01-30]
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - D:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (file missing) [2009-04-05]
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - D:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (file missing) [2009-04-05]
O24 - Desktop Component 0: (no name) - D:\WINDOWS\System32\ad.html [2009-04-12]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://uk.red.clientapps.yahoo.com/cust ... _side.html [2009-04-18]
======Security center information======
AV: AVG Anti-Virus Free
======System event log======
Computer Name: USER-NLF03H64ID
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 58570
Source Name: Tcpip
Time Written: 20090322222851.000000+000
Event Type: warning
User:
Computer Name: USER-NLF03H64ID
Event Code: 1002
Message: The IP address lease 192.168.1.254 for the Network Card with network address 00E06E000005 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
Record Number: 58442
Source Name: Dhcp
Time Written: 20090320215836.000000+000
Event Type: error
User:
Computer Name: USER-NLF03H64ID
Event Code: 1000
Message: Your computer has lost the lease to its IP address 192.168.1.254 on the
Network Card with network address 00E06E000005.
Record Number: 58404
Source Name: Dhcp
Time Written: 20090320161114.000000+000
Event Type: error
User:
Computer Name: USER-NLF03H64ID
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 00E06E000005. The following
error occurred:
The semaphore timeout period has expired.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Record Number: 58403
Source Name: Dhcp
Time Written: 20090320161114.000000+000
Event Type: warning
User:
Computer Name: USER-NLF03H64ID
Event Code: 1002
Message: The IP address lease 192.168.1.254 for the Network Card with network address 00E06E000005 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
Record Number: 58402
Source Name: Dhcp
Time Written: 20090320161055.000000+000
Event Type: error
User:
=====Application event log=====
Computer Name: USER-NLF03H64ID
Event Code: 12001
Message:
Record Number: 20
Source Name: usnjsvc
Time Written: 20090220175025.000000+000
Event Type:
User:
Computer Name: USER-NLF03H64ID
Event Code: 4356
Message: The COM+ Event System failed to create an instance of the subscriber partition:{41E90F3E-56C1-4633-81C3-6E8BAC8BDD70}!new:{6295DF2D-35EE-11D1-8707-00C04FD93327}. CoGetObject returned HRESULT 8000401A.
Record Number: 16
Source Name: EventSystem
Time Written: 20090220133616.000000+000
Event Type: warning
User:
Computer Name: USER-NLF03H64ID
Event Code: 12001
Message:
Record Number: 9
Source Name: usnjsvc
Time Written: 20090220112119.000000+000
Event Type:
User:
Computer Name: USER-NLF03H64ID
Event Code: 4356
Message: The COM+ Event System failed to create an instance of the subscriber partition:{41E90F3E-56C1-4633-81C3-6E8BAC8BDD70}!new:{6295DF2D-35EE-11D1-8707-00C04FD93327}. CoGetObject returned HRESULT 8000401A.
Record Number: 6
Source Name: EventSystem
Time Written: 20090220111625.000000+000
Event Type: warning
User:
Computer Name: USER-NLF03H64ID
Event Code: 4356
Message: The COM+ Event System failed to create an instance of the subscriber partition:{41E90F3E-56C1-4633-81C3-6E8BAC8BDD70}!new:{6295DF2D-35EE-11D1-8707-00C04FD93327}. CoGetObject returned HRESULT 8000401A.
Record Number: 4
Source Name: EventSystem
Time Written: 20090220054138.000000+000
Event Type: warning
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=1
"OS"=Windows_NT
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;D:\PROGRAM FILES\COMMON FILES\TELECA SHARED
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 3, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=0803
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
-----------------EOF-----------------