Below is the Gooredlog.txtGooredFix v1.91 by jpshortstuff
Log created at 07:14 on 19/02/2009 running Option #1 (Administrater)
Firefox version 3.0.6 (en-US)
=====Suspect Goored Entries=====
=====Dumping Registry Values=====
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.6\extensions]
"Plugins"="H:\Program Files\Mozilla Firefox\plugins"
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.6\extensions]
"Components"="H:\Program Files\Mozilla Firefox\components"
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions]
"jqs@sun.com"="H:\Program Files\Java\jre6\lib\deploy\jqs\ff"
Below is the RSIT logLogfile of random's system information tool 1.05 (written by random/random)
Run by Administrater at 2009-02-19 07:19:16
Microsoft Windows XP Home Edition Service Pack 3
System drive H: has 138 GB (58%) free of 238 GB
Total RAM: 2047 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:19:28 AM, on 2/19/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\csrss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
H:\Program Files\Bonjour\mDNSResponder.exe
H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
H:\Program Files\Common Files\LightScribe\LSSrvc.exe
H:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
H:\WINDOWS\System32\nvsvc32.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
H:\WINDOWS\System32\wbem\unsecapp.exe
H:\WINDOWS\System32\wbem\wmiprvse.exe
H:\WINDOWS\System32\alg.exe
H:\Program Files\iPod\bin\iPodService.exe
H:\Program Files\Spyware Doctor\pctsAuxs.exe
H:\Program Files\Spyware Doctor\pctsSvc.exe
H:\Program Files\Java\jre6\bin\jqs.exe
H:\WINDOWS\system32\csrss.exe
H:\WINDOWS\system32\winlogon.exe
H:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\wscntfy.exe
H:\Program Files\Iomega\AutoDisk\ADUserMon.exe
H:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
H:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
H:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\Program Files\Spyware Doctor\pctsTray.exe
H:\Program Files\Java\jre6\bin\jusched.exe
H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\TomTom HOME 2\HOMERunner.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Documents and Settings\Administrater\Desktop\RSIT.exe
H:\WINDOWS\System32\wbem\wmiprvse.exe
H:\Program Files\Trend Micro\HijackThis\Administrater.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://my.msn.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=74005R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - H:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - H:\Program Files\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - H:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - H:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - H:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ADUserMon] H:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "H:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [DVDLauncher] "H:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] H:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISTray] "H:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [swg] H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "H:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKUS\S-1-5-21-606747145-1614895754-725345543-1004\..\Run: [MSMSGS] "H:\Program Files\Messenger\MSMSGS.EXE" /background (User 'Danny')
O4 - HKUS\S-1-5-21-606747145-1614895754-725345543-1004\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe (User 'Danny')
O4 - HKUS\S-1-5-21-606747145-1614895754-725345543-1004\..\Run: [swg] H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Danny')
O4 - Global Startup: Microsoft Office.lnk = H:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://photo.walgreens.com/WalgreensActivia.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupda ... 0666581196O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) -
https://webdl.symantec.com/activex/symdlmgr.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftup ... 0667475160O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) -
https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cabO23 - Service: Apple Mobile Device - Apple Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - H:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - H:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - H:\WINDOWS\System32\NMSSvc.exe
O23 - Service: Norton Internet Security - Symantec Corporation - H:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - H:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - H:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - H:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - H:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - H:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - H:\Program Files\Iomega\AutoDisk\ADService.exe
--
End of file - 9714 bytes
======Scheduled tasks folder======
H:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
H:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 2100 series#1209928282.job
H:\WINDOWS\tasks\User_Feed_Synchronization-{86F4DA44-40D9-43D7-9BE7-3E7AEE4717EE}.job
H:\WINDOWS\tasks\User_Feed_Synchronization-{9605280D-01FA-4D36-9322-8422FA5B165F}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - H:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll [2009-01-28 340848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - H:\Program Files\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL [2009-01-28 107896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - H:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-18 251504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - H:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-01-18 657904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - H:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-01-18 522224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - H:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-14 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-14 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - H:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll [2009-01-28 340848]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - H:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-18 251504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=H:\WINDOWS\System32\NvCpl.dll [2003-10-06 5058560]
"nwiz"=nwiz.exe /install []
"ADUserMon"=H:\Program Files\Iomega\AutoDisk\ADUserMon.exe [2002-09-24 147456]
"Adobe Photo Downloader"=H:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe [2007-03-09 63712]
"DVDLauncher"=H:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [2005-12-09 49152]
"Adobe Reader Speed Launcher"=H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Ad-Watch"=H:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-01-18 506712]
"QuickTime Task"=H:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=H:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"ISTray"=H:\Program Files\Spyware Doctor\pctsTray.exe [2008-08-25 1168264]
"SunJavaUpdateSched"=H:\Program Files\Java\jre6\bin\jusched.exe [2009-02-14 148888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-02 68856]
"ctfmon.exe"=H:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"TomTomHOME.exe"=H:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-12-09 234856]
H:\Documents and Settings\All Users\Start Menu\Programs\Startup
Microsoft Office.lnk - H:\Program Files\Microsoft Office\Office\OSA9.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
H:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\Program Files\Bonjour\mDNSResponder.exe"="H:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"H:\Program Files\iTunes\iTunes.exe"="H:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4820edc3-d9cc-11dd-99b6-0007e979f5e2}]
shell\AutoRun\command - D:\InstallTomTomHOME.exe
======List of files/folders created in the last 1 months======
2009-02-19 07:19:16 ----D---- H:\rsit
2009-02-14 08:41:58 ----D---- H:\WINDOWS\Sun
2009-02-14 08:40:05 ----A---- H:\WINDOWS\system32\javaws.exe
2009-02-14 08:40:05 ----A---- H:\WINDOWS\system32\javaw.exe
2009-02-14 08:40:05 ----A---- H:\WINDOWS\system32\java.exe
2009-02-14 08:40:05 ----A---- H:\WINDOWS\system32\deploytk.dll
2009-02-14 08:39:39 ----D---- H:\Program Files\Java
2009-02-14 08:38:32 ----D---- H:\Documents and Settings\Administrater\Application Data\Sun
2009-02-14 08:05:51 ----AD---- H:\Documents and Settings\All Users\Application Data\TEMP
2009-02-14 08:05:39 ----D---- H:\Program Files\Spyware Doctor
2009-02-14 08:05:39 ----D---- H:\Documents and Settings\Administrater\Application Data\PC Tools
2009-02-11 22:38:59 ----D---- H:\Program Files\iPod
2009-02-11 22:38:57 ----D---- H:\Program Files\iTunes
2009-02-11 22:38:57 ----D---- H:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-02-11 22:23:20 ----D---- H:\Program Files\Bonjour
2009-02-11 22:22:01 ----D---- H:\Program Files\QuickTime
2009-01-29 20:52:52 ----A---- H:\WINDOWS\system32\lsdelete.exe
2009-01-29 07:28:07 ----HDC---- H:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-01-28 23:41:05 ----D---- H:\Program Files\Norton Support
2009-01-28 23:34:13 ----D---- H:\Program Files\Symantec
2009-01-28 23:34:13 ----A---- H:\WINDOWS\system32\S32EVNT1.DLL
2009-01-28 23:33:44 ----D---- H:\Program Files\Windows Sidebar
2009-01-28 23:33:44 ----D---- H:\Program Files\Norton Internet Security
2009-01-28 19:11:44 ----D---- H:\Program Files\Trend Micro
2009-01-25 15:58:45 ----D---- H:\Program Files\aquaplay
2009-01-22 07:15:03 ----D---- H:\Laptop Backup
======List of files/folders modified in the last 1 months======
2009-02-19 07:15:10 ----D---- H:\Program Files\Mozilla Firefox
2009-02-19 07:04:06 ----D---- H:\WINDOWS\Temp
2009-02-17 22:14:43 ----D---- H:\Documents and Settings\Administrater\Application Data\Apple Computer
2009-02-17 22:13:45 ----D---- H:\WINDOWS\system32\drivers
2009-02-17 22:13:43 ----HD---- H:\WINDOWS\inf
2009-02-17 10:45:05 ----D---- H:\Documents and Settings\All Users\Application Data\Google Updater
2009-02-17 07:29:40 ----D---- H:\WINDOWS\Prefetch
2009-02-16 17:19:00 ----A---- H:\WINDOWS\SchedLgU.Txt
2009-02-14 08:41:58 ----D---- H:\WINDOWS
2009-02-14 08:40:36 ----SHD---- H:\WINDOWS\Installer
2009-02-14 08:40:05 ----D---- H:\WINDOWS\system32
2009-02-14 08:39:39 ----D---- H:\Program Files
2009-02-14 08:06:55 ----A---- H:\WINDOWS\system32\PerfStringBackup.INI
2009-02-11 23:12:37 ----D---- H:\WINDOWS\system32\CatRoot2
2009-02-11 22:38:59 ----D---- H:\Program Files\Common Files\Apple
2009-02-11 22:24:24 ----DC---- H:\WINDOWS\system32\DRVSTORE
2009-02-11 22:19:51 ----D---- H:\Program Files\Apple Software Update
2009-02-11 22:19:43 ----SD---- H:\WINDOWS\Tasks
2009-02-11 22:00:30 ----D---- H:\WINDOWS\network diagnostic
2009-02-09 06:59:32 ----D---- H:\WINDOWS\Minidump
2009-02-01 08:45:31 ----RSHDC---- H:\WINDOWS\system32\dllcache
2009-02-01 08:45:31 ----D---- H:\WINDOWS\system32\en-US
2009-02-01 08:45:30 ----D---- H:\WINDOWS\Media
2009-02-01 08:45:30 ----D---- H:\WINDOWS\Help
2009-02-01 08:45:30 ----D---- H:\Program Files\Internet Explorer
2009-02-01 08:44:27 ----D---- H:\WINDOWS\ie8updates
2009-02-01 08:41:42 ----RSD---- H:\WINDOWS\Fonts
2009-02-01 08:40:02 ----D---- H:\Program Files\Microsoft ActiveSync
2009-01-30 07:19:56 ----AC---- H:\WINDOWS\ntbtlog.txt
2009-01-29 07:35:53 ----D---- H:\Program Files\Lavasoft
2009-01-29 07:35:49 ----D---- H:\WINDOWS\WinSxS
2009-01-29 07:28:50 ----SHD---- H:\System Volume Information
2009-01-29 07:16:27 ----D---- H:\Program Files\Spybot - Search & Destroy
2009-01-29 07:16:15 ----D---- H:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-29 07:15:46 ----D---- H:\Documents and Settings\All Users\Application Data\Lavasoft
2009-01-28 23:34:13 ----D---- H:\Program Files\Common Files\Symantec Shared
2009-01-28 23:33:44 ----D---- H:\Documents and Settings\All Users\Application Data\Norton
2009-01-28 23:32:35 ----D---- H:\Documents and Settings\All Users\Application Data\NortonInstaller
2009-01-28 23:32:07 ----D---- H:\Program Files\NortonInstaller
2009-01-28 21:39:44 ----A---- H:\WINDOWS\imsins.BAK
2009-01-28 21:36:10 ----D---- H:\WINDOWS\Registration
2009-01-28 21:34:07 ----D---- H:\Documents and Settings\All Users\Application Data\Symantec
2009-01-28 19:10:12 ----SHD---- H:\RECYCLER
2009-01-21 22:27:49 ----D---- H:\WINDOWS\repair
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 BHDrvx86;Symantec Heuristics Driver; \??\H:\WINDOWS\system32\drivers\NIS\1000000.07D\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; \??\H:\WINDOWS\system32\drivers\NIS\1000000.07D\ccHPx86.sys []
R1 Cdr4_xp;Cdr4_xp; H:\WINDOWS\system32\drivers\Cdr4_xp.sys [2007-04-22 2432]
R1 Cdralw2k;Cdralw2k; H:\WINDOWS\system32\drivers\Cdralw2k.sys [2007-04-22 2560]
R1 cdudf_xp;cdudf_xp; H:\WINDOWS\system32\drivers\cdudf_xp.sys [2002-12-17 241152]
R1 eeCtrl;Symantec Eraser Control driver; \??\H:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 IDSxpx86;IDSxpx86; \??\H:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20080826.006\IDSxpx86.sys []
R1 IKSysFlt;System Filter Driver; H:\WINDOWS\system32\drivers\iksysflt.sys [2008-08-25 66952]
R1 IKSysSec;System Security Driver; H:\WINDOWS\system32\drivers\iksyssec.sys [2008-08-25 81288]
R1 intelppm;Intel Processor Driver; H:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; H:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 OMCI;OMCI; H:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [2001-08-22 13632]
R1 pwd_2k;pwd_2k; H:\WINDOWS\system32\drivers\pwd_2k.sys [2007-06-23 143834]
R1 SRTSPX;SRTSPX; \??\H:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSPX.SYS []
R1 SYMTDI;SYMTDI; \??\H:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMTDI.SYS []
R1 UdfReadr_xp;UdfReadr_xp; H:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2007-06-23 206464]
R2 mdmxsdk;mdmxsdk; H:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 symlcbrd;symlcbrd; \??\H:\WINDOWS\system32\drivers\symlcbrd.sys []
R2 v2imount;Symantec V2i Mount Driver; H:\WINDOWS\system32\DRIVERS\v2imount.sys [2008-01-19 38112]
R3 ATICXCAP;ATI TV Wonder Pro A/V Capture; H:\WINDOWS\system32\drivers\aticxcap.sys [2003-04-08 188506]
R3 ATICXTUN;ATI TV Wonder Pro Tuner (Philips 1236 MK3); H:\WINDOWS\system32\drivers\aticxtun.sys [2003-04-08 31003]
R3 ATICXXBR;ATI TV Wonder Pro A/V Crossbar; H:\WINDOWS\system32\drivers\aticxxbr.sys [2003-04-08 9882]
R3 dvd_2K;dvd_2K; H:\WINDOWS\system32\drivers\dvd_2K.sys [2007-06-23 25898]
R3 E100B;Intel(R) PRO Adapter Driver; H:\WINDOWS\System32\DRIVERS\e100b325.sys [2002-09-19 139776]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\H:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; H:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; H:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 hidusb;Microsoft HID Class Driver; H:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; H:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-03-09 51024]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; H:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; H:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-03-09 21456]
R3 HSF_DP;HSF_DP; H:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2003-11-17 1042432]
R3 HSFHWBS2;HSFHWBS2; H:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [2003-11-17 212224]
R3 MODEMCSA;Unimodem Streaming Filter Device; H:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; H:\WINDOWS\System32\DRIVERS\mouhid.sys [2002-09-03 12160]
R3 NAVENG;NAVENG; \??\H:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090210.038\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\H:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090210.038\NAVEX15.SYS []
R3 nv;nv; H:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-10-06 1550043]
R3 P16X;Creative SB Live! Series (WDM); H:\WINDOWS\system32\drivers\P16X.sys [2002-08-30 1293440]
R3 pfc;Padus ASPI Shell; H:\WINDOWS\system32\drivers\pfc.sys [2002-11-11 9856]
R3 SRTSP;SRTSP; \??\H:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSP.SYS []
R3 SYMDNS;SYMDNS; \??\H:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMDNS.SYS []
R3 SymEvent;SymEvent; \??\H:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; \??\H:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMFW.SYS []
R3 SYMIDS;SYMIDS; \??\H:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMIDS.SYS []
R3 SymIMMP;SymIMMP; H:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-01-28 35888]
R3 SYMNDIS;SYMNDIS; \??\H:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMNDIS.SYS []
R3 SYMREDRV;SYMREDRV; \??\H:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS []
R3 usbccgp;Microsoft USB Generic Parent Driver; H:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; H:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; H:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; H:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; H:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; H:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; H:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2003-11-17 680704]
S3 CCDECODE;Closed Caption Decoder; H:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 mmc_2K;mmc_2K; H:\WINDOWS\system32\drivers\mmc_2K.sys [2007-06-23 30630]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; H:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; H:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; H:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NMSCFG;NIC Management Service Configuration Driver; \??\H:\WINDOWS\System32\drivers\NMSCFG.SYS []
S3 SLIP;BDA Slip De-Framer; H:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); H:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; H:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; H:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-01-28 35888]
S3 USBAAPL;Apple Mobile USB Driver; H:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbstor;USB Mass Storage Driver; H:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; H:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WSTCODEC;World Standard Teletext Codec; H:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; H:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; H:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Bonjour Service; H:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 gusvc;Google Updater Service; H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-21 168432]
R2 JavaQuickStarterService;Java Quick Starter; H:\Program Files\Java\jre6\bin\jqs.exe [2009-02-14 152984]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; H:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 921936]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; H:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 Norton Internet Security;Norton Internet Security; H:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [2009-01-28 115560]
R2 NVSvc;NVIDIA Display Driver Service; H:\WINDOWS\System32\nvsvc32.exe [2003-10-06 81920]
R2 sdAuxService;PC Tools Auxiliary Service; H:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920]
R2 sdCoreService;PC Tools Security Service; H:\Program Files\Spyware Doctor\pctsSvc.exe [2008-10-09 1079176]
R2 UleadBurningHelper;Ulead Burning Helper; H:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2007-01-18 67056]
R3 iPod Service;iPod Service; H:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
S2 _IOMEGA_ACTIVE_DISK_SERVICE_;Iomega Active Disk; H:\Program Files\Iomega\AutoDisk\ADService.exe [2002-09-24 151552]
S3 aspnet_state;ASP.NET State Service; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 NMSSvc;Intel(R) NMS; H:\WINDOWS\System32\NMSSvc.exe [2002-05-03 1118208]
S3 Pml Driver HPZ12;Pml Driver HPZ12; H:\WINDOWS\system32\HPZipm12.exe [2003-03-09 65795]
S3 Symantec Core LC;Symantec Core LC; H:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-02-05 1251720]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; H:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; H:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 Capture Device Service;Capture Device Service; H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2006-08-11 200704]
S4 Iomega Activity Disk2;Iomega Activity Disk2; []
S4 Iomega App Services;Iomega App Services; H:\PROGRA~1\Iomega\System32\AppServices.exe [2002-09-04 73728]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-02-19 07:19:31======Uninstall list======
-->"H:\Program Files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
-->H:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->RunDll32 H:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{55BC7EFA-D832-4EE3-9DEA-49B0C07539D9}\setup.exe" -l0x9 -L0x9anything
-->RunDll32 H:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{DCDC8E79-4600-4C02-9824-CD3BB8971D4E}\Setup.exe" -l0x9 -L0x9anything
-->RunDll32 H:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{34449598-3F4B-43B5-A996-84A7345FD15F}\setup.exe" -l0x9
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 H:\WINDOWS\INF\PCHealth.inf
Active Disk-->H:\WINDOWS\unvise32.exe H:\Program Files\Iomega\AutoDisk\uninstal.log
Ad-Aware-->"H:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->H:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->H:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop Elements 2.0-->H:\WINDOWS\ISUNINST.EXE -f"H:\Program Files\Adobe\Photoshop Elements 2\Uninst.isu" -c"H:\Program Files\Adobe\Photoshop Elements 2\Uninst.dll"
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe® Photoshop® Album Starter Edition 3.2-->MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
AnswerWorks 4.0 Runtime - English-->RunDll32 H:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}\setup.exe" -l0x9 -removeonly
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Application Mover-->H:\Tools\AppMove\UNWISE.EXE H:\Tools\AppMove\INSTALL.LOG
aquaplay-->"H:\Program Files\aquaplay\Uninstall.exe"
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Broadcom Advanced Control Suite-->H:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{468190DA-FB4C-45BA-8E40-4B165FF1A939} /l1033
Broadcom Driver Installer-->H:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{BE6890C7-31EF-478C-812E-1E2899ABFCA9} /l1033
Conexant D850 56K V.9x DFVc Modem-->H:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -Idel200fk.inf
Dell GPS Navigation System-->RunDll32 H:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{3E3966CE-E4BD-434B-9585-EDF35B272FE3}\Setup.exe" -l0x9
Dell ResourceCD-->RunDll32 H:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\setup.exe"
Dell Solution Center-->MsiExec.exe /X{11F1920A-56A2-4642-B6E0-3B31A12C9288}
DellTouch-->RunDll32 H:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{706D5382-7381-4680-9DD0-161832578252}\setup.exe"
DivX Codec-->H:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->H:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->H:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->H:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Easy CD Creator 5 Basic-->MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0}
Google Toolbar for Internet Explorer-->"H:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
Google Updater-->"H:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
HijackThis 2.0.2-->"H:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Internet Explorer 7 (KB947864)-->"H:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"H:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"H:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"H:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
hp instant support-->H:\PROGRA~1\HEWLET~1\HPINST~1\Uninstall.exe CeS
HP Photo and Imaging 2.0 - All-in-One Drivers-->MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}
HP Photo and Imaging 2.0 - All-in-One-->MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1}
HP Photo and Imaging 2.0 - hp psc 2100 series-->H:\Program Files\Hewlett-Packard\Digital Imaging\{7C8BB31C-E09E-4c7d-BBF1-45E33B467FE1}\Setup\hpzscr01.exe -datfile hposcr02.dat -forcereboot
hp psc 2100 series-->MsiExec.exe /X{82DFB852-9594-4668-9C66-28BB6E94BCB2}
hp psc 2100 series-->rundll32 hpzcon07.dll,VendorJettison hp psc 2100 series
Intel(R) PRO Ethernet Adapter and Software-->Prounstl.exe
Intel(R) PROSet II-->MsiExec.exe /I{01A4AEDE-F219-49A2-B855-16A016EAF9A4}
InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
iTunes-->MsiExec.exe /I{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}
Java(TM) 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"H:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"H:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"H:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 Premium-->MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"H:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Movavi Video Converter 7-->MsiExec.exe /I{AAD37EE3-50A7-45DB-97B9-1C8B900E9E8B}
Mozilla Firefox (3.0.6)-->H:\Program Files\Mozilla Firefox\uninstall\helper.exe
MyDVD-->RunDll32 H:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{5E835305-63BB-4E55-BBB7-EEBBE67774DB}\SETUP.EXE" -l0x9 -L0x9 /SMAINT
Norton Internet Security-->H:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\2454B0AB\16.0.0.125\InstStub.exe /X
NVIDIA Display Driver-->H:\WINDOWS\System32\nvudisp.exe Uninstall H:\WINDOWS\System32\nvdisp.nvu,NVIDIA Display Driver
PowerDVD 5.7-->RunDll32 H:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PrintMaster Express-->H:\PROGRA~1\BRODER~1\PRINTM~1\UNWISE.EXE H:\PROGRA~1\BRODER~1\PRINTM~1\INSTALL.LOG
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Readiris 7.5-->RunDll32 H:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{9BFFB382-0B2C-11D6-AB3E-000102B0F79A}\setup.exe" -l0x9
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB929969)-->"H:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB931768)-->"H:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566)-->"H:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"H:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"H:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"H:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"H:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"H:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"H:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"H:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"H:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"H:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"H:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Encoder (KB954156)-->"H:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"H:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"H:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"H:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 8 (KB917734)-->"H:\WINDOWS\$NtUninstallKB917734_WMP8$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB911565)-->"H:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB917734)-->"H:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"H:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"H:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"H:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"H:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"H:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"H:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"H:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"H:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"H:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"H:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"H:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"H:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"H:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"H:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"H:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"H:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"H:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"H:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"H:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"H:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"H:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"H:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"H:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"H:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"H:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Spyware Doctor 6.0-->H:\Program Files\Spyware Doctor\unins000.exe /LOG
Symantec KB-DocID:2003093015493306-->MsiExec.exe /I{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}
Theme Generator V2-->MsiExec.exe /X{4FD05420-333C-4233-94A6-9759430D6C2A}
TomTom HOME 2.5.2.60-->H:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
TomTom Media Center 4.1.0.13 DEMO-->"H:\Program Files\TomTom Media Center\unins000.exe"
TurboTax Deluxe 2007-->H:\Program Files\TurboTax\Deluxe 2007\TaxUnst.EXE "H:\Program Files\TurboTax\Deluxe 2007\Uninstall.log" -NoGui
Ulead DVD MovieFactory 6-->H:\Program Files\InstallShield Installation Information\{CCC4E428-411E-4605-B515-317D50ABD477}\setup.exe -runfromtemp -l0x0409
Update for Windows XP (KB951072-v2)-->"H:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"H:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"H:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
Vegas Movie Studio Platinum 9.0-->MsiExec.exe /X{DA507A38-4B2A-40C0-90AC-E30AAA0B757C}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->H:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Windows Media Format 11 runtime-->"H:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"H:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"H:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"H:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"H:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
=====HijackThis Backups=====
O23 - Service: Iomega App Services - Iomega Corporation - H:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Capture Device Service - InterVideo Inc. - H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
R3 - Default URLSearchHook is missing
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - H:\Program Files\Iomega\AutoDisk\ADService.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
======Security center information======
AV: Norton Internet Security (outdated)
FW: Norton Internet Security
System event log
Computer Name: DELL4550
Event Code: 7023
Message: The Application Management service terminated with the following error:
The specified module could not be found.
Record Number: 49165
Source Name: Service Control Manager
Time Written: 20090128213629.000000-300
Event Type: error
User:
Computer Name: DELL4550
Event Code: 7036
Message: The Application Management service entered the stopped state.
Record Number: 49164
Source Name: Service Control Manager
Time Written: 20090128213629.000000-300
Event Type: information
User:
Computer Name: DELL4550
Event Code: 7035
Message: The Application Management service was successfully sent a start control.
Record Number: 49163
Source Name: Service Control Manager
Time Written: 20090128213629.000000-300
Event Type: information
User: DELL4550\Administrater
Computer Name: DELL4550
Event Code: 7023
Message: The Application Management service terminated with the following error:
The specified module could not be found.
Record Number: 49162
Source Name: Service Control Manager
Time Written: 20090128213629.000000-300
Event Type: error
User:
Computer Name: DELL4550
Event Code: 7036
Message: The Application Management service entered the stopped state.
Record Number: 49161
Source Name: Service Control Manager
Time Written: 20090128213629.000000-300
Event Type: information
User:
Application event log
Computer Name: DELL4550
Event Code: 101
Message:
Record Number: 15154
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20090125064116.000000-300
Event Type: information
User: NT AUTHORITY\SYSTEM
Computer Name: DELL4550
Event Code: 101
Message:
Record Number: 15153
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20090125064116.000000-300
Event Type: information
User: NT AUTHORITY\SYSTEM
Computer Name: DELL4550
Event Code: 101
Message:
Record Number: 15152
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20090125064058.000000-300
Event Type: information
User: NT AUTHORITY\SYSTEM
Computer Name: DELL4550
Event Code: 101
Message:
Record Number: 15151
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20090125024726.000000-300
Event Type: information
User: NT AUTHORITY\SYSTEM
Computer Name: DELL4550
Event Code: 101
Message:
Record Number: 15150
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20090125024726.000000-300
Event Type: information
User: NT AUTHORITY\SYSTEM
Security event log
Computer Name: DELL4550
Event Code: 515
Message: A trusted logon process has registered with the Local Security Authority.
This logon process will be trusted to submit logon requests.
Logon Process Name: Winlogon\MSGina
Record Number: 294211
Source Name: Security
Time Written: 20090214074536.000000-300
Event Type: audit success
User: NT AUTHORITY\SYSTEM
Computer Name: DELL4550
Event Code: 515
Message: A trusted logon process has registered with the Local Security Authority.
This logon process will be trusted to submit logon requests.
Logon Process Name: Winlogon
Record Number: 294210
Source Name: Security
Time Written: 20090214074536.000000-300
Event Type: audit success
User: NT AUTHORITY\SYSTEM
Computer Name: DELL4550
Event Code: 538
Message: User Logoff:
User Name: Administrater
Domain: DELL4550
Logon ID: (0x0,0x1C65C1E)
Logon Type: 2
Record Number: 294209
Source Name: Security
Time Written: 20090214074535.000000-300
Event Type: audit success
User: DELL4550\Administrater
Computer Name: DELL4550
Event Code: 683
Message: Session disconnected from winstation:
User Name: Danny
Domain: DELL4550
Logon ID: (0x0,0xDC639B)
Session Name: Console
Client Name: Unknown
Client Address: Unknown
Record Number: 294208
Source Name: Security
Time Written: 20090214074534.000000-300
Event Type: audit success
User: NT AUTHORITY\SYSTEM
Computer Name: DELL4550
Event Code: 576
Message: Special privileges assigned to new logon:
User Name:
Domain:
Logon ID: (0x0,0x1C65C1E)
Privileges: SeChangeNotifyPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
Record Number: 294207
Source Name: Security
Time Written: 20090214074533.000000-300
Event Type: audit success
User: DELL4550\Administrater
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;H:\Program Files\Sonic\MyDVD;H:\Program Files\Common Files\Adaptec Shared\System;H:\Program Files\Common Files\Ulead Systems\MPEG;H:\Program Files\TomTom Media Center\mplayer\codecs;H:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0207
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;H:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=H:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------