Ok, Didn't realize the guidelines were so dang helpful lol. As instructed, here are the contents of log.txt and info.txt from malwareBytes and Random's system information tool. ATF cleaner was run also:) Thanks for all the help guys.
Malwarebytes' Anti-Malware 1.33
Database version: 1730
Windows 5.1.2600 Service Pack 3
2/4/2009 11:32:22 PM
mbam-log-2009-02-04 (23-32-21).txt
Scan type: Full Scan (A:\|C:\|D:\|)
Objects scanned: 113278
Time elapsed: 29 minute(s), 6 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\systemcheck2 (Trojan.Clicker) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\Ascentive (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Ascentive\Performance Center (Rogue.Multiple) -> Quarantined and deleted successfully.
Files Infected:
C:\Program Files\Ascentive\Performance Center\GUID (Rogue.Multiple) -> Quarantined and deleted successfully.
*****************************************************************************
SECOND LOG
****************************************************************************
Logfile of random's system information tool 1.05 (written by random/random)
Run by Jim Daly at 2009-02-06 01:31:46
Microsoft Windows XP Professional Service Pack 3
System drive C: has 17 GB (61%) free of 29 GB
Total RAM: 255 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:32:00 AM, on 2/6/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Jim Daly\Desktop\RSIT.exe
C:\hijackthis\Jim Daly.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://smbusiness.dellnet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://www.crucial.com
O15 - Trusted Zone: http://www.download.com
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/as...abs/tgctlsr.cab
O16 - DPF: {64D76536-0173-4873-AEC4-FF0A70DE3781} (BugsPlay Control) - http://tjap.bugsmusic.co.kr/setupfile/bugsplay_115.cab
O16 - DPF: {A977FF0C-8757-4E76-8533-482F91946233} (session Class) - http://dl.sayclub.com/sayclub/sayctl/sayax.cab
O16 - DPF: {AF75010E-157D-4037-BF42-91B5AFC9E98E} (FcChat Control) - http://chat.freechal.com/FcChat.cab
O16 - DPF: {CF362BDB-4EA2-11D5-AB47-000102913414} (SetGlb Control) - http://tjap.bugsmusic.co.kr/setupfile/SetGlb.cab
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
--
End of file - 5394 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-07-19 52896]
"vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2006-10-24 125120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-01-31 509784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\diagent]
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe [2002-04-03 135264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
C:\Program Files\Common Files\AOL\1161837726\ee\AOLSoftware.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-09-23 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-03-30 267048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Performance Center]
C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-03-28 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
C:\PROGRA~1\DIGITA~1\DLG.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-09-23 282624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MA111 Configuration Utility.lnk]
C:\Program Files\NETGEAR\MA111 Configuration Utility\wlancfg.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"RDSessMgr"=3
"RasMan"=3
"RasAuto"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2006-10-24 43712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0"
"C:\Program Files\Common Files\AOL\ACS\acsd.exe"="C:\Program Files\Common Files\AOL\ACS\acsd.exe:*:Enabled:AOL Connectivity Service"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\America Online 9.0a\waol.exe"="C:\Program Files\America Online 9.0a\waol.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon"
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed"
"C:\Program Files\Common Files\AOL\1161837726\EE\AOLServiceHost.exe"="C:\Program Files\Common Files\AOL\1161837726\EE\AOLServiceHost.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\System Information\sinf.exe"="C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe"="C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\1161837726\EE\aolsoftware.exe"="C:\Program Files\Common Files\AOL\1161837726\EE\aolsoftware.exe:*:Enabled:AOL Services"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\AOL 9.1\waol.exe"="C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe"="C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2009-02-06 01:31:46 ----D---- C:\rsit
2009-02-06 00:32:58 ----A---- C:\WINDOWS\setuplog.txt
2009-02-05 17:09:21 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-02-05 17:09:21 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-05 02:49:27 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2009-02-05 02:49:17 ----D---- C:\Program Files\Symantec
2009-02-05 02:47:30 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-05 02:41:48 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-04 22:40:24 ----D---- C:\Documents and Settings\Jim Daly\Application Data\Malwarebytes
2009-02-04 22:40:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-04 22:40:19 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-02-03 18:25:47 ----A---- C:\WINDOWS\UPGRADE.TXT
2009-02-03 04:04:45 ----D---- C:\hijackthis
2009-02-03 02:25:58 ----HD---- C:\catalog.wci
2009-02-03 01:45:36 ----D---- C:\Program Files\Debugging Tools for Windows (x86)
2009-02-03 01:26:45 ----D---- C:\Program Files\CCleaner
2009-02-03 00:52:52 ----HD---- C:\WINDOWS\PIF
2009-02-03 00:23:22 ----D---- C:\Program Files\CONEXANT
2009-02-02 23:34:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-02-02 23:34:26 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-02-01 20:14:25 ----A---- C:\WINDOWS\system32\TweakUI.exe
2009-02-01 05:13:42 ----A---- C:\WINDOWS\system32\imageres.dll
2009-02-01 00:26:11 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA
2009-01-31 22:22:04 ----D---- C:\WINDOWS\ie7updates
2009-01-31 22:21:37 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-31 21:55:30 ----D---- C:\WINDOWS\Prefetch
2009-01-31 21:50:33 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-01-31 21:50:21 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-01-31 21:50:10 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-01-31 21:49:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-01-31 21:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-01-31 21:49:25 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-01-31 21:49:06 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-01-31 21:48:55 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-01-31 21:48:07 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-01-31 21:46:24 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-01-31 21:44:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-01-31 21:43:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-31 21:42:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-01-31 21:41:40 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-01-31 21:41:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2009-01-31 21:40:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-01-31 21:40:38 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-01-31 21:40:28 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-01-31 21:40:14 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-01-31 21:40:00 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-01-31 21:29:23 ----D---- C:\WINDOWS\system32\scripting
2009-01-31 21:29:20 ----D---- C:\WINDOWS\l2schemas
2009-01-31 21:29:19 ----D---- C:\WINDOWS\system32\en
2009-01-31 21:29:19 ----D---- C:\Program Files\msn
2009-01-31 21:19:42 ----D---- C:\WINDOWS\network diagnostic
2009-01-31 14:41:08 ----N---- C:\WINDOWS\system32\aaclient.dll
2009-01-31 14:40:48 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2009-01-31 14:40:48 ----N---- C:\WINDOWS\system32\azroles.dll
2009-01-31 14:40:38 ----N---- C:\WINDOWS\system32\credssp.dll
2009-01-31 14:40:33 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2009-01-31 14:40:32 ----N---- C:\WINDOWS\system32\dimsroam.dll
2009-01-31 14:40:32 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2009-01-31 14:40:30 ----N---- C:\WINDOWS\system32\dot3ui.dll
2009-01-31 14:40:30 ----N---- C:\WINDOWS\system32\dot3svc.dll
2009-01-31 14:40:30 ----N---- C:\WINDOWS\system32\dot3msm.dll
2009-01-31 14:40:30 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2009-01-31 14:40:30 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2009-01-31 14:40:30 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2009-01-31 14:40:30 ----N---- C:\WINDOWS\system32\dot3api.dll
2009-01-31 14:40:24 ----N---- C:\WINDOWS\system32\eapsvc.dll
2009-01-31 14:40:24 ----N---- C:\WINDOWS\system32\eapqec.dll
2009-01-31 14:40:24 ----N---- C:\WINDOWS\system32\eappprxy.dll
2009-01-31 14:40:24 ----N---- C:\WINDOWS\system32\eapphost.dll
2009-01-31 14:40:24 ----N---- C:\WINDOWS\system32\eappgnui.dll
2009-01-31 14:40:24 ----N---- C:\WINDOWS\system32\eappcfg.dll
2009-01-31 14:40:24 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2009-01-31 14:40:24 ----N---- C:\WINDOWS\system32\eapolqec.dll
2009-01-31 14:40:21 ----A---- C:\WINDOWS\005975_.tmp
2009-01-31 14:39:58 ----N---- C:\WINDOWS\system32\smtpapi.dll
2009-01-31 14:39:58 ----N---- C:\WINDOWS\system32\rwnh.dll
2009-01-31 14:39:40 ----N---- C:\WINDOWS\system32\kbdpash.dll
2009-01-31 14:39:40 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2009-01-31 14:39:40 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2009-01-31 14:39:40 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2009-01-31 14:39:39 ----N---- C:\WINDOWS\system32\kmsvc.dll
2009-01-31 14:39:38 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2009-01-31 14:39:19 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2009-01-31 14:39:18 ----N---- C:\WINDOWS\system32\mmcperf.exe
2009-01-31 14:39:18 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2009-01-31 14:39:18 ----N---- C:\WINDOWS\system32\mmcex.dll
2009-01-31 14:38:52 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2009-01-31 14:38:52 ----N---- C:\WINDOWS\system32\mssha.dll
2009-01-31 14:38:47 ----N---- C:\WINDOWS\system32\msxml6r.dll
2009-01-31 14:38:47 ----N---- C:\WINDOWS\system32\msxml6.dll
2009-01-31 14:38:46 ----N---- C:\WINDOWS\system32\napstat.exe
2009-01-31 14:38:46 ----N---- C:\WINDOWS\system32\napmontr.dll
2009-01-31 14:38:46 ----N---- C:\WINDOWS\system32\napipsec.dll
2009-01-31 14:38:30 ----N---- C:\WINDOWS\system32\onex.dll
2009-01-31 14:38:24 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2009-01-31 14:38:21 ----N---- C:\WINDOWS\system32\qcliprov.dll
2009-01-31 14:38:21 ----N---- C:\WINDOWS\system32\qagentrt.dll
2009-01-31 14:38:21 ----N---- C:\WINDOWS\system32\qagent.dll
2009-01-31 14:38:19 ----N---- C:\WINDOWS\system32\rasqec.dll
2009-01-31 14:38:19 ----N---- C:\WINDOWS\system32\qutil.dll
2009-01-31 14:38:16 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2009-01-31 14:38:09 ----N---- C:\WINDOWS\system32\setupn.exe
2009-01-31 14:37:52 ----N---- C:\WINDOWS\system32\tsgqec.dll
2009-01-31 14:37:51 ----N---- C:\WINDOWS\system32\tspkg.dll
2009-01-31 14:37:41 ----N---- C:\WINDOWS\system32\windowscodec-- The nicest hobby on Earth ;) --t.dll
2009-01-31 14:37:41 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2009-01-31 14:37:40 ----N---- C:\WINDOWS\system32\wlanapi.dll
2009-01-31 14:37:37 ----N---- C:\WINDOWS\system32\wmphoto.dll
2009-01-31 09:16:24 ----D---- C:\WINDOWS\nview
2009-01-31 09:16:24 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-01-31 09:06:26 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-01-31 09:02:02 ----D---- C:\NVIDIA
2009-01-31 08:43:51 ----D---- C:\Program Files\SystemRequirementsLab
2009-01-31 08:17:50 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2009-01-31 06:02:06 ----A---- C:\WINDOWS\system32\StackedWindows.vbs
2009-01-31 06:02:06 ----A---- C:\WINDOWS\system32\SidebySide.vbs
2009-01-31 05:24:47 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-01-31 05:20:32 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-01-31 05:20:31 ----D---- C:\Program Files\NOS
2009-01-31 03:48:48 ----A---- C:\WINDOWS\msoffice.ini
2009-01-31 02:18:15 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-01-31 01:06:16 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-01-31 01:04:54 ----D---- C:\Program Files\Lavasoft
2009-01-31 01:04:54 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-01-30 23:24:24 ----A---- C:\WINDOWS\vpc32.INI
2009-01-30 23:19:21 ----A---- C:\WINDOWS\system32\capicom.dll
2009-01-30 23:18:51 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-01-30 23:18:50 ----D---- C:\Program Files\Symantec AntiVirus
2009-01-30 23:16:41 ----D---- C:\Symantec10.1.5
2009-01-30 22:42:39 ----D---- C:\WINDOWS\WBEM
2009-01-30 22:42:37 ----D---- C:\WINDOWS\system32\en-US
2009-01-30 22:40:31 ----HDC---- C:\WINDOWS\ie7
2009-01-30 22:39:58 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-01-30 22:39:29 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-01-30 22:38:33 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2009-01-30 22:37:14 ----A---- C:\WINDOWS\system32\xmllite.dll
2009-01-30 22:23:29 ----D---- C:\WINDOWS\pss
2009-01-30 20:47:06 ----D---- C:\WINDOWS\system32\ICON SUITE
2009-01-29 12:45:54 ----D---- C:\Documents and Settings\Jim Daly\Application Data\InstallShield
======List of files/folders modified in the last 1 months======
2009-02-06 01:24:31 ----D---- C:\WINDOWS\Temp
2009-02-06 00:56:13 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-06 00:56:11 ----D---- C:\WINDOWS
2009-02-06 00:35:23 ----D---- C:\d9369bcd2705dabdc011
2009-02-05 17:09:21 ----D---- C:\Program Files
2009-02-05 04:27:08 ----D---- C:\WINDOWS\system32\DRIVERS
2009-02-05 03:06:37 ----D---- C:\Program Files\Common Files\AOL
2009-02-05 03:06:37 ----D---- C:\Program Files\Common Files
2009-02-05 03:03:07 ----D---- C:\Program Files\AOL
2009-02-05 03:02:48 ----D---- C:\Documents and Settings\All Users\Application Data\AOL
2009-02-05 03:02:43 ----D---- C:\WINDOWS\SYSTEM32
2009-02-05 03:01:53 ----A---- C:\WINDOWS\WIN.INI
2009-02-05 03:01:40 ----D---- C:\Documents and Settings\Jim Daly\Application Data\AOL
2009-02-05 02:57:03 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-02-05 02:50:23 ----SHD---- C:\WINDOWS\Installer
2009-02-05 02:50:19 ----HD---- C:\Config.Msi
2009-02-03 18:07:26 ----D---- C:\WINDOWS\SECURITY
2009-02-03 18:06:43 ----D---- C:\Documents and Settings
2009-02-03 18:05:38 ----SD---- C:\Documents and Settings\Jim Daly\Application Data\Microsoft
2009-02-03 03:02:58 ----RSHD---- C:\WINDOWS\system32\DLLCACHE
2009-02-03 03:02:48 ----D---- C:\WINDOWS\SRCHASST
2009-02-03 02:41:52 ----HD---- C:\WINDOWS\INF
2009-02-03 02:40:13 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-02-03 02:24:49 ----SHD---- C:\System Volume Information
2009-02-03 01:31:42 ----D---- C:\WINDOWS\system32\LogFiles
2009-02-03 01:29:08 ----D---- C:\WINDOWS\Debug
2009-02-03 01:29:07 ----D---- C:\WINDOWS\Minidump
2009-02-03 00:53:46 ----A---- C:\WINDOWS\SYSTEM.INI
2009-02-02 23:34:56 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-02 23:33:13 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-02 23:25:16 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-02 23:20:57 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-02-02 23:13:08 ----SD---- C:\WINDOWS\Tasks
2009-02-01 20:03:09 ----D---- C:\WINDOWS\Help
2009-02-01 19:12:21 ----RASH---- C:\BOOT.INI
2009-02-01 00:29:19 ----RD---- C:\WINDOWS\Web
2009-02-01 00:24:28 ----D---- C:\WINDOWS\system32\BugsOggMusic
2009-02-01 00:03:24 ----D---- C:\WINDOWS\system32\Restore
2009-01-31 22:22:51 ----D---- C:\Program Files\Internet Explorer
2009-01-31 22:00:23 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-31 21:57:22 ----D---- C:\WINDOWS\system32\OOBE
2009-01-31 21:54:22 ----D---- C:\WINDOWS\system32\Setup
2009-01-31 21:54:22 ----D---- C:\WINDOWS\AppPatch
2009-01-31 21:54:20 ----D---- C:\WINDOWS\system32\WBEM
2009-01-31 21:54:16 ----RSD---- C:\WINDOWS\Fonts
2009-01-31 21:40:16 ----D---- C:\Program Files\Messenger
2009-01-31 21:30:18 ----D---- C:\WINDOWS\WinSxS
2009-01-31 21:30:08 ----D---- C:\WINDOWS\ServicePackFiles
2009-01-31 21:29:48 ----D---- C:\WINDOWS\system32\INETSRV
2009-01-31 21:29:48 ----D---- C:\WINDOWS\IME
2009-01-31 21:29:25 ----D---- C:\WINDOWS\system32\USMT
2009-01-31 21:29:18 ----D---- C:\WINDOWS\system32\bits
2009-01-31 21:29:18 ----D---- C:\WINDOWS\peernet
2009-01-31 21:29:18 ----D---- C:\Program Files\Movie Maker
2009-01-31 21:22:40 ----D---- C:\WINDOWS\system32\NPP
2009-01-31 21:22:40 ----D---- C:\WINDOWS\MUI
2009-01-31 21:22:38 ----D---- C:\WINDOWS\MSAGENT
2009-01-31 21:22:33 ----D---- C:\Program Files\NetMeeting
2009-01-31 21:22:32 ----D---- C:\WINDOWS\system32\Com
2009-01-31 21:22:28 ----D---- C:\Program Files\Windows Media Player
2009-01-31 21:22:27 ----D---- C:\Program Files\Windows NT
2009-01-31 21:22:27 ----D---- C:\Program Files\Outlook Express
2009-01-31 21:22:22 ----D---- C:\Program Files\Common Files\System
2009-01-31 21:21:53 ----D---- C:\WINDOWS\SYSTEM
2009-01-31 21:17:06 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-01-31 21:16:42 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-01-31 21:10:27 ----D---- C:\WINDOWS\EHome
2009-01-31 10:06:34 ----A---- C:\WINDOWS\SBWIN.INI
2009-01-31 09:04:29 ----D---- C:\Program Files\Common Files\InstallShield
2009-01-31 08:14:31 ----D---- C:\DELL
2009-01-31 06:29:52 ----SHD---- C:\RECYCLER
2009-01-31 06:26:17 ----D---- C:\Program Files\Dell Computer
2009-01-31 05:27:17 ----D---- C:\Program Files\Adobe
2009-01-31 05:25:20 ----D---- C:\Program Files\Common Files\Adobe
2009-01-31 03:43:30 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2009-01-30 23:50:40 ----D---- C:\WINDOWS\TWAIN_32
2009-01-30 23:18:55 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-01-30 22:42:46 ----D---- C:\WINDOWS\system32\CONFIG
2009-01-30 22:42:27 ----D---- C:\WINDOWS\Media
2009-01-30 22:23:08 ----D---- C:\Program Files\Dell
2009-01-30 22:17:46 ----D---- C:\Program Files\Common Files\Real
2009-01-30 22:17:09 ----D---- C:\Documents and Settings\Jim Daly\Application Data\Viewpoint
2009-01-30 21:41:51 ----D---- C:\WINDOWS\system32\appmgmt
2009-01-30 21:35:09 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-01-30 21:23:03 ----D---- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2009-01-29 16:38:01 ----A---- C:\WINDOWS\GKERDE3D.INI
2009-01-29 12:41:29 ----A---- C:\WINDOWS\QUICKEN.INI
2009-01-29 12:41:24 ----D---- C:\Program Files\QUICKENW
2009-01-09 20:35:28 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-07 17:20:24 ----A---- C:\WINDOWS\system32\LegitCheckControl.DLL
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2003-02-26 59440]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2003-02-26 23724]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2002-04-10 236032]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\System32\DRIVERS\omci.sys [2002-07-19 17153]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2002-04-10 117898]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2002-04-10 206336]
R3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2002-09-19 139776]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\System32\DRIVERS\wanatw4.sys [2002-07-16 33588]
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
S1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
S1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-13 42752]
S1 SAVRT;SAVRT; \??\C:\Program Files\Symantec AntiVirus\savrt.sys []
S1 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys []
S1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
S1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2006-08-07 195776]
S2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2002-10-07 11027]
S2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
S2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [2002-08-29 63232]
S2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [2002-08-29 55936]
S2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\drivers\PfModNT.sys []
S3 Bridge;MAC Bridge; C:\WINDOWS\System32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;MAC Bridge Miniport; C:\WINDOWS\System32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2003-09-22 130192]
S3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2002-04-10 24554]
S3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-27 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-27 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-27 21568]
S3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2002-10-09 1175536]
S3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [2002-10-09 170499]
S3 i81x;i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [2004-08-04 161020]
S3 iAimFP0;iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [2004-08-04 12415]
S3 iAimFP1;iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [2004-08-04 12127]
S3 iAimFP2;iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [2004-08-04 11775]
S3 iAimFP3;iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [2004-08-04 12063]
S3 iAimFP4;iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [2004-08-04 19455]
S3 iAimTV0;iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [2004-08-04 29311]
S3 iAimTV1;iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [2004-08-04 19551]
S3 iAimTV2;iAimTV2; C:\WINDOWS\System32\DRIVERS\wATV03nt.sys []
S3 iAimTV3;iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [2004-08-04 33599]
S3 iAimTV4;iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [2004-08-04 23615]
S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2002-04-10 29638]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 msloop;Microsoft Loopback Adapter Driver; C:\WINDOWS\System32\DRIVERS\loop.sys [2001-08-17 4992]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090204.021\naveng.sys []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090204.021\navex15.sys []
S3 NMSCFG;NIC Management Service Configuration Driver; \??\C:\WINDOWS\system32\drivers\NMSCFG.SYS []
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
S3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2003-09-22 178672]
S3 P16X;Creative SB Live! Series (WDM); C:\WINDOWS\system32\drivers\P16X.sys [2003-09-22 1330048]
S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\PROGRA~1\NETGEAR\MA111C~1\PCANDIS5.SYS []
S3 PRISM_A02;802.11g USB Adapter; C:\WINDOWS\System32\DRIVERS\PRISMA02.sys [2004-05-20 379456]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-08-29 5888]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2006-08-07 24768]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2002-10-09 604240]
S3 WLAN_USB;Wireless LAN USB Driver; C:\WINDOWS\System32\DRIVERS\MA111nd5.sys [2002-12-23 607232]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\System32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\System32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2008-04-13 5504]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 sr;System Restore Filter Driver; C:\WINDOWS\System32\DRIVERS\sr.sys [2008-04-13 73472]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\viaagp.sys [2008-04-13 42240]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2006-07-19 192160]
S2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2006-07-19 169632]
S2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\System32\CTsvcCDA.exe [1999-12-13 44032]
S2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2006-10-24 31424]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
S2 NwSapAgent;SAP Agent; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-03-14 69632]
S2 SPBBCSvc;Symantec SPBBCSvc; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe [2006-04-11 1160848]
S2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2006-10-24 1813184]
S2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [2000-06-26 53520]
S3 HP Port Resolver;HP Port Resolver; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [2005-05-20 81920]
S3 HP Status Server;HP Status Server; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [2004-10-16 73728]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-03-30 504104]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-31 950096]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-08-25 2528960]
S3 NMSSvc;Intel® NMS; C:\WINDOWS\System32\NMSSvc.exe [2002-10-10 1118208]
S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2006-10-24 116416]
S3 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2006-08-07 214720]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
-----------------EOF-----------------
Full Version: HijackThis Log and MalwareBytes Log By Panman
Oh There is a total of 3 logs needed..here is the third
info.txt logfile of random's system information tool 1.05 2009-02-06 01:32:05
======Uninstall list======
-->"C:\Program Files\Creative\SBLive\Program\Ctzapxx.EXE" /W /U /S /R
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0}
-->MsiExec.exe /X{11F1920A-56A2-4642-B6E0-3B31A12C9288}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51F5239C-197B-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51F5239C-197B-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A3554902-AB4A-11D5-AA2E-0008C760B784}\setup.exe"
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Shockwave Player-->C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\Install.log
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Conexant SmartHSFi V92 56K DF PCI Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2702\HXFSETUP.EXE -U -IDel8d8xk.INF
Debugging Tools for Windows (x86)-->MsiExec.exe /I{48F95CE7-69D9-4967-81F7-D763CABFBD53}
HijackThis 2.0.2-->"C:\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Deskjet 6900 series-->C:\Program Files\HP\Digital Imaging\{7ADE9F27-A175-447F-A4B4-B05FA82735E1}\setup\hpzscr01.exe -datfile hpfscr09.dat
HP Imaging Device Functions 6.0-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential-->MsiExec.exe /X{D7CAE58E-26DE-49B7-A75D-EAEDF76726BE}
HP Software Update-->MsiExec.exe /X{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}
HP Solution Center and Imaging Support Tools 6.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Intel® PRO Ethernet Adapter and Software-->Prounstl.exe
Intel® PROSet II-->MsiExec.exe /I{01A4AEDE-F219-49A2-B855-16A016EAF9A4}
iPod for Windows 2006-01-10-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3D047C15-C859-45F7-81CE-F2681778069B} /l1033
iTunes-->MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
LiveUpdate 3.1 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Macromedia Flash Player 8-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\swflash.inf,DefaultUninstall,5
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework (English) v1.0.3705-->C:\WINDOWS\Microsoft.NET\Framework\Install.exe /u /p Microsoft .NET Framework Full v1.0.3705 (1033)
Microsoft .NET Framework (English)-->MsiExec.exe /X{B43357AA-3A6D-4D94-B56E-43C44D09E548}
Microsoft .NET Framework 1.0 Hotfix (KB928367)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\M928367\M928367Uninstall.msp"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Shockwave-->C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log
Sound Blaster Live!-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{96E16100-A77F-4B31-B9AD-FFBA040EE1BD}\setup.exe" -l0x9
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Symantec AntiVirus-->MsiExec.exe /I{33CFCF98-F8D6-4549-B469-6F4295676D83}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Tweak UI-->"C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WordPerfect Office 2002-->C:\WINDOWS\Corel\Uninst32.exe
WordPerfect Office 2002-->C:\WINDOWS\Corel\uninst32.exe
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: Symantec AntiVirus Corporate Edition
System event log
Computer Name: 2003DELL4550
Event Code: 18
Message: Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Friday, December 12, 2008 at 3:00 AM:
- Security Update for Windows XP (KB956802)
- Security Update for Windows XP (KB954600)
- Windows Malicious Software Removal Tool - December 2008 (KB890830)
- Cumulative Security Update for Internet Explorer 6 for Windows XP (KB958215)
- Update for Windows XP (KB955839)
- Security Update for Windows XP Service Pack 2 (KB952069)
Record Number: 13962
Source Name: Windows Update Agent
Time Written: 20081211203628.000000-300
Event Type: information
User:
Computer Name: 2003DELL4550
Event Code: 18
Message: Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Friday, December 12, 2008 at 3:00 AM:
- Security Update for Windows XP (KB956802)
- Security Update for Windows XP (KB954600)
- Windows Malicious Software Removal Tool - December 2008 (KB890830)
- Cumulative Security Update for Internet Explorer 6 for Windows XP (KB958215)
- Security Update for Windows XP Service Pack 2 (KB952069)
Record Number: 13961
Source Name: Windows Update Agent
Time Written: 20081211203616.000000-300
Event Type: information
User:
Computer Name: 2003DELL4550
Event Code: 18
Message: Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Friday, December 12, 2008 at 3:00 AM:
- Security Update for Windows XP (KB954600)
- Windows Malicious Software Removal Tool - December 2008 (KB890830)
- Cumulative Security Update for Internet Explorer 6 for Windows XP (KB958215)
- Security Update for Windows XP Service Pack 2 (KB952069)
Record Number: 13960
Source Name: Windows Update Agent
Time Written: 20081211203546.000000-300
Event Type: information
User:
Computer Name: 2003DELL4550
Event Code: 18
Message: Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Friday, December 12, 2008 at 3:00 AM:
- Security Update for Windows XP (KB954600)
- Cumulative Security Update for Internet Explorer 6 for Windows XP (KB958215)
- Security Update for Windows XP Service Pack 2 (KB952069)
Record Number: 13959
Source Name: Windows Update Agent
Time Written: 20081211203546.000000-300
Event Type: information
User:
Computer Name: 2003DELL4550
Event Code: 18
Message: Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Friday, December 12, 2008 at 3:00 AM:
- Security Update for Windows XP (KB954600)
- Cumulative Security Update for Internet Explorer 6 for Windows XP (KB958215)
Record Number: 13958
Source Name: Windows Update Agent
Time Written: 20081211203455.000000-300
Event Type: information
User:
Application event log
Computer Name: 2003DELL4550
Event Code: 4103
Message: Master merge has completed on c:\system volume information\catalog.wci.
Record Number: 10369
Source Name: Ci
Time Written: 20071025030747.000000-240
Event Type: information
User:
Computer Name: 2003DELL4550
Event Code: 4103
Message: Master merge has completed on c:\system volume information\catalog.wci.
Record Number: 10368
Source Name: Ci
Time Written: 20071024030920.000000-240
Event Type: information
User:
Computer Name: 2003DELL4550
Event Code: 1002
Message: Hanging application sstext3d.scr, version 5.1.2600.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 10367
Source Name: Application Hang
Time Written: 20071023164020.000000-240
Event Type: error
User:
Computer Name: 2003DELL4550
Event Code: 1002
Message: Hanging application sstext3d.scr, version 5.1.2600.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 10366
Source Name: Application Hang
Time Written: 20071023164020.000000-240
Event Type: error
User:
Computer Name: 2003DELL4550
Event Code: 4130
Message: Recovery was performed successfully on PropertyStore in catalog c:\system volume information\catalog.wci.
Record Number: 10365
Source Name: Ci
Time Written: 20071021165505.000000-240
Event Type: information
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0207
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
"SAFEBOOT_OPTION"=NETWORK
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-02-06 01:32:05
======Uninstall list======
-->"C:\Program Files\Creative\SBLive\Program\Ctzapxx.EXE" /W /U /S /R
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0}
-->MsiExec.exe /X{11F1920A-56A2-4642-B6E0-3B31A12C9288}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51F5239C-197B-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51F5239C-197B-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A3554902-AB4A-11D5-AA2E-0008C760B784}\setup.exe"
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Shockwave Player-->C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\Install.log
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Conexant SmartHSFi V92 56K DF PCI Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2702\HXFSETUP.EXE -U -IDel8d8xk.INF
Debugging Tools for Windows (x86)-->MsiExec.exe /I{48F95CE7-69D9-4967-81F7-D763CABFBD53}
HijackThis 2.0.2-->"C:\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Deskjet 6900 series-->C:\Program Files\HP\Digital Imaging\{7ADE9F27-A175-447F-A4B4-B05FA82735E1}\setup\hpzscr01.exe -datfile hpfscr09.dat
HP Imaging Device Functions 6.0-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential-->MsiExec.exe /X{D7CAE58E-26DE-49B7-A75D-EAEDF76726BE}
HP Software Update-->MsiExec.exe /X{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}
HP Solution Center and Imaging Support Tools 6.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Intel® PRO Ethernet Adapter and Software-->Prounstl.exe
Intel® PROSet II-->MsiExec.exe /I{01A4AEDE-F219-49A2-B855-16A016EAF9A4}
iPod for Windows 2006-01-10-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3D047C15-C859-45F7-81CE-F2681778069B} /l1033
iTunes-->MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
LiveUpdate 3.1 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Macromedia Flash Player 8-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\swflash.inf,DefaultUninstall,5
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework (English) v1.0.3705-->C:\WINDOWS\Microsoft.NET\Framework\Install.exe /u /p Microsoft .NET Framework Full v1.0.3705 (1033)
Microsoft .NET Framework (English)-->MsiExec.exe /X{B43357AA-3A6D-4D94-B56E-43C44D09E548}
Microsoft .NET Framework 1.0 Hotfix (KB928367)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\M928367\M928367Uninstall.msp"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Shockwave-->C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log
Sound Blaster Live!-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{96E16100-A77F-4B31-B9AD-FFBA040EE1BD}\setup.exe" -l0x9
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Symantec AntiVirus-->MsiExec.exe /I{33CFCF98-F8D6-4549-B469-6F4295676D83}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Tweak UI-->"C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WordPerfect Office 2002-->C:\WINDOWS\Corel\Uninst32.exe
WordPerfect Office 2002-->C:\WINDOWS\Corel\uninst32.exe
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: Symantec AntiVirus Corporate Edition
System event log
Computer Name: 2003DELL4550
Event Code: 18
Message: Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Friday, December 12, 2008 at 3:00 AM:
- Security Update for Windows XP (KB956802)
- Security Update for Windows XP (KB954600)
- Windows Malicious Software Removal Tool - December 2008 (KB890830)
- Cumulative Security Update for Internet Explorer 6 for Windows XP (KB958215)
- Update for Windows XP (KB955839)
- Security Update for Windows XP Service Pack 2 (KB952069)
Record Number: 13962
Source Name: Windows Update Agent
Time Written: 20081211203628.000000-300
Event Type: information
User:
Computer Name: 2003DELL4550
Event Code: 18
Message: Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Friday, December 12, 2008 at 3:00 AM:
- Security Update for Windows XP (KB956802)
- Security Update for Windows XP (KB954600)
- Windows Malicious Software Removal Tool - December 2008 (KB890830)
- Cumulative Security Update for Internet Explorer 6 for Windows XP (KB958215)
- Security Update for Windows XP Service Pack 2 (KB952069)
Record Number: 13961
Source Name: Windows Update Agent
Time Written: 20081211203616.000000-300
Event Type: information
User:
Computer Name: 2003DELL4550
Event Code: 18
Message: Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Friday, December 12, 2008 at 3:00 AM:
- Security Update for Windows XP (KB954600)
- Windows Malicious Software Removal Tool - December 2008 (KB890830)
- Cumulative Security Update for Internet Explorer 6 for Windows XP (KB958215)
- Security Update for Windows XP Service Pack 2 (KB952069)
Record Number: 13960
Source Name: Windows Update Agent
Time Written: 20081211203546.000000-300
Event Type: information
User:
Computer Name: 2003DELL4550
Event Code: 18
Message: Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Friday, December 12, 2008 at 3:00 AM:
- Security Update for Windows XP (KB954600)
- Cumulative Security Update for Internet Explorer 6 for Windows XP (KB958215)
- Security Update for Windows XP Service Pack 2 (KB952069)
Record Number: 13959
Source Name: Windows Update Agent
Time Written: 20081211203546.000000-300
Event Type: information
User:
Computer Name: 2003DELL4550
Event Code: 18
Message: Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Friday, December 12, 2008 at 3:00 AM:
- Security Update for Windows XP (KB954600)
- Cumulative Security Update for Internet Explorer 6 for Windows XP (KB958215)
Record Number: 13958
Source Name: Windows Update Agent
Time Written: 20081211203455.000000-300
Event Type: information
User:
Application event log
Computer Name: 2003DELL4550
Event Code: 4103
Message: Master merge has completed on c:\system volume information\catalog.wci.
Record Number: 10369
Source Name: Ci
Time Written: 20071025030747.000000-240
Event Type: information
User:
Computer Name: 2003DELL4550
Event Code: 4103
Message: Master merge has completed on c:\system volume information\catalog.wci.
Record Number: 10368
Source Name: Ci
Time Written: 20071024030920.000000-240
Event Type: information
User:
Computer Name: 2003DELL4550
Event Code: 1002
Message: Hanging application sstext3d.scr, version 5.1.2600.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 10367
Source Name: Application Hang
Time Written: 20071023164020.000000-240
Event Type: error
User:
Computer Name: 2003DELL4550
Event Code: 1002
Message: Hanging application sstext3d.scr, version 5.1.2600.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 10366
Source Name: Application Hang
Time Written: 20071023164020.000000-240
Event Type: error
User:
Computer Name: 2003DELL4550
Event Code: 4130
Message: Recovery was performed successfully on PropertyStore in catalog c:\system volume information\catalog.wci.
Record Number: 10365
Source Name: Ci
Time Written: 20071021165505.000000-240
Event Type: information
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0207
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
"SAFEBOOT_OPTION"=NETWORK
-----------------EOF-----------------
The logs are clean. Are you still having the CPU issue on search?
Thanks for looking at the logs. Yes, unfortunatley, the same issue with the search feature is raising explorer.exe to 100% cpu and the taskbar is disabled. This does not happen in safe mode. I was talking to a buddy at school and he suggested that I might be able to unregister the .dll file that I am finding in process explorer and then use an xp disc to replace it with. You know the i386 folder? I have no idea if this will work, I am not that advanced yet. It was some kind of command in cmd.exe like regsvr32... Anyway, is there a way to maybe post a screen shot of what process explorer finds when this problem is happening? Do I have to have a webpage or something? It asks for a url when I click "insert image". Maybe if I knew exaclty what windows does when you click on search, I would be able to compare the difference somehow. Anyway, I am out of ideas as this is an integrated feature in xp. Any ideas will be put to good use.
Thanks,
Panman
Thanks,
Panman
Unfortunately, you are getting beyond the scope of this forum. We deal primarily with spyware/malware removal and the OS changes they make.
You can find more help for your problem at the Microsoft forum on DSL Reports (http://www.dslreports.com) or at the AumHa forums (http://forum.aumha.org)
You can find more help for your problem at the Microsoft forum on DSL Reports (http://www.dslreports.com) or at the AumHa forums (http://forum.aumha.org)
The OS system changes they make huh? What do u call this? NORMAL!!!
The MBAM log shows traces of a program from Ascentive. Most, if not all of the software they offer is borderline rip-off. (They're the folks behind Finally Fast now making the TV rounds).
From what I understand, their software can be difficult to remove and may be the source of your problems. You can check these two sites for help and more info:
http://www.eggheadcafe.com/software/aspnet...tive-perfo.aspx
http://www.ascentive.com/support/index.php
We have limited resources here and your logs do not indicate that your system is infected, Nor that OS files have been infected. Your search issues are most likely caused by software that was installed on your computer. I have given you links to help. Any further assistance, again, would be best provided by forums dealing with Windows issues.
From what I understand, their software can be difficult to remove and may be the source of your problems. You can check these two sites for help and more info:
http://www.eggheadcafe.com/software/aspnet...tive-perfo.aspx
http://www.ascentive.com/support/index.php
We have limited resources here and your logs do not indicate that your system is infected, Nor that OS files have been infected. Your search issues are most likely caused by software that was installed on your computer. I have given you links to help. Any further assistance, again, would be best provided by forums dealing with Windows issues.
Well thanks anyway, I will continue to find the root issue behind this problem.
SEARCH ISSUE SOLVED!!!! I did not find out what exactly was causing the search issue, HOWEVER, I followed your advise and visited a forum u suggested and downloaded the windows search 4.0 from
http://support.microsoft.com/kb/940157
and WALLAH!! NO MORE EXPLORER.EXE THROUGH THE ROOF! SEARCH WORKS BEAUTIFULLY IN EVERY WAY!! Thanks, I owe you one
Keep up the good work 
Also, as a bonus, just by following the guidelines for posting, I found some great programs that I will use for years to come.
Thanks again,
Panman
http://support.microsoft.com/kb/940157
and WALLAH!! NO MORE EXPLORER.EXE THROUGH THE ROOF! SEARCH WORKS BEAUTIFULLY IN EVERY WAY!! Thanks, I owe you one
Keep up the good work Also, as a bonus, just by following the guidelines for posting, I found some great programs that I will use for years to come.
Thanks again,
Panman
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.