Submit Your Article Forum Rules FAQ About Us
Search the forums:

Tech Support Team

Join Now!Nav Seperator FAQNav Seperator GalleryNav Seperator TutorialsNav Seperator BlogNav Seperator SearchNav Seperator Today's PostsNav Seperator Mark Forums ReadNav Seperator Navigation Right

Hello and Welcome to Tech Support Team! Before you can start posting and answering questions, you'll have to register. Registration is fast, simple and absolutely free! Feel free to browse through existing questions by choosing the forum you want to visit below.


Tech Support Team » Malware Removal & Security » Malware Removal » Antivirus 360 again!!

Notices
Before creating a new thread, we ask that you please read our Removal guide first: Malware Removal Guide - Read Before Posting. We also advise you reading this thread before continuing: P2P programs - please remove before posting for help

NOTE: NEVER follow someone elses fix. Just because the symptoms may appear to be the same, it does NOT mean your system has the same malware infection. ALWAYS start a new thread so that a member of our Security Team can take you through the steps of cleaning your computer.

Reply
Thread Tools
 
  #1 (permalink)   Top
Old 22nd February 2009, 03:11 AM
Senninha's Avatar
Newcomer
  
Join Date: Aug 2008, 21 posts.
Reputation: Senninha is on a distinguished road
Antivirus 360 again!!
Evilfantasy please help me again!!!

Maybe there is something wrong in her hotmail account. I had no problems downloading all of the removal programs and updating other programs. But as soon as my wife went back to hotmail, the popup said she was infected and it wanted to scan. Arrrrggghhh!

Should I start over with the removal guide? Where do I go from here?
Reply With Quote
  #2 (permalink)   Top
Old 22nd February 2009, 04:13 AM
evilfantasy's Avatar
Security Team
  
Join Date: Dec 2007, 2,555 posts.
Location: Tulsa, OK
Reputation: evilfantasy will become famous soon enoughevilfantasy will become famous soon enough
Is she trying to open the same attachment or i sit just alerting you?

Download random's system information tool (RSIT) by random/random from and save it to your Desktop.

  • Double click on RSIT.exe to run.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open.
  • log.txt <will be maximized and info.txt <will be minimized
  • Please post the contents of both logs in the next reply.
__________________
.

ƃolq s’ʎsɐʇuɐɟlıʌǝ
Reply With Quote
  #3 (permalink)   Top
Old 23rd February 2009, 02:42 AM
Senninha's Avatar
Newcomer
  
Join Date: Aug 2008, 21 posts.
Reputation: Senninha is on a distinguished road
She was just reading some emails and it wanted to scan. Here are the results from RSIT.

Logfile of random's system information tool 1.05 (written by random/random)
Run by VANESSA at 2009-02-22 20:37:12
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 208 GB (87%) free of 238 GB
Total RAM: 1006 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:37:15 PM, on 2/22/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\VANESSA\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\VANESSA.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = localhost:12080
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\sw g.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SansaDispatch] C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
O16 - DPF: {59F156FC-9BC4-11D5-B0A5-0060085A719D} (Opalplayerx5 Control) - ftp://ftp.ca.com/pub/Opal/plugins/x_...alplayerx5.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave.com/content/lux...jolauncher.cab
O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://www.gamehouse.com/games/tumblebugs/axhost.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {988E213A-89C7-4C4E-B15F-5B7EDA2C34C0} (GenimoWebGames Control) - http://www.shockwave.com/content/but...mesControl.cab
O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Cisco Systems, Inc. Installer service (CiscoVpnInstallService) - Unknown owner - C:\DOCUME~1\VANESSA\LOCALS~1\Temp\WZSE0.TMP\INSTAL ~1.EXE (file missing)
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 9620 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\sw g.dll [2008-10-15 652784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-21 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-21 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run]
"IntelAudioStudio"=C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe [2006-08-02 9134080]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-08-11 7630848]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.d ll [2006-08-11 86016]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-31 32768]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.ex e [2001-07-09 155648]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-07 57344]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2006-11-21 842584]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-21 148888]
"SansaDispatch"=C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe [2007-10-22 75584]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-01-11 623992]
"AVG7_CC"=C:\PROGRA~1\Grisoft\AVG7\avgcc.exe [2008-10-16 590848]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-10-08 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HOTSYNCSHORTCUTNAME.lnk - C:\Program Files\Palm\Hotsync.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
VPN Client.lnk - C:\WINDOWS\Installer\{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}\Icon3E5562ED7.ico

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32 \sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE"="C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE:*:Enabled:Microsoft Office Excel"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe "
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.e xe"
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr .exe"
"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32 \sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{6f96f516-01bd-11dd-b95e-001676e3da0e}]
shell\AutoRun\command - J:\system\viewer\FlipVideoforPC.exe
shell\Flip Video for PC\command - J:\system\viewer\FlipVideoforPC.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{7d9f02ca-2b8e-11dd-b9ad-001676e3da0e}]
shell\AutoRun\command - J:\JDSecure\Windows\JDSecure31.exe


======List of files/folders created in the last 1 months======

2009-02-22 20:37:12 ----D---- C:\rsit
2009-02-21 19:09:43 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-02-21 19:09:31 ----D---- C:\Program Files\Apple Software Update
2009-02-21 19:09:31 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-02-21 18:16:19 ----SHD---- C:\RECYCLER
2009-02-21 17:29:20 ----D---- C:\WINDOWS\ERDNT
2009-02-21 16:07:48 ----D---- C:\Program Files\Trend Micro
2009-02-21 16:01:47 ----A---- C:\WINDOWS\system32\javaws.exe
2009-02-21 16:01:47 ----A---- C:\WINDOWS\system32\javaw.exe
2009-02-21 16:01:47 ----A---- C:\WINDOWS\system32\java.exe
2009-02-21 16:01:47 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-02-21 14:25:18 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-02-21 14:25:14 ----D---- C:\Program Files\SUPERAntiSpyware
2009-02-21 14:25:14 ----D---- C:\Documents and Settings\VANESSA\Application Data\SUPERAntiSpyware.com
2009-02-21 14:24:57 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-02-21 14:17:21 ----D---- C:\Program Files\CCleaner
2009-02-21 14:04:01 ----D---- C:\Documents and Settings\VANESSA\Application Data\Malwarebytes
2009-02-21 14:03:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-21 14:03:56 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-02-11 22:46:37 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$

======List of files/folders modified in the last 1 months======

2009-02-22 20:37:01 ----D---- C:\WINDOWS\Prefetch
2009-02-22 18:01:49 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-02-22 17:52:08 ----A---- C:\WINDOWS\win.ini
2009-02-22 17:52:01 ----SHD---- C:\WINDOWS\Installer
2009-02-22 17:52:01 ----HD---- C:\Config.Msi
2009-02-22 17:51:47 ----D---- C:\WINDOWS\Temp
2009-02-22 17:51:40 ----D---- C:\WINDOWS
2009-02-22 01:23:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-21 21:01:26 ----A---- C:\WINDOWS\NeroDigital.ini
2009-02-21 19:59:11 ----D---- C:\WINDOWS\SoftwareDistribution
2009-02-21 19:10:07 ----D---- C:\Program Files\QuickTime
2009-02-21 19:09:45 ----D---- C:\WINDOWS\system32
2009-02-21 19:09:31 ----RD---- C:\Program Files
2009-02-21 19:08:09 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-02-21 19:08:04 ----D---- C:\Program Files\Adobe
2009-02-21 18:44:14 ----SHD---- C:\System Volume Information
2009-02-21 18:44:14 ----D---- C:\WINDOWS\system32\Restore
2009-02-21 17:31:41 ----A---- C:\WINDOWS\system.ini
2009-02-21 17:31:23 ----D---- C:\WINDOWS\system32\drivers
2009-02-21 17:31:23 ----D---- C:\WINDOWS\AppPatch
2009-02-21 17:31:20 ----D---- C:\Program Files\Common Files
2009-02-21 17:30:14 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-21 16:03:57 ----D---- C:\Program Files\Java
2009-02-21 14:20:51 ----D---- C:\WINDOWS\Debug
2009-02-21 14:20:50 ----D---- C:\WINDOWS\Minidump
2009-02-21 14:14:37 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-02-21 13:54:56 ----D---- C:\Documents and Settings\All Users\Application Data\avg7
2009-02-21 13:54:55 ----D---- C:\Documents and Settings\VANESSA\Application Data\AVG7
2009-02-16 13:10:20 ----RHD---- C:\$VAULT$.AVG
2009-02-11 22:46:41 ----HD---- C:\WINDOWS\inf
2009-02-11 22:46:14 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-03 16:21:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-31 14:25:12 ----D---- C:\Program Files\Operation Mania

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Avg7Core;AVG7 Kernel; C:\WINDOWS\System32\Drivers\avg7core.sys [2008-10-07 821856]
R1 Avg7RsW;AVG7 Wrap Driver; C:\WINDOWS\System32\Drivers\avg7rsw.sys [2008-10-07 4224]
R1 Avg7RsXP;AVG7 Resident Driver XP; C:\WINDOWS\System32\Drivers\avg7rsxp.sys [2008-10-07 27776]
R1 AvgClean;AVG7 Clean Driver; C:\WINDOWS\System32\Drivers\avgclean.sys [2008-10-07 10760]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-10-08 36096]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-10-08 60800]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2007-01-31 127376]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2006-07-26 231424]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2006-07-28 43392]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-10-08 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-08-11 3958496]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-11-08 21760]
R3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2005-12-02 41728]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-07-26 1171464]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-10-08 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 dot4;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-17 23808]
S3 GPWADrv;Service for L6 GuitarPort Driver (WDM); C:\WINDOWS\System32\Drivers\GPWADrv.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-07 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-07 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-07 21744]
S3 L6DP;L6DP; C:\WINDOWS\System32\Drivers\l6dp.sys []
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-02-27 21504]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 PalmUSBD;PalmUSBD; C:\WINDOWS\system32\drivers\PalmUSBD.sys [2007-08-25 16694]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Avg7Alrt;AVG7 Alert Manager Server; C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe [2008-10-07 418816]
R2 Avg7UpdSvc;AVG7 Update Service; C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe [2008-10-07 49664]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2007-04-03 1516584]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-15 168432]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-21 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-08-11 155715]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-10-08 14336]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-08-10 654848]
S2 CiscoVpnInstallService;Cisco Systems, Inc. Installer service; C:\DOCUME~1\VANESSA\LOCALS~1\Temp\WZSE0.TMP\INSTAL ~1.EXE []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.05 2009-02-22 20:37:17

======Uninstall list======

-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3D Frog Frenzy-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Cosmi\3DFrogFrenzy\DeIsL1.isu" -c"C:\Program Files\Cosmi\3DFrogFrenzy\_ISREG32.DLL"
3ivx MPEG-4 5.0 Decoder (remove only)-->"C:\Program Files\3ivx\3ivx MPEG-4 5.0 Decoder\uninstall.exe"
Adobe Acrobat 8.1.2 Standard-->msiexec /I {AC76BA86-1033-F400-BA7E-000000000003}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plug in.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.ex e -uninstallDelete
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_acti veX.exe
Adobe Reader 8.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
Adobe® Photoshop® Album Starter Edition 3.0.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C9618743-1A5C-461E-91C4-E013A3D70F3C}\Setup.exe" -l0x9
Adobe® Photoshop® Album Starter Edition 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
Amazing Photo Editor V7.0-->C:\PROGRA~1\AMAZIN~1\UNWISE.EXE C:\PROGRA~1\AMAZIN~1\INSTALL.LOG
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Avanquest update-->C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x0009 -removeonly
AVG 7.5-->C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
Boink-->C:\PROGRA~1\eGames\Boink\UNWISE.EXE C:\PROGRA~1\eGames\Boink\INSTALL.LOG
Bookworm Adventures Deluxe-->"C:\Program Files\Bookworm Adventures Deluxe\ReflexiveArcade\unins000.exe"
Box Attack-->C:\PROGRA~1\eGames\BOXATT~1\UNWISE.EXE C:\PROGRA~1\eGames\BOXATT~1\INSTALL.LOG
Break Gold-->C:\PROGRA~1\eGames\BREAKG~1\UNWISE.EXE C:\PROGRA~1\eGames\BREAKG~1\INSTALL.LOG
Break-->C:\PROGRA~1\eGames\Break\UNWISE.EXE C:\PROGRA~1\eGames\Break\INSTALL.LOG
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Cisco Systems VPN Client 5.0.00.0340-->MsiExec.exe /X{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}
Cribbage Quest-->"C:\Program Files\Cribbage Quest\ReflexiveArcade\unins000.exe"
Cubis Gold 2-->"C:\Program Files\Cubis Gold 2\ReflexiveArcade\unins000.exe"
Dream Chronicles 2-->"C:\Program Files\Dream Chronicles 2\ReflexiveArcade\unins000.exe"
DSM-IV-TR (for Windows PCs) by Skyscape-->"C:\WINDOWS\Skyscape\DSM-IV-TR_PC\uninstall.exe" "/U:C:\Program Files\Skyscape\Desktop\DSM-IV-TR\irunin.xml"
DSM-IV-TR (Palm) v 8.0.11 by Skyscape-->"C:\WINDOWS\Skyscape\DSM-IV-TR_Palm\8.0.11\uninstall.exe" "/U:C:\Skyscape\DSM-IV-TR\8.0.11\irunin.xml"
DSMIVTR-AZ (for Windows PCs) by Skyscape-->"C:\WINDOWS\Skyscape\DSMIVTR-AZ_PC\uninstall.exe" "/U:C:\Program Files\Skyscape\Desktop\DSMIVTR-AZ\irunin.xml"
DSMIVTR-AZ (Palm) v 3.0.3 by Skyscape-->"C:\WINDOWS\Skyscape\DSMIVTR-AZ_Palm\3.0.3\uninstall.exe" "/U:C:\Skyscape\DSMIVTR-AZ\3.0.3\irunin.xml"
DSMIVTR-AZConstlb (for Windows PCs) by Skyscape-->"C:\WINDOWS\Skyscape\DSMIVTR-AZConstlb_PC\uninstall.exe" "/U:C:\Program Files\Skyscape\Desktop\DSMIVTR-AZConstlb\irunin.xml"
DSMIVTR-AZConstlb (Palm) v 3.0.3 by Skyscape-->"C:\WINDOWS\Skyscape\DSMIVTR-AZConstlb_Palm\3.0.3\uninstall.exe" "/U:C:\Skyscape\DSMIVTR-AZConstlb\3.0.3\irunin.xml"
eGames GameButler-->C:\PROGRA~1\eGames\GAMEBU~1\UNWISE.EXE C:\PROGRA~1\eGames\GAMEBU~1\INSTALL.LOG
eGames Master's Edition 151-->C:\PROGRA~1\eGames\EGAMES~1\UNWISE.EXE C:\PROGRA~1\eGames\EGAMES~1\INSTALL.LOG
Ego-->C:\PROGRA~1\eGames\Ego\UNWISE.EXE C:\PROGRA~1\eGames\Ego\INSTALL.LOG
eMazing Mazes-->C:\PROGRA~1\eGames\EMAZIN~1\UNWISE.EXE C:\PROGRA~1\eGames\EMAZIN~1\INSTALL.LOG
Fishing Special Edition-->C:\PROGRA~1\eGames\FISHIN~1\UNWISE.EXE C:\PROGRA~1\eGames\FISHIN~1\INSTALL.LOG
Frogger v3.0e-->C:\WINDOWS\SCEEunin.exe C:\WINDOWS\Froggersetup.ini
Galaxy of Games 201-->C:\PROGRA~1\eGames\GALAXY~1\UNWISE.EXE C:\PROGRA~1\eGames\GALAXY~1\INSTALL.LOG
Gamehouse Sudoku-->"C:\Program Files\Gamehouse Sudoku\ReflexiveArcade\unins000.exe"
GearBox 2.00 (Remove Only)-->C:\Program Files\Line6\GearBox\Uninstall.exe
GIMP 2.4.2-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Earth-->MsiExec.exe /I{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Hidden Wonders Of The Depths-->"C:\Program Files\Hidden Wonders Of The Depths\ReflexiveArcade\unins000.exe"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\ spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spunin st.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spunin st.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spunin st.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spunin st.exe"
HP Document Viewer 5.3-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Image Zone 5.3-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Image Zone Express-->MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
HP Imaging Device Functions 5.3-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Imikimi Plugin-->"C:\Program Files\Imikimi\uninstall.exe"
Intel Audio Studio 2.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2205E3A5-DCDC-461D-8ED6-D6F2341D3B64}\setup.exe" -l0x9
Intel(R) Management Engine Interface-->C:\WINDOWS\system32\heciudlg.exe -uninstall
Intel(R) PRO Network Connections-->MsiExec.exe /I{111A3D14-7596-43B0-92BA-418435C90672}
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Jetball 1-->C:\PROGRA~1\eGames\JETBAL~1\UNWISE.EXE C:\PROGRA~1\eGames\JETBAL~1\INSTALL.LOG
LimeWire 4.17.6-->"C:\Program Files\LimeWire\uninstall.exe"
Line 6 Drivers 3.3.3.6 (Remove Only)-->C:\Program Files\Line6\Tools\Driver Archive\All Drivers\3.3.3.6\Uninstall.exe
Line 6 Monkey 1.15 (Remove Only)-->C:\Program Files\Line6\Tools\Line 6 Monkey\Uninstall.exe
Line 6 Monkey 1.16 (Remove Only)-->C:\Program Files\Line6\Tools\Line 6 Monkey\Uninstall.exe
Line 6 Monkey 1.18 (Remove Only)-->C:\Program Files\Line6\Tools\Line 6 Monkey\Uninstall.exe
Line 6 Monkey 1.19 (Remove Only)-->C:\Program Files\Line6\Tools\Line 6 Monkey\Uninstall.exe
Line 6 Monkey 1.20 (Remove Only)-->C:\Program Files\Line6\Tools\Line 6 Monkey\Uninstall.exe
Line 6 Monkey 1.21 (Remove Only)-->C:\Program Files\Line6\Tools\Line 6 Monkey\Uninstall.exe
Magic Inlay-->"C:\Program Files\Magic Inlay\ReflexiveArcade\unins000.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Upd ates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Upda tes\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\sp uninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spunin st.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuni nst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Motorola Driver Installation-->MsiExec.exe /I{3324A5DC-C7F6-430A-ACC8-F251CD8F4FC7}
Motorola Phone Tools-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}\setup.exe" -l0x9 -removeonly
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
muvee Plugin 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82CA0A0C-A3EC-4167-B694-909205B2EDEC}\setup.exe" -l0x9
MVP Word Search-->C:\PROGRA~1\eGames\MVPWOR~1\UNWISE.EXE C:\PROGRA~1\eGames\MVPWOR~1\INSTALL.LOG
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OnMerge Images Sample Documents 1.11; User VANESSA-->"C:\Documents and Settings\VANESSA\My Documents\OnMerge Images Samples\uninstall\unins000.exe"
OnMerge Images Tryout ver 1.11 for Microsoft Word 2002 - 2007-->"C:\Program Files\OnMerge Images\unins000.exe"
Opal Player 2.12-->C:\WINDOWS\uninst.exe -fC:\OpalPlay\DeIsL2.isu
Paint.NET v3.08-->MsiExec.exe /X{83B26E5D-1795-4DFE-9317-0FA0F3AAB568}
Palm-->MsiExec.exe /X{0030188A-533E-42EE-9837-E044F10E4369}
Pat Sajaks Trivia Gems-->"C:\Program Files\Pat Sajaks Trivia Gems\ReflexiveArcade\unins000.exe"
Peggle Nights-->"C:\Program Files\Peggle Nights\ReflexiveArcade\unins000.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Puzzle Master 5-->C:\PROGRA~1\eGames\PUZZLE~1\UNWISE.EXE C:\PROGRA~1\eGames\PUZZLE~1\INSTALL.LOG
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
RealArcade-->C:\Program Files\Real\RealArcade\Update\rnuninst.exe RealNetworks|RealArcade|1.2
Rings of the Magi-->C:\PROGRA~1\eGames\RINGSO~1\UNWISE.EXE C:\PROGRA~1\eGames\RINGSO~1\INSTALL.LOG
Road to India-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\Microids\Road to India\UnInstall\setup.exe"
Sandlot Games Client Services 1.2.2-->"C:\Program Files\Common Files\Sandlot Shared\unins000.exe"
Sanitarium-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASC Games\Sanitarium\Uninst.isu"
Sansa Updater-->C:\Program Files\InstallShield Installation Information\{E2D7E05E-C8C7-45F4-8D89-D6696075E0B7}\setup.exe -runfromtemp -l0x0009 -removeonly
Secret Circuit-->C:\PROGRA~1\eGames\SECRET~1\UNWISE.EXE C:\PROGRA~1\eGames\SECRET~1\INSTALL.LOG
Security Update for Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spunin st.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\sp uninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\ spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\s puninst.exe"
Security Update for Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\ spuninst.exe"
Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\s puninst.exe"
Security Update for Windows Media Player 9 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP9$\spuninst\s puninst.exe"
Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spunin st.exe"
Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spunin st.exe"
Security Update for Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spunin st.exe"
Security Update for Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spunin st.exe"
Security Update for Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spunin st.exe"
Security Update for Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spunin st.exe"
Security Update for Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spunin st.exe"
Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spunin st.exe"
Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spunin st.exe"
Security Update for Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spunin st.exe"
Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spunin st.exe"
Security Update for Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spunin st.exe"
Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spunin st.exe"
Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spunin st.exe"
Security Update for Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spunin st.exe"
Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spunin st.exe"
Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spunin st.exe"
Security Update for Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spunin st.exe"
Security Update for Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spunin st.exe"
Security Update for Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spunin st.exe"
Security Update for Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spunin st.exe"
Security Update for Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spunin st.exe"
Security Update for Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spunin st.exe"
Security Update for Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spunin st.exe"
Security Update for Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spunin st.exe"
Security Update for Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spunin st.exe"
Security Update for Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spunin st.exe"
Security Update for Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spunin st.exe"
Security Update for Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spunin st.exe"
Security Update for Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spunin st.exe"
Security Update for Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spunin st.exe"
Security Update for Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spunin st.exe"
Security Update for Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spunin st.exe"
Security Update for Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spunin st.exe"
Security Update for Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spunin st.exe"
Security Update for Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spunin st.exe"
Security Update for Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spunin st.exe"
Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spunin st.exe"
Security Update for Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spunin st.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spunin st.exe"
Security Update for Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spunin st.exe"
Security Update for Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spunin st.exe"
Security Update for Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spunin st.exe"
Security Update for Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spunin st.exe"
Security Update for Windows XP (KB925454)-->"C:\WINDOWS\$NtUninstallKB925454$\spuninst\spunin st.exe"
Security Update for Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spunin st.exe"
Security Update for Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spunin st.exe"
Security Update for Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spunin st.exe"
Security Update for Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spunin st.exe"
Security Update for Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spunin st.exe"
Security Update for Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spunin st.exe"
Security Update for Windows XP (KB928090)-->"C:\WINDOWS\$NtUninstallKB928090$\spuninst\spunin st.exe"
Security Update for Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spunin st.exe"
Security Update for Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spunin st.exe"
Security Update for Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spunin st.exe"
Security Update for Windows XP (KB929969)-->"C:\WINDOWS\$NtUninstallKB929969$\spuninst\spunin st.exe"
Security Update for Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spunin st.exe"
Security Update for Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spunin st.exe"
Security Update for Windows XP (KB931768)-->"C:\WINDOWS\$NtUninstallKB931768$\spuninst\spunin st.exe"
Security Update for Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spunin st.exe"
Security Update for Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spunin st.exe"
Security Update for Windows XP (KB933566)-->"C:\WINDOWS\$NtUninstallKB933566$\spuninst\spunin st.exe"
Security Update for Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spunin st.exe"
Security Update for Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spunin st.exe"
Security Update for Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spunin st.exe"
Security Update for Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spunin st.exe"
Security Update for Windows XP (KB937143)-->"C:\WINDOWS\$NtUninstallKB937143$\spuninst\spunin st.exe"
Security Update for Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spunin st.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spunin st.exe"
Security Update for Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spunin st.exe"
Security Update for Windows XP (KB939653)-->"C:\WINDOWS\$NtUninstallKB939653$\spuninst\spunin st.exe"
Security Update for Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spunin st.exe"
Security Update for Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spunin st.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spunin st.exe"
Security Update for Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spunin st.exe"
Security Update for Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spunin st.exe"
Security Update for Windows XP (KB942615)-->"C:\WINDOWS\$NtUninstallKB942615$\spuninst\spunin st.exe"
Security Update for Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spunin st.exe"
Security Update for Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spunin st.exe"
Security Update for Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spunin st.exe"
Security Update for Windows XP (KB944338)-->"C:\WINDOWS\$NtUninstallKB944338$\spuninst\spunin st.exe"
Security Update for Windows XP (KB944533)-->"C:\WINDOWS\$NtUninstallKB944533$\spuninst\spunin st.exe"
Security Update for Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spunin st.exe"
Security Update for Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spunin st.exe"
Security Update for Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spunin st.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spunin st.exe"
Security Update for Windows XP (KB947864)-->"C:\WINDOWS\$NtUninstallKB947864$\spuninst\spunin st.exe"
Security Update for Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spunin st.exe"
Security Update for Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spunin st.exe"
Security Update for Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spunin st.exe"
Security Update for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spunin st.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spunin st.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spunin st.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spunin st.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spunin st.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spunin st.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spunin st.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spunin st.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spunin st.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spunin st.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spunin st.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spunin st.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spunin st.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spunin st.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spunin st.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spunin st.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spunin st.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spunin st.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spunin st.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spunin st.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spunin st.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spunin st.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spunin st.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spunin st.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spunin st.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spunin st.exe"
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EX E C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\Setup.exe" -l0x9 -remove -removeonly
Sliding Coins-->C:\PROGRA~1\eGames\SLIDIN~1\UNWISE.EXE C:\PROGRA~1\eGames\SLIDIN~1\INSTALL.LOG
smARTupdate-->C:\WINDOWS\iun6002.exe "C:\Program Files\Common Files\Skyscape\irunin.ini"
Snake Arena Special Edition-->C:\PROGRA~1\eGames\SNAKEA~1\UNWISE.EXE C:\PROGRA~1\eGames\SNAKEA~1\INSTALL.LOG
SplashPhoto-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A96D3ED0-E7B3-41F6-8BB5-F3C63D80901D}\setup.exe" -l0x9
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Tai Match-->C:\PROGRA~1\eGames\TAIMAT~1\UNWISE.EXE C:\PROGRA~1\eGames\TAIMAT~1\INSTALL.LOG
Tumblebugs 2-->"C:\Program Files\Tumblebugs 2\ReflexiveArcade\unins000.exe"
TV Guide Crosswords-->C:\PROGRA~1\eGames\TVGUID~1\UNWISE.EXE C:\PROGRA~1\eGames\TVGUID~1\INSTALL.LOG
Update for Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spunin st.exe"
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spunin st.exe"
Update for Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spunin st.exe"
Update for Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spunin st.exe"
Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spunin st.exe"
Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spunin st.exe"
Update for Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spunin st.exe"
Update for Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spunin st.exe"
Update for Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spunin st.exe"
Update for Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spunin st.exe"
Update for Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spunin st.exe"
Update for Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spunin st.exe"
Update for Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spunin st.exe"
Update for Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spunin st.exe"
Update for Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spunin st.exe"
Update for Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spunin st.exe"
Update for Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spunin st.exe"
Update for Windows XP (KB942840)-->"C:\WINDOWS\$NtUninstallKB942840$\spuninst\spunin st.exe"
Update for Windows XP (KB946627)-->"C:\WINDOWS\$NtUninstallKB946627$\spuninst\spunin st.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spunin st.exe"
Venice-->"C:\Program Files\Venice\ReflexiveArcade\unins000.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\ spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuni nst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst. exe"
Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spunins t.exe
Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spunins t.exe
Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spunins t.exe
Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spunins t.exe
Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spunins t.exe
Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spunins t.exe
Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spunin st.exe"
Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spunins t.exe
Word Connect-->C:\PROGRA~1\eGames\WORDCO~1\UNWISE.EXE C:\PROGRA~1\eGames\WORDCO~1\INSTALL.LOG
Word Web Deluxe-->"C:\Program Files\Word Web Deluxe\ReflexiveArcade\unins000.exe"
Zenerchi-->"C:\Program Files\Zenerchi\ReflexiveArcade\unins000.exe"

=====HijackThis Backups=====

O15 - Trusted Zone: *.line6.net

======Security center information======

AV: AVG 7.5.552

System event log

Computer Name: USER-AE0D5E5D1D
Event Code: 7035
Message: The Windows Installer service was successfully sent a start control.

Record Number: 26902
Source Name: Service Control Manager
Time Written: 20081206123732.000000-420
Event Type: information
User: NT AUTHORITY\SYSTEM

Computer Name: USER-AE0D5E5D1D
Event Code: 7036
Message: The IMAPI CD-Burning COM Service service entered the stopped state.

Record Number: 26901
Source Name: Service Control Manager
Time Written: 20081206123731.000000-420
Event Type: information
User:

Computer Name: USER-AE0D5E5D1D
Event Code: 7036
Message: The SSDP Discovery Service service entered the running state.

Record Number: 26900
Source Name: Service Control Manager
Time Written: 20081206123726.000000-420
Event Type: information
User:

Computer Name: USER-AE0D5E5D1D
Event Code: 7035
Message: The SSDP Discovery Service service was successfully sent a start control.

Record Number: 26899
Source Name: Service Control Manager
Time Written: 20081206123725.000000-420
Event Type: information
User: NT AUTHORITY\SYSTEM

Computer Name: USER-AE0D5E5D1D
Event Code: 7036
Message: The IMAPI CD-Burning COM Service service entered the running state.

Record Number: 26898
Source Name: Service Control Manager
Time Written: 20081206123723.000000-420
Event Type: information
User:

Application event log

Computer Name: USER-AE0D5E5D1D
Event Code: 1800
Message: The Windows Security Center Service has started.

Record Number: 1873
Source Name: SecurityCenter
Time Written: 20071204205722.000000-420
Event Type: information
User:

Computer Name: USER-AE0D5E5D1D
Event Code: 5000
Message:
Record Number: 1872
Source Name: McLogEvent
Time Written: 20071204205720.000000-420
Event Type: information
User: NT AUTHORITY\SYSTEM

Computer Name: USER-AE0D5E5D1D
Event Code: 0
Message:
Record Number: 1871
Source Name: gusvc
Time Written: 20071204205717.000000-420
Event Type: information
User:

Computer Name: USER-AE0D5E5D1D
Event Code: 1517
Message: Windows saved user USER-AE0D5E5D1D\VANESSA registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 1870
Source Name: Userenv
Time Written: 20071203223846.000000-420
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: USER-AE0D5E5D1D
Event Code: 5000
Message:
Record Number: 1869
Source Name: McLogEvent
Time Written: 20071203171018.000000-420
Event Type: information
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemr oot%\system32\wbem;C:\Program Files\Intel\DMIX;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;. WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
Reply With Quote
  #4 (permalink)   Top
Old 23rd February 2009, 03:14 AM
evilfantasy's Avatar
Security Team
  
Join Date: Dec 2007, 2,555 posts.
Location: Tulsa, OK
Reputation: evilfantasy will become famous soon enoughevilfantasy will become famous soon enough
Download Lop S&D by Eric_71 and save it to your Desktop. Lop S&D will only run on Windows XP and Windows Vista

Disable your antivirus and antimalware programs so they do not interfere with the running of Lop S&D. If needed see: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs


If you are using Windows Vista, right-click on LopSD.exe icon and select 'Run as administrator' to perform this scan.
  • Double-click Lop S&D.exe
  • Choose the language by typing of the corresponding letter and press Enter
  • Click OK at the informative window
  • Type 1, to choose Option 1 (Search) then press Enter
  • Wait until the end of the scan
  • A report will be generated, post the contents of it in your next reply.
A copy of the report can be found at this location: %systemdrive%\lopR.txt, in most cases C:\lopR.txt



----------

Download SmitfraudFix (by S!Ri) to your Desktop.
  • Extract all the files to your Desktop.
  • A folder named SmitfraudFix will be created on your Desktop.
  • Open the SmitfraudFix folder and double-click smitfraudfix.cmd
  • Select option #1 - Search by typing 1 and press Enter
    • This program will scan large amounts of files on your computer for known patterns so please be patient while it works.
    • When it is done, the results of the scan will be displayed and it will create a log named rapport.txt
      • This is in the root of your drive, eg: Local Disk C: or partition where your operating system is installed.
    • Please attach that log in your next reply.
  • Note: process.exe ( which is used by SmitFraudFIx ) is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP
__________________
.

ƃolq s’ʎsɐʇuɐɟlıʌǝ
Reply With Quote
  #5 (permalink)   Top
Old 24th February 2009, 02:00 AM
Senninha's Avatar
Newcomer
  
Join Date: Aug 2008, 21 posts.
Reputation: Senninha is on a distinguished road
Here is the lop log and I have attached the rapport log.


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : Default System BIOS
USER : VANESSA ( Administrator )
BOOT : Normal boot
Antivirus : AVG 7.5.552 7.5.552 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:232 Go (Free:203 Go)
D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( Mon 02/23/2009|18:52 )

--------------------\\ Listing folders in APPLIC~1

[02/21/2009|07:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[11/03/2007|08:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Alawar Stargaze
[02/21/2009|07:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
[02/21/2009|07:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[02/21/2009|01:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> avg7
[02/18/2008|05:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> BVRP Software
[12/15/2006|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CyberLink
[04/12/2008|02:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> EscapeTheMuseum
[09/07/2008|01:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FarmFrenzy2
[08/10/2008|05:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FLEXnet
[08/01/2008|10:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Flood Light Games
[09/04/2007|04:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FloodLightGames
[07/19/2008|09:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FreshGames
[06/01/2007|07:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Genimo
[10/11/2008|08:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Go Go Gourmet
[02/22/2009|06:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google Updater
[10/07/2008|06:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Grisoft
[03/07/2008|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> HiddenSecretsNightmare
[08/25/2007|02:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> HotSync
[09/25/2007|02:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> HP
[04/11/2008|11:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> JollyBear
[02/21/2009|02:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[05/12/2008|04:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[01/03/2008|09:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft Games
[04/14/2008|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> MonteCristo
[09/04/2007|03:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> MumboJumbo
[09/20/2008|11:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> MythPeople
[12/20/2008|02:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NevoSoft Games
[10/11/2008|06:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Oberon Games
[11/23/2008|04:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PlayFirst
[02/13/2007|09:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PopCap
[08/03/2007|06:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[01/26/2007|08:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Sandlot Games
[01/14/2008|05:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Sonic
[07/19/2008|08:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SpinTop Games
[02/21/2009|02:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SUPERAntiSpyware.com
[12/03/2007|12:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[12/10/2007|09:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[01/05/2008|12:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Zylom

[12/15/2006|11:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[01/15/2008|07:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft

[10/07/2008|06:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> AVG7
[10/07/2008|06:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft

[10/07/2008|06:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft

[12/24/2006|09:18] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> 7Wonders
[08/10/2008|05:34] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Adobe
[01/09/2007|07:20] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> AdobeAUM
[06/05/2008|09:08] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> AdobeUM
[02/21/2009|01:54] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> AVG7
[03/09/2008|07:27] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Big Fish Games
[03/15/2008|10:48] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> BloodTies
[03/21/2007|06:38] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Chicken Chase
[02/24/2007|11:07] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> CyberLink
[08/01/2008|10:37] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Flood Light Games
[09/04/2007|04:39] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> FloodLightGames
[05/03/2008|06:53] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Friday's games
[01/01/2009|01:41] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> GameInvest
[03/19/2008|10:06] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> GetRightToGo
[06/14/2007|08:29] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Google
[12/29/2007|12:18] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> gtk-2.0
[07/27/2007|10:06] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Help
[12/16/2007|12:01] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Home Sweet Home
[08/25/2007|02:34] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> HotSync
[09/25/2007|02:11] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> HP
[12/15/2006|11:58] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Identities
[04/19/2008|05:03] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Image Zone Express
[01/23/2008|10:25] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> InstallShield
[10/12/2008|09:37] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Jane s Hotel Family Hero
[07/16/2007|07:23] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Leadertech
[12/07/2008|12:22] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> LimeWire
[01/30/2008|11:35] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Line 6
[12/15/2007|03:54] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Macromedia
[09/04/2007|06:33] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Magic Academy
[02/21/2009|02:04] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Malwarebytes
[11/24/2008|07:19] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Meridian93
[09/09/2008|05:27] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Microsoft
[01/03/2008|09:25] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Microsoft Games
[11/23/2008|10:50] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> MysteryStudio
[09/04/2007|04:08] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Mysteryville2
[10/11/2008|06:34] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Oberon Games
[11/23/2008|04:40] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> PlayFirst
[01/01/2009|01:39] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Pogo Games
[10/03/2008|09:51] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Reflexivev1005
[07/20/2007|09:57] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Snapfish
[04/27/2008|04:23] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Sun
[02/21/2009|02:25] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> SUPERAntiSpyware.com
[10/13/2007|08:30] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Super-Cow
[08/09/2008|03:14] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> ViquaSoft
[05/25/2008|10:52] C:\DOCUME~1\VANESSA\APPLIC~1\<DIR> Wildfire

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[02/23/2009 07:43 AM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 05:01 AM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Program Files

[04/03/2008|01:35] C:\Program Files\<DIR> 3ivx
[12/27/2006|08:34] C:\Program Files\<DIR> 7 Wonders
[12/12/2007|08:54] C:\Program Files\<DIR> 7 Wonders II
[02/21/2009|07:08] C:\Program Files\<DIR> Adobe
[12/15/2006|12:40] C:\Program Files\<DIR> Ahead
[12/25/2008|03:30] C:\Program Files\<DIR> Airport Mania
[09/06/2008|09:37] C:\Program Files\<DIR> Alice Greenfingers
[11/23/2008|02:16] C:\Program Files\<DIR> Alice Greenfingers 2
[08/31/2008|02:29] C:\Program Files\<DIR> Alwil Software
[12/25/2008|11:41] C:\Program Files\<DIR> Amazing Adventures Around The World
[12/21/2007|08:39] C:\Program Files\<DIR> Amazing Photo Editor
[02/21/2009|07:09] C:\Program Files\<DIR> Apple Software Update
[12/24/2006|10:21] C:\Program Files\<DIR> ASC Games
[01/23/2008|10:25] C:\Program Files\<DIR> Avanquest update
[09/04/2007|05:58] C:\Program Files\<DIR> Bookworm Adventures Deluxe
[04/07/2007|05:06] C:\Program Files\<DIR> Bookworm Deluxe
[12/25/2008|03:31] C:\Program Files\<DIR> Cake Mania 3
[12/27/2006|09:55] C:\Program Files\<DIR> Cash Cow
[02/25/2008|09:38] C:\Program Files\<DIR> Cate West The Vanishing Files
[02/21/2009|02:17] C:\Program Files\<DIR> CCleaner
[12/01/2007|01:08] C:\Program Files\<DIR> Charm Tale
[10/04/2008|01:11] C:\Program Files\<DIR> Chocolatier 2
[08/06/2007|06:40] C:\Program Files\<DIR> Cisco Systems
[02/21/2009|05:31] C:\Program Files\<DIR> Common Files
[12/15/2006|11:50] C:\Program Files\<DIR> ComPlus Applications
[10/05/2008|04:50] C:\Program Files\<DIR> Cooking Dash
[07/27/2007|09:09] C:\Program Files\<DIR> Cosmi
[11/03/2007|08:25] C:\Program Files\<DIR> Cribbage Quest
[10/27/2007|09:00] C:\Program Files\<DIR> Cubis Gold 2
[12/15/2006|12:37] C:\Program Files\<DIR> CyberLink
[12/25/2008|03:30] C:\Program Files\<DIR> Diner Dash
[11/23/2008|08:33] C:\Program Files\<DIR> Diner Dash Flo Through Time
[10/11/2008|04:37] C:\Program Files\<DIR> Diner Dash Seasonal Snack Pack
[12/22/2006|07:38] C:\Program Files\<DIR> directx
[01/20/2007|03:01] C:\Program Files\<DIR> DNA
[12/25/2008|03:30] C:\Program Files\<DIR> Doggie Dash
[05/03/2008|06:52] C:\Program Files\<DIR> Dream Chronicles 2
[08/13/2008|08:39] C:\Program Files\<DIR> Dream Day Wedding 2
[07/27/2007|09:05] C:\Program Files\<DIR> eGames
[04/06/2007|09:26] C:\Program Files\<DIR> Egyptoid
[02/10/2007|07:13] C:\Program Files\<DIR> Enchanted Gardens
[09/15/2007|08:49] C:\Program Files\<DIR> Epocrates
[08/09/2008|02:51] C:\Program Files\<DIR> Eye For Design
[12/25/2008|03:29] C:\Program Files\<DIR> Farm Craft
[09/29/2008|11:53] C:\Program Files\<DIR> Farm Frenzy 2
[08/09/2008|12:24] C:\Program Files\<DIR> Fashion Dash
[12/31/2008|10:37] C:\Program Files\<DIR> Finding Doggy
[08/13/2008|08:39] C:\Program Files\<DIR> First Class Flurry
[04/09/2008|08:33] C:\Program Files\<DIR> Fishing Craze
[10/07/2007|04:54] C:\Program Files\<DIR> Gamehouse Sudoku
[12/15/2007|03:19] C:\Program Files\<DIR> GHOST Hunters The Haunting Of Majesty Manor
[12/15/2007|01:50] C:\Program Files\<DIR> GIMP-2.0
[10/12/2008|06:57] C:\Program Files\<DIR> Go Go Gourmet
[09/13/2007|07:58] C:\Program Files\<DIR> Gold Miner Joe
[08/18/2007|12:18] C:\Program Files\<DIR> Google
[10/07/2008|06:44] C:\Program Files\<DIR> Grisoft
[11/10/2007|01:17] C:\Program Files\<DIR> Hammer Heads Deluxe
[12/23/2006|11:13] C:\Program Files\<DIR> Hasbro Interactive
[09/25/2007|02:05] C:\Program Files\<DIR> Hewlett-Packard
[01/11/2009|09:39] C:\Program Files\<DIR> Hospital Hustle
[12/31/2008|10:37] C:\Program Files\<DIR> House Of Wonders The Kitty Kat Wedding
[09/25/2007|02:06] C:\Program Files\<DIR> HP
[02/03/2008|12:06] C:\Program Files\<DIR> Imikimi
[06/05/2008|09:08] C:\Program Files\<DIR> InstallShield Installation Information
[12/15/2006|12:25] C:\Program Files\<DIR> Intel
[12/15/2006|12:23] C:\Program Files\<DIR> Intel Audio Studio
[12/10/2008|12:04] C:\Program Files\<DIR> Internet Explorer
[12/29/2007|12:27] C:\Program Files\<DIR> IrfanView
[10/13/2008|07:32] C:\Program Files\<DIR> Janes Hotel Family Hero
[02/21/2009|04:03] C:\Program Files\<DIR> Java
[12/14/2008|08:15] C:\Program Files\<DIR> Lavenders Botanicals
[04/25/2008|11:51] C:\Program Files\<DIR> LimeWire
[12/27/2007|12:40] C:\Program Files\<DIR> Line6
[12/02/2007|12:46] C:\Program Files\<DIR> Luxor 2
[09/13/2007|07:54] C:\Program Files\<DIR> MadCaps
[12/14/2008|08:15] C:\Program Files\<DIR> Magic Farm
[11/10/2007|06:42] C:\Program Files\<DIR> Magic Inlay
[02/21/2009|02:04] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[08/12/2008|07:26] C:\Program Files\<DIR> Messenger
[12/22/2006|07:36] C:\Program Files\<DIR> Microids
[12/24/2006|02:53] C:\Program Files\<DIR> Microsoft ActiveSync
[12/15/2006|11:52] C:\Program Files\<DIR> microsoft frontpage
[05/05/2007|03:53] C:\Program Files\<DIR> Microsoft IntelliPoint
[12/24/2006|02:53] C:\Program Files\<DIR> Microsoft Office
[12/24/2006|02:53] C:\Program Files\<DIR> Microsoft Visual Studio
[12/24/2006|02:53] C:\Program Files\<DIR> Microsoft Works
[12/24/2006|02:53] C:\Program Files\<DIR> Microsoft.NET
[09/27/2008|06:29] C:\Program Files\<DIR> Miriel The Magical Merchant
[01/23/2008|11:09] C:\Program Files\<DIR> Motorola Phone Tools
[12/15/2006|11:56] C:\Program Files\<DIR> Movie Maker
[12/15/2006|11:49] C:\Program Files\<DIR> MSN
[12/15/2006|11:49] C:\Program Files\<DIR> MSN Gaming Zone
[12/15/2006|12:19] C:\Program Files\<DIR> MSXML 4.0
[04/03/2008|01:35] C:\Program Files\<DIR> muvee Technologies
[08/09/2008|02:42] C:\Program Files\<DIR> Mystery PI The Vegas Heist
[01/22/2007|09:26] C:\Program Files\<DIR> Mysteryville
[09/10/2007|04:55] C:\Program Files\<DIR> Mysteryville 2
[05/11/2008|06:59] C:\Program Files\<DIR> Natalie Brooks Secrets Of Treasure House
[12/15/2006|11:50] C:\Program Files\<DIR> NetMeeting
[12/15/2006|11:49] C:\Program Files\<DIR> Online Services
[11/22/2007|09:01] C:\Program Files\<DIR> OnMerge Images
[01/31/2009|02:25] C:\Program Files\<DIR> Operation Mania
[06/12/2007|09:37] C:\Program Files\<DIR> Outlook Express
[12/29/2007|06:04] C:\Program Files\<DIR> Paint.NET
[05/23/2008|01:56] C:\Program Files\<DIR> Palm
[02/11/2007|08:15] C:\Program Files\<DIR> Panda Craze
[02/10/2007|03:23] C:\Program Files\<DIR> Paparazzi
[01/14/2008|05:01] C:\Program Files\<DIR> Pat Sajaks Trivia Gems
[11/26/2008|10:38] C:\Program Files\<DIR> Peggle Nights
[04/07/2007|05:06] C:\Program Files\<DIR> Pirate Poppers
[03/28/2008|09:21] C:\Program Files\<DIR> PopCap Games
[02/21/2009|07:10] C:\Program Files\<DIR> QuickTime
[06/03/2007|04:41] C:\Program Files\<DIR> Real
[01/05/2008|12:06] C:\Program Files\<DIR> Real Estate Empire
[05/28/2007|11:05] C:\Program Files\<DIR> Reaxxion
[12/24/2006|09:15] C:\Program Files\<DIR> ReflexiveArcade
[12/25/2008|03:30] C:\Program Files\<DIR> Sallys Salon
[08/04/2008|12:13] C:\Program Files\<DIR> Sallys Spa
[05/12/2008|04:52] C:\Program Files\<DIR> SanDisk
[12/24/2007|10:50] C:\Program Files\<DIR> Santas Super Friends
[09/10/2007|04:55] C:\Program Files\<DIR> Secrets Of Great Art
[12/15/2006|12:23] C:\Program Files\<DIR> SigmaTel
[05/24/2008|02:20] C:\Program Files\<DIR> Skyscape
[12/01/2007|03:10] C:\Program Files\<DIR> Sparkle
[08/25/2007|03:07] C:\Program Files\<DIR> SplashData
[11/10/2007|01:17] C:\Program Files\<DIR> Sprill
[03/05/2007|08:59] C:\Program Files\<DIR> Sudoku Maya Gold
[01/12/2008|09:46] C:\Program Files\<DIR> Sunset Studio Deluxe
[03/28/2008|09:20] C:\Program Files\<DIR> Super Granny 3
[02/02/2008|03:08] C:\Program Files\<DIR> Super Granny 4
[09/04/2007|06:50] C:\Program Files\<DIR> Super Text Twist
[02/21/2009|02:25] C:\Program Files\<DIR> SUPERAntiSpyware
[11/24/2007|11:13] C:\Program Files\<DIR> Supercow
[04/18/2008|09:53] C:\Program Files\<DIR> The Count Of Monte Cristo
[10/29/2007|07:46] C:\Program Files\<DIR> The Scruffs
[02/21/2009|04:07] C:\Program Files\<DIR> Trend Micro
[11/10/2007|01:16] C:\Program Files\<DIR> Tumble Bugs
[05/25/2008|10:52] C:\Program Files\<DIR> Tumblebugs 2
[09/29/2008|11:53] C:\Program Files\<DIR> Turbo Fiesta
[12/25/2008|03:30] C:\Program Files\<DIR> Turbo Subs
[12/15/2006|11:58] C:\Program Files\<DIR> Uninstall Information
[09/04/2007|05:13] C:\Program Files\<DIR> Venice
[11/23/2008|02:16] C:\Program Files\<DIR> Wedding Dash 2
[12/10/2007|08:47] C:\Program Files\<DIR> Windows Media Connect 2
[12/10/2007|08:47] C:\Program Files\<DIR> Windows Media Player
[12/15/2006|11:49] C:\Program Files\<DIR> Windows NT
[12/15/2006|11:51] C:\Program Files\<DIR> WindowsUpdate
[08/02/2008|03:02] C:\Program Files\<DIR> Womens Murder Club Death In Scarlet
[12/31/2008|11:00] C:\Program Files\<DIR> Word Web Deluxe
[12/15/2006|11:52] C:\Program Files\<DIR> xerox
[09/04/2007|05:47] C:\Program Files\<DIR> Zenerchi
[05/28/2007|11:05] C:\Program Files\<DIR> Zuma Deluxe

--------------------\\ Listing Folders in C:\Program Files\Common Files

[08/10/2008|05:34] C:\Program Files\Common Files\<DIR> Adobe
[12/15/2006|12:40] C:\Program Files\Common Files\<DIR> Ahead
[12/24/2006|02:53] C:\Program Files\Common Files\<DIR> DESIGNER
[08/06/2007|07:23] C:\Program Files\Common Files\<DIR> Deterministic Networks
[12/27/2007|12:40] C:\Program Files\Common Files\<DIR> Digidesign
[09/25/2007|02:03] C:\Program Files\Common Files\<DIR> Hewlett-Packard
[01/14/2008|05:18] C:\Program Files\Common Files\<DIR> HP
[08/25/2007|02:34] C:\Program Files\Common Files\<DIR> InstallShield
[04/25/2008|11:48] C:\Program Files\Common Files\<DIR> Java
[12/24/2006|02:53] C:\Program Files\Common Files\<DIR> L&H
[08/10/2008|05:34] C:\Program Files\Common Files\<DIR> Macrovision Shared
[04/03/2008|01:35] C:\Program Files\Common Files\<DIR> Microsoft Shared
[01/23/2008|11:08] C:\Program Files\Common Files\<DIR> Motorola Shared
[12/15/2006|11:50] C:\Program Files\Common Files\<DIR> MSSoap
[04/03/2008|01:35] C:\Program Files\Common Files\<DIR> muvee Technologies
[12/16/2006|03:34] C:\Program Files\Common Files\<DIR> ODBC
[06/03/2007|04:41] C:\Program Files\Common Files\<DIR> Real
[08/18/2007|12:46] C:\Program Files\Common Files\<DIR> Sandlot Shared
[12/15/2006|11:50] C:\Program Files\Common Files\<DIR> Services
[05/24/2008|02:21] C:\Program Files\Common Files\<DIR> Skyscape
[01/14/2008|05:19] C:\Program Files\Common Files\<DIR> Sonic Shared
[12/16/2006|03:34] C:\Program Files\Common Files\<DIR> SpeechEngines
[06/12/2007|09:37] C:\Program Files\Common Files\<DIR> System
[02/21/2009|02:24] C:\Program Files\Common Files\<DIR> Wise Installation Wizard

--------------------\\ Process

( 43 Processes )

iexplore.exe ~ [PID:2192]
iexplore.exe ~ [PID:3216]
IEXPLORE.EXE ~ [PID:3540]

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

C:\DOCUME~1\VANESSA\Cookies\vanessa@wvmh.advertser ve[1].txt
C:\DOCUME~1\VANESSA\Cookies\vanessa@advertising[1].txt
C:\DOCUME~1\VANESSA\Cookies\vanessa@adopt.euroclic k[2].txt

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-23 18:53:26
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\VANESSA\My Documents\My Music\Pixies\Doolittle\09 Crackity Jones.mp3


[F:20][D:4]-> C:\DOCUME~1\VANESSA\LOCALS~1\Temp
[F:167][D:0]-> C:\DOCUME~1\VANESSA\Cookies
[F:16973][D:20]-> C:\DOCUME~1\VANESSA\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Mon 02/23/2009|18:54 - Option : [1]

--------------------\\ Scan completed at 18:54:14
Attached Files
File Type: txt rapport.txt (5.2 KB, 59 views)
Reply With Quote
  #6 (permalink)   Top
Old 24th February 2009, 02:15 PM
evilfantasy's Avatar
Security Team
  
Join Date: Dec 2007, 2,555 posts.
Location: Tulsa, OK
Reputation: evilfantasy will become famous soon enoughevilfantasy will become famous soon enough
I don't see it anywhere. Has it happened again?
__________________
.

ƃolq s’ʎsɐʇuɐɟlıʌǝ
Reply With Quote
  #7 (permalink)   Top
Old 26th February 2009, 02:03 AM
Senninha's Avatar
Newcomer
  
Join Date: Aug 2008, 21 posts.
Reputation: Senninha is on a distinguished road
So far so good. It has not happpened since the weekend. Very strange. If it happens again I will let you know.

Thank you again for all of your help.
Reply With Quote
  #8 (permalink)   Top
Old 26th February 2009, 02:15 AM
evilfantasy's Avatar
Security Team
  
Join Date: Dec 2007, 2,555 posts.
Location: Tulsa, OK
Reputation: evilfantasy will become famous soon enoughevilfantasy will become famous soon enough
OK let me know if it comes back.

You should update AVG 7.5 Free. Support ends for it in a few days.

Quote:
AVG Free Forum :: AVG 7.5 Update Issues :: AVG 7.5 Free - SUPPORT PROLONGED! - 28/02/2009
Support for AVG 7.5 Free will be provided until February 28, 2009. Please note, that this does not apply to AVG Anti-Spyware 7.5, it's support will be ended on December 31, 2008.

You can upgrade your AVG 7.5 product (for more details see FAQ 1250 - [free.avg.com]) at any time to benefit from the advanced, proactive protection of AVG 8.0 Free.

Note: AVG 8.0 supports only Windows 2000/XP/Vista (both x86 and x64 platforms).
__________________
.

ƃolq s’ʎsɐʇuɐɟlıʌǝ
Reply With Quote
  #9 (permalink)   Top
Old 28th February 2009, 05:24 PM
Senninha's Avatar
Newcomer
  
Join Date: Aug 2008, 21 posts.
Reputation: Senninha is on a distinguished road
I knew that would eventually happen. My only fear is that I have read so many negative post about the 8.0 version. It sucks up too many resources and slows down your computer. That is why I have stuck with the 7.5 version.

Any suggestions? Should I choose another program or try 8.0? I tried Avast before and it did not seem to work very good.
Reply With Quote
  #10 (permalink)   Top
Old 28th February 2009, 05:26 PM
evilfantasy's Avatar
Security Team
  
Join Date: Dec 2007, 2,555 posts.
Location: Tulsa, OK
Reputation: evilfantasy will become famous soon enoughevilfantasy will become famous soon enough
Avira AntiVir Personal
__________________
.

ƃolq s’ʎsɐʇuɐɟlıʌǝ
Reply With Quote
  #11 (permalink)   Top
Old 4th March 2009, 05:24 PM
The_JeKyL's Avatar
Newcomer
  
Join Date: Jan 2009, 18 posts.
Location: NY-Virginian
Reputation: The_JeKyL is on a distinguished road
A really really good program for removing Antivirus 360 is "Malwarebytes Antimalware --free version works wonders!! Our consultants at my job use it religiously for clients.
Reply With Quote
Reply

Only registered members can participate in forum threads. You must register or log in to contribute.


« Previous Thread | Next Thread »
Thread Tools

Forum Jump


All times are GMT. The time now is 09:38 PM.

Contact Us - Tech Support Team - Terms of Service - Top


Member Login
Forgot Password?



Post A Question!
Useful Links
Main Menu
Home
Forum Rules
FAQ
About Us
Welcome Pack
Search the forums
TST Mobile
Contact Us
Send Message

These are the 8 most used thread tags
Tag Cloud
geforce modem monitor no ring response no signal nvidia soft modem win7
Copyright © Tech Support Team, Inc. All rights reserved.
TechSupportTeam.org is an Privacy Policy and Legal Powered by vBulletin® Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 ©2008, Crawlability, Inc.