Jump to content
Sign in to follow this  
Madger

High CPU usage, virus popups

Recommended Posts

My internet speed was running very slow, accompanied by various popups. I ran Kaspersky and it detected and fixed various problems, and the internet speed is now improved. However, I still get popups and the computer in general is running slow :/. If anyone would take a look I'd freatly appreciate it D:.

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 2:09:13 PM, on 12/28/2008

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16764)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

C:\Windows\Explorer.EXE

C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe

C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe

C:\Program Files\PowerISO\PWRISOVM.EXE

C:\WINDOWS\System32\rundll32.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\AIM\aim.exe

C:\Program Files\PeerGuardian2\pg2.exe

C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe

C:\Windows\ehome\ehmsas.exe

C:\WINDOWS\System32\CTXFISPI.EXE

C:\Program Files\Zune\Zune.exe

C:\Program Files\Grisoft\AVG7\avgw.exe

C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: (no name) - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {f5429df8-144d-43f5-aea6-7541423543f2} - C:\Windows\system32\fobunayi.dll (file missing)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [MSConfig] "C:\WINDOWS\System32\msconfig.exe" /auto

O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"

O4 - HKLM\..\Run: [kisijimuda] Rundll32.exe "C:\Windows\system32\hapojute.dll",s

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl

O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'Default user')

O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe

O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O9 - Extra button: (no name) - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - (no file)

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O13 - Gopher Prefix:

O20 - AppInit_DLLs: C:\Windows\system32\wifufulu.dll C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\windows\system32\rogiwofi.dll c:\windows\system32\nabekafo.dll

O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll

O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\nabekafo.dll (file missing)

O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\nabekafo.dll (file missing)

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apache2 - Apache Software Foundation - C:\Program Files\Apache Group\Apache2\bin\Apache.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe

O23 - Service: Google Update Service (gupdate1c95fd9944f3678) (gupdate1c95fd9944f3678) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: MySQL - Unknown owner - C:\mysql\bin\mysqld-nt.exe

O23 - Service: MySQL4 - Unknown owner - C:\Program.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

 

--

End of file - 11011 bytes

 

log.txt:

 

Logfile of random's system information tool 1.05 (written by random/random)

Run by Zach at 2008-12-28 14:31:12

Microsoft® Windows Vista™ Home Premium

System drive C: has 23 GB (10%) free of 230 GB

Total RAM: 2046 MB (41% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 2:32:40 PM, on 12/28/2008

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16764)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

C:\Windows\Explorer.EXE

C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe

C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe

C:\Program Files\PowerISO\PWRISOVM.EXE

C:\WINDOWS\System32\rundll32.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\AIM\aim.exe

C:\Program Files\PeerGuardian2\pg2.exe

C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe

C:\Windows\ehome\ehmsas.exe

C:\WINDOWS\System32\CTXFISPI.EXE

C:\Program Files\Zune\Zune.exe

C:\Program Files\Grisoft\AVG7\avgw.exe

C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Users\Zach\Downloads\RSIT.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\Zach.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: (no name) - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {f5429df8-144d-43f5-aea6-7541423543f2} - C:\Windows\system32\fobunayi.dll (file missing)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [MSConfig] "C:\WINDOWS\System32\msconfig.exe" /auto

O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"

O4 - HKLM\..\Run: [kisijimuda] Rundll32.exe "C:\Windows\system32\hapojute.dll",s

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl

O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'Default user')

O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe

O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O9 - Extra button: (no name) - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - (no file)

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O13 - Gopher Prefix:

O20 - AppInit_DLLs: C:\Windows\system32\wifufulu.dll C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\windows\system32\rogiwofi.dll c:\windows\system32\nabekafo.dll

O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll

O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\nabekafo.dll (file missing)

O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\nabekafo.dll (file missing)

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apache2 - Apache Software Foundation - C:\Program Files\Apache Group\Apache2\bin\Apache.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe

O23 - Service: Google Update Service (gupdate1c95fd9944f3678) (gupdate1c95fd9944f3678) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: MySQL - Unknown owner - C:\mysql\bin\mysqld-nt.exe

O23 - Service: MySQL4 - Unknown owner - C:\Program.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

 

--

End of file - 11001 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Check Updates for Windows Live Toolbar.job

C:\Windows\tasks\GoogleUpdateTaskMachine.job

C:\Windows\tasks\User_Feed_Synchronization-{87C659EE-7BF7-4641-B968-49C3DD488AAA}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]

IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll [2008-11-11 62728]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f5429df8-144d-43f5-aea6-7541423543f2}]

C:\Windows\system32\fobunayi.dll []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll []

{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"VolPanel"=C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [2006-12-06 180224]

""= []

"AVG7_CC"=C:\PROGRA~1\Grisoft\AVG7\avgcc.exe [2008-12-22 590848]

"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [2007-07-12 132496]

"AAWTray"=C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe [2007-08-08 88024]

"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]

"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-08-28 86016]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-08-28 8473120]

"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-08-28 81920]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

"MSConfig"=C:\WINDOWS\System32\msconfig.exe [2006-11-02 222208]

"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2008-11-11 206088]

"kisijimuda"=C:\Windows\system32\hapojute.dll [2008-09-22 60928]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-09 1232896]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]

"AIM"=C:\Program Files\AIM\aim.exe [2005-08-05 67160]

"PeerGuardian"=C:\Program Files\PeerGuardian2\pg2.exe [2007-06-02 1457152]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\46287383]

C:\Windows\system32\jujimiva.dll [2008-12-25 87276]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AAWTray]

C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe [2007-08-08 88024]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]

C:\Program Files\AIM\aim.exe [2005-08-05 67160]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]

C:\Program Files\AIM6\aim6.exe /d locale=en-US ee://aol/imApp []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]

C:\Program Files\BitTorrent\bittorrent.exe --force_start_minimized []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTBFirstRun]

C:\Program Files\Hewlett-Packard\SDP\hprun.exe [2006-11-14 20480]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]

c:\Program Files\Common Files\Symantec Shared\ccApp.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]

C:\Windows\system32\CTHELPER.EXE [2006-12-18 19456]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]

C:\Windows\system32\CTXFIHLP.EXE [2006-12-18 19968]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTXFIREG]

C:\Windows\system32\CTxfiReg.exe [2006-12-18 43520]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]

C:\Program Files\DAEMON Tools\daemon.exe [2006-11-12 157592]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]

C:\Program Files\Electronic Arts\EADM\Core.exe [2008-05-16 2732032]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

c:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-17 49152]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPAdvisor]

C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2006-11-23 1480296]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]

c:\hp\support\hpsysdrv.exe [2006-09-28 65536]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz]

c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE REBOOT []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]

C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kisijimuda]

C:\Windows\system32\hapojute.dll [2008-09-22 60928]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

C:\Program Files\MSN Messenger\msnmsgr.exe /background []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]

C:\Windows\system32\nvsvc.dll [2007-08-28 86016]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osCheck]

c:\Program Files\Norton Internet Security\osCheck.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

C:\Program Files\Steam\Steam.exe [2008-11-12 1410296]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]

C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]

C:\Windows\UpdReg.EXE [2000-05-11 90112]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

C:\Program Files\Windows Defender\MSASCui.exe [2007-04-11 1006264]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]

c:\Program Files\Zune\ZuneLauncher.exe [2008-04-29 158624]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]

C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Connections.lnk]

C:\PROGRA~1\HPCONN~1\6811507\Program\HPCONN~1.EXE [2006-10-10 34520]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Monitor Apache Servers.lnk - C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="C:\Windows\system32\wifufulu.dll C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\windows\system32\rogiwofi.dll c:\windows\system32\nabekafo.dll"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgwlntf]

C:\Windows\system32\avgwlntf.dll [2007-03-07 9216]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]

C:\Windows\system32\klogon.dll [2008-11-11 218376]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\nabekafo.dll []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]

STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\nabekafo.dll []

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"notification packages"=scecli

C:\Windows\system32\wifufulu.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"LogonHoursAction"=2

"DontDisplayLogonHoursWarnings"=1

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"EnableLUA"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"

"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d9e579f6-d1d9-11db-9299-001a925d0e6f}]

shell\AutoRun\command - K:\RunGame.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ea7c5b69-c6c5-11db-b95a-806e6f6e6963}]

shell\AutoRun\command - E:\Installer.exe

 

 

======List of files/folders created in the last 1 months======

 

2008-12-28 14:31:12 ----D---- C:\rsit

2008-12-28 04:30:45 ----D---- C:\ProgramData\zivurosu

2008-12-28 04:30:45 ----D---- C:\ProgramData\kimemewa

2008-12-27 16:01:06 ----D---- C:\Program Files\Kaspersky Lab

2008-12-27 15:46:15 ----D---- C:\ProgramData\Kaspersky Lab Setup Files

2008-12-27 15:14:32 ----SH---- C:\Windows\system32\avimijuj.ini

2008-12-23 15:40:02 ----SH---- C:\Windows\system32\ihehepap.ini

2008-12-23 14:52:05 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy)

2008-12-23 14:52:05 ----D---- C:\Program Files\SDHelper (Spybot - Search & Destroy)

2008-12-23 14:52:05 ----D---- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)

2008-12-23 14:52:05 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)

2008-12-23 12:06:04 ----D---- C:\Program Files\Trend Micro

2008-12-22 20:35:11 ----SH---- C:\Windows\system32\urawolap.ini

2008-12-19 06:37:20 ----A---- C:\Windows\system32\mshtml.dll

2008-12-16 19:00:29 ----D---- C:\Users\Zach\AppData\Roaming\Google

2008-12-16 18:52:30 ----D---- C:\ProgramData\Google Updater

2008-12-16 18:52:27 ----D---- C:\Program Files\Google

2008-12-16 16:30:04 ----D---- C:\Program Files\Guitar Pro 5

2008-12-11 12:42:07 ----A---- C:\Windows\system32\tzres.dll

2008-12-10 16:35:39 ----A---- C:\Windows\system32\gameux.dll

2008-12-10 16:35:38 ----A---- C:\Windows\system32\Apphlpdm.dll

2008-12-10 16:35:37 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll

2008-12-10 16:34:40 ----A---- C:\Windows\system32\gdi32.dll

2008-12-10 16:34:30 ----A---- C:\Windows\system32\shell32.dll

2008-12-10 16:34:17 ----A---- C:\Windows\explorer.exe

2008-12-10 16:34:12 ----A---- C:\Windows\system32\urlmon.dll

2008-12-10 16:34:12 ----A---- C:\Windows\system32\ieframe.dll

2008-12-10 16:34:11 ----A---- C:\Windows\system32\wininet.dll

2008-12-10 16:34:11 ----A---- C:\Windows\system32\mshtmled.dll

2008-12-10 16:34:10 ----A---- C:\Windows\system32\pngfilt.dll

2008-12-10 16:34:10 ----A---- C:\Windows\system32\mstime.dll

2008-12-10 16:34:10 ----A---- C:\Windows\system32\jsproxy.dll

2008-12-10 16:34:10 ----A---- C:\Windows\system32\ieUnatt.exe

2008-12-10 16:34:10 ----A---- C:\Windows\system32\ieui.dll

2008-12-10 16:34:10 ----A---- C:\Windows\system32\iesetup.dll

2008-12-10 16:34:10 ----A---- C:\Windows\system32\iertutil.dll

2008-12-10 16:34:10 ----A---- C:\Windows\system32\iernonce.dll

2008-12-10 16:34:10 ----A---- C:\Windows\system32\ieapfltr.dll

2008-12-10 16:34:10 ----A---- C:\Windows\system32\ie4uinit.exe

2008-12-10 16:34:10 ----A---- C:\Windows\system32\icardie.dll

2008-12-10 16:34:10 ----A---- C:\Windows\system32\dxtrans.dll

2008-12-10 16:34:10 ----A---- C:\Windows\system32\dxtmsft.dll

2008-12-10 16:34:10 ----A---- C:\Windows\system32\advpack.dll

2008-12-10 16:34:04 ----A---- C:\Windows\system32\WMVCORE.DLL

2008-12-10 16:34:04 ----A---- C:\Windows\system32\WMNetMgr.dll

2008-12-10 16:34:04 ----A---- C:\Windows\system32\mf.dll

2008-12-10 16:34:03 ----A---- C:\Windows\system32\rrinstaller.exe

2008-12-10 16:34:03 ----A---- C:\Windows\system32\mfps.dll

2008-12-10 16:34:03 ----A---- C:\Windows\system32\mfpmp.exe

2008-12-10 16:34:03 ----A---- C:\Windows\system32\mferror.dll

2008-12-10 16:34:03 ----A---- C:\Windows\system32\logagent.exe

2008-12-05 15:34:17 ----D---- C:\ProgramData\Blizzard

2008-12-04 10:41:31 ----D---- C:\Temp

2008-12-02 19:04:55 ----D---- C:\ProgramData\2DBoy

2008-12-02 19:02:29 ----D---- C:\Program Files\WorldOfGoo

2008-12-02 16:22:44 ----D---- C:\Program Files\PeerGuardian2

2008-12-01 17:08:14 ----D---- C:\Program Files\M4P MP3 Converter

2008-12-01 16:32:45 ----A---- C:\Windows\system32\GEARAspi.dll

2008-12-01 16:32:44 ----DC---- C:\Windows\system32\DRVSTORE

2008-12-01 16:32:22 ----D---- C:\Program Files\iPod

2008-12-01 16:31:36 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

2008-12-01 16:31:36 ----D---- C:\Program Files\iTunes

2008-12-01 16:27:17 ----D---- C:\Program Files\Bonjour

2008-12-01 16:25:51 ----D---- C:\Program Files\QuickTime

2008-12-01 16:21:34 ----D---- C:\Program Files\Apple Software Update

2008-12-01 16:18:58 ----D---- C:\Program Files\Common Files\Apple

 

======List of files/folders modified in the last 1 months======

 

2008-12-28 14:32:22 ----D---- C:\Windows\Temp

2008-12-28 14:31:42 ----D---- C:\Windows\Prefetch

2008-12-28 14:25:08 ----D---- C:\Program Files\Mozilla Firefox

2008-12-28 14:23:05 ----D---- C:\ProgramData\Kaspersky Lab

2008-12-28 13:57:54 ----D---- C:\Windows\System32

2008-12-28 13:57:53 ----RHD---- C:\$VAULT$.AVG

2008-12-28 13:57:27 ----D---- C:\Users\Zach\AppData\Roaming\AVG7

2008-12-28 12:50:35 ----D---- C:\Program Files\Steam

2008-12-28 12:26:33 ----D---- C:\Windows\tracing

2008-12-28 04:30:45 ----HD---- C:\ProgramData

2008-12-27 16:30:42 ----ASH---- C:\Windows\system32\pupezeri.dll

2008-12-27 16:07:12 ----D---- C:\WINDOWS

2008-12-27 16:03:11 ----SHD---- C:\Windows\Installer

2008-12-27 16:02:46 ----D---- C:\Windows\system32\drivers

2008-12-27 16:02:27 ----D---- C:\Windows\system32\catroot

2008-12-27 16:02:27 ----D---- C:\Windows\inf

2008-12-27 16:01:06 ----RD---- C:\Program Files

2008-12-27 16:00:09 ----SHD---- C:\System Volume Information

2008-12-27 15:56:32 ----D---- C:\ProgramData\Spybot - Search & Destroy

2008-12-27 15:56:32 ----D---- C:\Program Files\Spybot - Search & Destroy

2008-12-27 15:54:19 ----D---- C:\Windows\system32\ZoneLabs

2008-12-27 15:54:17 ----D---- C:\Windows\Internet Logs

2008-12-25 21:40:28 ----A---- C:\Windows\system32\jujimiva.dll

2008-12-25 19:46:34 ----D---- C:\Windows\Tasks

2008-12-23 22:10:31 ----SD---- C:\Windows\Downloaded Program Files

2008-12-23 15:39:52 ----ASH---- C:\Windows\system32\rubolezo.dll

2008-12-23 15:39:52 ----ASH---- C:\Windows\system32\papehehi.dll

2008-12-23 12:35:38 ----D---- C:\Program Files\My.Freeze.com Toolbar with NetAssistant

2008-12-22 22:56:58 ----D---- C:\Program Files\DAEMON Tools

2008-12-22 19:29:37 ----A---- C:\Windows\system32\PnkBstrB.exe

2008-12-22 19:29:01 ----A---- C:\Windows\system32\PnkBstrA.exe

2008-12-21 16:54:39 ----D---- C:\Users\Zach\AppData\Roaming\teamspeak2

2008-12-21 13:05:47 ----D---- C:\Users\Zach\AppData\Roaming\uTorrent

2008-12-20 18:47:28 ----D---- C:\Fraps

2008-12-19 06:38:00 ----D---- C:\Windows\winsxs

2008-12-19 06:33:12 ----D---- C:\Windows\system32\catroot2

2008-12-18 19:06:41 ----D---- C:\Program Files\OpenOffice.org1.1.1

2008-12-16 18:54:06 ----D---- C:\Windows\system32\Tasks

2008-12-16 16:30:05 ----RSD---- C:\Windows\Fonts

2008-12-15 18:14:53 ----D---- C:\Program Files\Common Files\Steam

2008-12-12 06:59:08 ----ASH---- C:\Program Files\desktop.ini

2008-12-12 06:58:02 ----D---- C:\Windows\AppPatch

2008-12-12 06:58:02 ----D---- C:\Program Files\Windows Mail

2008-12-12 06:58:01 ----D---- C:\Windows\system32\en-US

2008-12-12 06:58:00 ----D---- C:\Windows\system32\migration

2008-12-12 06:58:00 ----D---- C:\Program Files\Internet Explorer

2008-12-07 16:00:06 ----AD---- C:\ProgramData\TEMP

2008-12-05 19:57:24 ----D---- C:\Program Files\World of Warcraft

2008-12-03 17:04:58 ----RD---- C:\Users

2008-12-01 16:18:58 ----D---- C:\Program Files\Common Files

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 AvgClean;AVG7 Clean Driver; C:\Windows\System32\Drivers\avgclean.sys [2008-12-20 10760]

R1 AvgMfx86;AVG Minifilter x86 Resident Driver; C:\Windows\System32\Drivers\avgmfx86.sys [2008-12-20 26952]

R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2008-07-21 121872]

R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2008-12-27 239632]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2008-07-09 20496]

R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-11-02 56572]

R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2007-05-03 188672]

R3 AvgWFP;AVG7 Firewall Driver x86; C:\Windows\System32\Drivers\avgwfp.sys [2008-12-22 53768]

R3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2006-12-19 170808]

R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2006-12-19 520248]

R3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2006-12-19 1323832]

R3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2006-12-19 73016]

R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2006-12-19 14648]

R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2006-12-19 157496]

R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2006-12-19 92984]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]

R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2006-12-19 1164088]

R3 hcw18bda;Hauppauge WinTV 418 Driver; C:\Windows\system32\drivers\hcw18bda.sys [2006-11-22 336000]

R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-05-04 1065384]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-08-28 7574976]

R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2006-12-19 126776]

R3 pgfilter;pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys [2007-06-02 8192]

R3 ProtoWall;ProtoWall Defender; C:\Windows\system32\DRIVERS\ProtoWall.sys [2004-01-28 22528]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]

S2 AvgTdi;AVG Network redirector; C:\Windows\System32\Drivers\avgtdi.sys []

S3 aqs7583t;aqs7583t; C:\Windows\system32\drivers\aqs7583t.sys []

S3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL [2006-12-19 98616]

S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2006-12-19 511288]

S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL [2006-12-19 552248]

S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\Windows\system32\drivers\ctdvda2k.sys [2006-12-19 347144]

S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2006-12-19 174392]

S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2006-12-19 286520]

S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2006-12-19 134968]

S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2006-12-19 329528]

S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL [2006-12-19 101176]

S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL [2006-12-19 566584]

S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]

S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\DRIVERS\LVUSBSta.sys [2007-10-12 41752]

S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]

S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]

S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]

S3 P9fd9rihnb;P9fd9rihnb; C:\Windows\system32\drivers\P9fd9rihnb.sys []

S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2007-10-12 490776]

S3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]

S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2006-11-02 71552]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]

S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]

R2 AVP;Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2008-11-11 206088]

R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]

R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2006-11-21 299008]

R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-16 168432]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]

R2 MySQL;MySQL; C:\mysql\bin\mysqld-nt MySQL []

R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-12-22 66872]

R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2008-12-22 103736]

R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]

R2 ZuneNetworkSvc;Zune Network Sharing Service; c:\Program Files\Zune\ZuneNss.exe [2008-04-29 5065120]

R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]

S2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-08-27 566616]

S2 Apache2;Apache2; C:\Program Files\Apache Group\Apache2\bin\Apache.exe [2008-01-17 20541]

S2 Avg7Alrt;AVG7 Alert Manager Server; C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe [2007-11-05 418816]

S2 Avg7UpdSvc;AVG7 Update Service; C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe [2007-03-07 49664]

S2 AvgCoreSvc;AVG7 Resident Shield Service; C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe [2007-06-29 192512]

S2 AVGEMS;AVG E-mail Scanner; C:\PROGRA~1\Grisoft\AVG7\avgemc.exe [2008-12-20 406528]

S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []

S2 gupdate1c95fd9944f3678;Google Update Service (gupdate1c95fd9944f3678); C:\Program Files\Google\Update\GoogleUpdate.exe [2008-12-16 119280]

S2 MySQL4;MySQL4; C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt --defaults-file=C:\Program Files\MySQL\MySQL Server 5.0\my.ini MySQL4 []

S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-08-16 68096]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]

S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-01-31 2975352]

S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-01 887544]

S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-12-13 104944]

S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 78752]

S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; c:\Windows\system32\ZuneWlanCfgSvc.exe [2008-04-29 245664]

S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\Windows\System32\tlntsvr.exe [2006-11-02 75776]

 

-----------------EOF-----------------

Edited by Madger

Share this post


Link to post
Share on other sites

info.txt :

 

info.txt logfile of random's system information tool 1.05 2008-12-28 14:32:57

 

======Uninstall list======

 

-->"C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009

-->"C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x0009

-->"C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009

-->"C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009

-->"C:\Program Files\Creative\Sound Blaster X-Fi\Program\SETUP.EXE" /S /U /W

-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"

-->"C:\Program Files\HP Games\Bistro Stars\Uninstall.exe"

-->"C:\Program Files\HP Games\Blackhawk Striker 2\Uninstall.exe"

-->"C:\Program Files\HP Games\Blasterball 2 Revolution\Uninstall.exe"

-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"

-->"C:\Program Files\HP Games\Boggle Supreme\Uninstall.exe"

-->"C:\Program Files\HP Games\Bookworm Deluxe\Uninstall.exe"

-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"

-->"C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"

-->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"

-->"C:\Program Files\HP Games\Family Feud\Uninstall.exe"

-->"C:\Program Files\HP Games\FATE\Uninstall.exe"

-->"C:\Program Files\HP Games\Final Drive Nitro\Uninstall.exe"

-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"

-->"C:\Program Files\HP Games\JEOPARDY\Uninstall.exe"

-->"C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"

-->"C:\Program Files\HP Games\LEGO Builder Bots\Uninstall.exe"

-->"C:\Program Files\HP Games\Mahjong Journey of Enlightenment\Uninstall.exe"

-->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"

-->"C:\Program Files\HP Games\Ocean Express\Uninstall.exe"

-->"C:\Program Files\HP Games\Penguins!\Uninstall.exe"

-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"

-->"C:\Program Files\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe"

-->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"

-->"C:\Program Files\HP Games\SCRABBLE\Uninstall.exe"

-->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"

-->"C:\Program Files\HP Games\Super Granny\Uninstall.exe"

-->"C:\Program Files\HP Games\The Apprentice\Uninstall.exe"

-->"C:\Program Files\HP Games\Tornado Jockey\Uninstall.exe"

-->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"

-->"C:\Program Files\HP Games\Wheel of Fortune\Uninstall.exe"

-->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER

-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B026740-A400-48FF-8F6B-B37C4F61C937}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B026740-A400-48FF-8F6B-B37C4F61C937}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA9944C8-7D34-475E-8C90-2788685B2C47}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C229589D-CC1A-43FF-9507-CDED3AB85325}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C229589D-CC1A-43FF-9507-CDED3AB85325}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DCCC08BD-FC52-4AEB-ACF8-6A5C06550468}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DCCC08BD-FC52-4AEB-ACF8-6A5C06550468}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9 /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9 /remove

7-Zip 4.20-->"C:\Program Files\7-Zip\Uninstall.exe"

AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe

Ace DivX Player-->"C:\Program Files\GustoSoft\Ace DivX Player\Uninstall.exe"

Ad-Aware 2007-->MsiExec.exe /X{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}

Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x9

Adobe Reader 7.0.9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}

AhaView-->"C:\Program Files\AhaView v4.0\uninstall.exe"

AOL Instant Messenger-->C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=

Apache HTTP Server 2.0.63-->MsiExec.exe /I{3A862C7D-0504-48BC-AEF8-7F7479C7C158}

Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

AVG 7.5-->C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL

Azureus Vuze-->C:\Program Files\Azureus\uninstall.exe

Bit Che-->"C:\Program Files\Bit Che\unins000.exe"

BitComet 0.97-->C:\Program Files\BitComet\uninst.exe

Blaze Media Pro-->"C:\ProgramData\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}\setup_blazemp.exe" REMOVE=TRUE MODIFY=FALSE

Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}

Call of Duty® - World at War-->C:\Program Files\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x0409

CEP - Color Enable Package-->"C:\PROGRA~1\EAGAME~1\zCEP_Uninstaller\unins000.exe"

Command & Conquer 3-->MsiExec.exe /I{B0C30E93-D3D9-4F04-A2AC-54749B573275}

Creative Audio Console-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove

Creative Audio Processing Object Interface Module-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA9944C8-7D34-475E-8C90-2788685B2C47}\setup.exe" -l0x9 /remove

Creative MediaSource 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\setup.exe" -l0x9 /remove

Dev-C++ 5 beta 9 release (4.9.9.2)-->"C:\Dev-Cpp\uninstall.exe"

DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC

DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER

DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER

DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN

EA Download Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} /l1033

Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u

ffdshow (remove only)-->"C:\Program Files\ffdshow\uninstall.exe"

Flock 1.2-->C:\Program Files\Flock\uninst.exe

Fraps (remove only)-->"C:\Fraps\uninstall.exe"

Frets On Fire-->"C:\Program Files\Frets on Fire\Uninstall.exe"

FrostWire 4.13.5-->C:\Program Files\FrostWire\Uninstall.exe

Game Cam 2.0-->C:\Program Files\Game Cam V2\uninst.exe

Game Cam-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DB52432E-3AD8-41A5-A586-0F065FB6A31E}\setup.exe"

Google Chrome-->"C:\Program Files\Google\Chrome\Application\1.0.154.36\Installer\setup.exe" --uninstall --system-level

Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}

Google Update-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall

Graph 4.3-->"C:\Program Files\Graph\unins000.exe"

GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly

GTA2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}\Setup.exe" -l0x9

GTK+ Runtime 2.10.11 rev b (remove only)-->C:\Program Files\Common Files\GTK\2.0\uninst.exe

Guitar Pro 5.2-->"C:\Program Files\Guitar Pro 5\unins000.exe"

Half-Life Dedicated Server Update Tool-->C:\PROGRA~1\Valve\HLServer\UNWISE.EXE C:\PROGRA~1\Valve\HLServer\INSTALL.LOG

Hardware Diagnostic Tools-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe

Highlight Viewer (Windows Live Toolbar)-->MsiExec.exe /X{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}

HijackThis 2.0.2-->"C:\Users\Zach\Desktop\HijackThis.exe" /uninstall

HP Connections (remove only)-->C:\Windows\HPCPCUninstall-6811507\HPBWSetup.exe -appid 6811507 -uninstall

HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly

HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}

HP Easy Setup - Core-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}\setup.exe" -l0x9

HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly

HP Picasso Media Center Add-In-->MsiExec.exe /I{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}

HP Total Care Advisor-->MsiExec.exe /X{CBFEEA43-2B94-44AF-8325-B413E62D2A5D}

HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}

iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}

J2SE Runtime Environment 5.0 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}

Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}

Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}

Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}

Kaspersky Online Scanner-->C:\Windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe

Left 4 Dead v1.0.0.5-->"C:\Program Files\Left4Dead\unins000.exe"

M4P MP3 Converter 1.0-->"C:\Program Files\M4P MP3 Converter\unins000.exe"

Map Button (Windows Live Toolbar)-->MsiExec.exe /X{7745B7A9-F323-4BB9-9811-01BF57A028DA}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}

mIRC-->C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC

Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

Mp3tag v2.39-->C:\Program Files\Mp3tag\Mp3tagUninstall.EXE

MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

muvee autoProducer 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{77CA976C-403C-47E2-940B-733ECAB6F62B}\setup.exe" -l0x9

My HP Games-->"C:\Program Files\HP Games\Uninstall.exe"

My.Freeze.com Toolbar with NetAssistant-->"C:\Program Files\My.Freeze.com Toolbar with NetAssistant\settings_uninstall_app.exe" --uninstall

MySQL Servers and Clients 4.0.18-->C:\Windows\IsUninst.exe -fC:\mysql\Uninst.isu

Norton 360-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_1_0_0_184\Temp{2D617065-1C52-4240-B5BC-C0AE12157777}.exe" /X

Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}

NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI

OpenAL-->"C:\Program Files\OpenAL\OALInst.exe" /U

Paint.NET v3.10-->MsiExec.exe /X{5E749AEB-5A19-43BA-BB20-3CBB37539FE4}

PeerGuardian 2.0-->"C:\Program Files\PeerGuardian2\unins000.exe"

Pidgin-->C:\Program Files\Pidgin\pidgin-uninst.exe

Pivot Stickfigure Animator-->MsiExec.exe /I{4251F52F-36DF-4A53-B9DC-7511A3133B28}

Plasma Pong v1.3b-->"C:\Program Files\Plasma Pong\unins000.exe"

PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"

PremiumSoft Navicat 8.0 for MySQL-->"C:\Program Files\PremiumSoft\Navicat 8.0 MySQL\unins000.exe"

ProtoWall 1.42 build 5300-->"C:\Program Files\Dudez\ProtoWall\unins000.exe"

Python 2.4.3-->MsiExec.exe /I{75E71ADD-042C-4F30-BFAC-A9EC42351313}

QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}

Q-Xpress Installer 1.1.9-->C:\Program Files\ModTheSims2.com\Q-Xpress Installer\uninst.exe

Roxio Creator Audio-->MsiExec.exe /X{83FFCFC7-88C6-41c6-8752-958A45325C82}

Roxio Creator Basic v9-->MsiExec.exe /X{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}

Roxio Creator Copy-->MsiExec.exe /X{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}

Roxio Creator Data-->MsiExec.exe /X{0D397393-9B50-4c52-84D5-77E344289F87}

Roxio Creator EasyArchive-->MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}

Roxio Creator Tools-->MsiExec.exe /X{0394CDC8-FABD-4ed8-B104-03393876DFDF}

Roxio Express Labeler 3-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}

Roxio MyDVD Basic v9-->MsiExec.exe /X{E4A02A3F-4F8A-4D94-BB99-68BC1D1CF6DB}

RPG Maker 2000 - Super Columbine Massacre RPG!-->C:\Windows\gamedelete.exe "C:\Program Files\ASCII\RPG2000\ColumbineRPG\RPG_RT.ind"

Security Task Manager 1.7d-->C:\Program Files\Security Task Manager\Uninstal.exe "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager"

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Smart Menus (Windows Live Toolbar)-->MsiExec.exe /X{F084395C-40FB-4DB3-981C-B51E74E1E83D}

Sound Blaster X-Fi-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}\setup.exe" -l0x9 /remove

SPORE™ Creature Creator Trial Edition-->"C:\Program Files\InstallShield Installation Information\{ECEE0279-785F-4CB3-9F28-E69813234BF8}\setup.exe" -runfromtemp -l0x0009 -removeonly

SQLyog Community 6.05-->C:\Program Files\SQLyog Community\uninst.exe

SSH Secure Shell-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}\Setup.exe"

Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}

StepMania (remove only)-->"C:\Program Files\StepMania\uninstall.exe"

System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe

TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"

The Sims™ 2 Double Deluxe-->C:\Program Files\EA GAMES\The Sims 2 Double Deluxe\EAUninstall.exe

Tremulous 1.1.0-->"C:\Program Files\Tremulous\uninstall.exe"

TrueCrypt-->"C:\Program Files\TrueCrypt\TrueCrypt Setup.exe" /u C:\Program Files\TrueCrypt\

UnzipThemAll 1.3-->"C:\Program Files\UnzipThemAll\unins000.exe"

Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}

Viewpoint Manager (Remove Only)-->C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k

Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u

Warcraft III-->C:\Windows\War3Unin.exe C:\Windows\War3Unin.dat

Warhammer Online - Age of Reckoning -->C:\Program Files\Electronic Arts\Warhammer Online - Age of Reckoning\uninst2.exe

Windows Live Favorites for Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}

Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}

Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}

Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}

Windows Live Toolbar Extension (Windows Live Toolbar)-->MsiExec.exe /X{341201D4-4F61-4ADB-987E-9CCE4D83A58D}

Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {D5A145FC-D00C-4F1A-9119-EB4D9D659750}

Windows Live Toolbar-->MsiExec.exe /X{D5A145FC-D00C-4F1A-9119-EB4D9D659750}

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

Wolfenstein - Enemy Territory-->C:\PROGRA~1\WOLFEN~1\Uninstall\Unwise.exe /u C:\PROGRA~1\WOLFEN~1\Uninstall\Install.log

World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe

Yahoo! Toolbar for Internet Explorer-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

Zune Language Pack (ES)-->MsiExec.exe /X{EE4ACABF-531E-419A-9225-B8E0FA4955AF}

Zune Language Pack (FR)-->MsiExec.exe /X{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}

Zune-->c:\Program Files\Zune\ZuneSetup.exe /x

Zune-->MsiExec.exe /X{FF70513F-E3A7-402F-84FB-B7810A064BE2}

 

=====HijackThis Backups=====

 

 

 

 

 

 

 

 

 

 

 

 

O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\gutasima.dll

O4 - HKLM\..\Run: [kisijimuda] Rundll32.exe "C:\Windows\system32\hapojute.dll",s

O4 - HKLM\..\Run: [CPM451b401f] Rundll32.exe "c:\windows\system32\gutasima.dll",a

O20 - AppInit_DLLs: C:\Windows\system32\wifufulu.dll c:\windows\system32\gutasima.dll

O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\gutasima.dll

O4 - HKLM\..\Run: [CPM451b401f] Rundll32.exe "c:\windows\system32\rubolezo.dll",a

R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

O4 - HKLM\..\Run: [46287383] rundll32.exe "C:\Windows\system32\papehehi.dll",b

O4 - HKLM\..\Run: [kisijimuda] Rundll32.exe "C:\Windows\system32\hapojute.dll",s

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: (no name) - {f5429df8-144d-43f5-aea6-7541423543f2} - C:\Windows\system32\fobunayi.dll (file missing)

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\rubolezo.dll

O20 - AppInit_DLLs: C:\Windows\system32\wifufulu.dll c:\windows\system32\rubolezo.dll

O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\rubolezo.dll

O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\rubolezo.dll

O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\rubolezo.dll

O20 - AppInit_DLLs: c:\windows\system32\rubolezo.dll,C:\Windows\system32\wifufulu.dll

O4 - HKLM\..\Run: [CPM451b401f] Rundll32.exe "c:\windows\system32\nabekafo.dll",a

O20 - AppInit_DLLs: C:\Windows\system32\wifufulu.dll c:\windows\system32\gutasima.dll c:\windows\system32\nabekafo.dll

O4 - HKLM\..\Run: [kisijimuda] Rundll32.exe "C:\Windows\system32\hapojute.dll",s

O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\nabekafo.dll

O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\nabekafo.dll

 

======Security center information======

 

AV: AVG 7.5.552

AV: Kaspersky Anti-Virus

AS: Windows Defender

AS: Kaspersky Anti-Virus

 

System event log

 

Computer Name: Zach-PC

Event Code: 14204

Message: Service 'WMPNetworkSvc' started.

Record Number: 142592

Source Name: Microsoft-Windows-WMPNSS-Service

Time Written: 20081228185603.000000-000

Event Type: Information

User:

 

Computer Name: Zach-PC

Event Code: 14204

Message: Service 'ZuneNetworkSvc' started.

Record Number: 142593

Source Name: ZuneNetworkSvc

Time Written: 20081228185627.000000-000

Event Type: Information

User:

 

Computer Name: Zach-PC

Event Code: 14206

Message: Media server 'ZACH-PC: Zach' was successfully initialized and is sharing media with connected media devices.

Record Number: 142594

Source Name: ZuneNetworkSvc

Time Written: 20081228185635.000000-000

Event Type: Information

User:

 

Computer Name: Zach-PC

Event Code: 10029

Message: DCOM started the service iPod Service with arguments "" in order to run the server:

{063D34A4-BF84-4B8D-B699-E8CA06504DDE}

Record Number: 142595

Source Name: Microsoft-Windows-DistributedCOM

Time Written: 20081228185726.000000-000

Event Type: Information

User:

 

Computer Name: Zach-PC

Event Code: 10029

Message: DCOM started the service TrustedInstaller with arguments "" in order to run the server:

{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Record Number: 142596

Source Name: Microsoft-Windows-DistributedCOM

Time Written: 20081228190951.000000-000

Event Type: Information

User:

 

Application event log

 

Computer Name: Zach-PC

Event Code: 1

Message: The Windows Security Center Service has started.

Record Number: 59576

Source Name: SecurityCenter

Time Written: 20081228185626.000000-000

Event Type: Information

User:

 

Computer Name: Zach-PC

Event Code: 0

Message:

Record Number: 59577

Source Name: iPod Service

Time Written: 20081228185726.000000-000

Event Type: Information

User:

 

Computer Name: Zach-PC

Event Code: 1001

Message: Fault bucket 423714315, type 5

Event Name: AppHangB1

Response: None

Cab Id: 0

 

Problem signature:

P1: avgcc.exe

P2: 7.5.0.545

P3: 48ca76ef

P4: bf48

P5: 2048

P6:

P7:

P8:

P9:

P10:

 

Attached files:

C:\Users\Zach\AppData\Local\Temp\WERC522.tmp.appcompat.txt

 

These files may be available here:

C:\Users\Zach\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report19cf6b40

Record Number: 59578

Source Name: Windows Error Reporting

Time Written: 20081228190113.000000-000

Event Type: Information

User:

 

Computer Name: Zach-PC

Event Code: 1002

Message: The program avgcc.exe version 7.5.0.545 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 1714 Start Time: 01c9691de77c0ed6 Termination Time: 3

Record Number: 59579

Source Name: Application Hang

Time Written: 20081228190113.000000-000

Event Type: Error

User:

 

Computer Name: Zach-PC

Event Code: 5

Message: Unsupported service control request (see data below)

Record Number: 59580

Source Name: LightScribeService

Time Written: 20081228193247.000000-000

Event Type: Information

User:

 

Security event log

 

Computer Name: Zach-PC

Event Code: 5038

Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

 

File Name: \Device\HarddiskVolume1\WINDOWS\System32\wifufulu.dll

Record Number: 213313

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20081228193453.155501-000

Event Type: Audit Failure

User:

 

Computer Name: Zach-PC

Event Code: 5038

Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

 

File Name: \Device\HarddiskVolume1\WINDOWS\System32\wifufulu.dll

Record Number: 213314

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20081228193453.174501-000

Event Type: Audit Failure

User:

 

Computer Name: Zach-PC

Event Code: 5038

Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

 

File Name: \Device\HarddiskVolume1\WINDOWS\System32\wifufulu.dll

Record Number: 213315

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20081228193453.201501-000

Event Type: Audit Failure

User:

 

Computer Name: Zach-PC

Event Code: 5038

Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

 

File Name: \Device\HarddiskVolume1\WINDOWS\System32\wifufulu.dll

Record Number: 213316

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20081228193453.235501-000

Event Type: Audit Failure

User:

 

Computer Name: Zach-PC

Event Code: 5038

Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

 

File Name: \Device\HarddiskVolume1\WINDOWS\System32\wifufulu.dll

Record Number: 213317

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20081228193453.268501-000

Event Type: Audit Failure

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\hp\bin\Python;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 67 Stepping 3, AuthenticAMD

"PROCESSOR_REVISION"=4303

"NUMBER_OF_PROCESSORS"=2

"RoxioCentral"=c:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\

"PLATFORM"=HPD

"PCBRAND"=Pavilion

"OnlineServices"=Online Services

"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip

 

-----------------EOF-----------------

Share this post


Link to post
Share on other sites

Hi Madger and welcome to The Pit,

 

Please visit the following webpage for instructions for downloading and running ComboFix

 

How to use ComboFix

 

 

Download ComboFix by sUBs from here, saving the file to your desktop.

 

 

Disable realtime protection applications as they sometimes interfere with the tool. Check this link for your applicable programs.

  • Close all open programs and windows
  • Double click ComboFix.exe and follow the prompts.
  • It may reboot your computer and resume running when you logon. Wait for it to complete. When finished, it will open a log for you. Post that log in your next reply.
Note: Do not mouseclick combofix's window while its running. That may cause it to stall

Share this post


Link to post
Share on other sites
Sign in to follow this  

×
×
  • Create New...